From: Al Viro <viro@zeniv.linux.org.uk>
To: Peter Xu <peterx@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-arch@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-ia64@vger.kernel.org, linux-hexagon@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, Michal Simek <monstr@monstr.eu>,
Dinh Nguyen <dinguyen@kernel.org>,
openrisc@lists.librecores.org, linux-parisc@vger.kernel.org,
linux-riscv@lists.infradead.org, sparclinux@vger.kernel.org
Subject: Re: [RFC][PATCHSET] VM_FAULT_RETRY fixes
Date: Sat, 4 Feb 2023 00:26:39 +0000 [thread overview]
Message-ID: <Y92mP1GT28KfnPEQ@ZenIV> (raw)
In-Reply-To: <Y9w/lrL6g4yauXz4@x1n>
On Thu, Feb 02, 2023 at 05:56:22PM -0500, Peter Xu wrote:
> IMHO it'll be merely impossible to merge things across most (if not to say,
> all) archs. It will need to be start from one or at least a few that still
> shares a major common base - I would still rely on x86 as a start - then we
> try to use the helper in as much archs as possible.
>
> Even on x86, I do also see challenges so I'm not sure whether a common
> enough routine can be abstracted indeed. But I believe there's a way to do
> this because obviously we still see tons of duplicated logics falling
> around. It may definitely need time to think out where's the best spot to
> start, and how to gradually move towards covering more archs starting from
> one.
FWIW, after going through everything from alpha to loongarch (in alphabetic
order, skipping the itanic) the following seems to be suitable for all of
them:
generic_fault(address, flags, vm_flags, regs)
{
struct mm_struct *mm = current->mm;
struct vm_area_struct *vma;
vm_fault_t fault;
perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
if (unlikely(!mmap_read_trylock(mm))) {
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs))) {
/*
* Fault from code in kernel from
* which we do not expect faults.
*/
return KERN;
}
retry:
mmap_read_lock(mm);
} else {
might_sleep();
#ifdef CONFIG_DEBUG_VM
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs)))
return KERN;
#endif
}
vma = find_vma(mm, address);
if (!vma)
goto Eunmapped;
if (unlikely(vma->vm_start > address)) {
if (!(vma->vm_flags & VM_GROWSDOWN))
goto Eunmapped;
if (addr < FIRST_USER_ADDRESS)
goto Eunmapped;
if (expand_stack(vma, address))
goto Eunmapped;
}
/* Ok, we have a good vm_area for this memory access, so
we can handle it. */
if (!(vma->vm_flags & vm_flags))
goto Eaccess;
/* If for any reason at all we couldn't handle the fault,
make sure we exit gracefully rather than endlessly redo
the fault. */
fault = handle_mm_fault(vma, address, flags, regs);
if (unlikely(fault & VM_FAULT_RETRY)) {
if (!(flags & FAULT_FLAG_USER)) {
if (fatal_signal_pending(current))
return KERN;
} else {
if (signal_pending(current))
return FOAD;
}
flags |= FAULT_FLAG_TRIED;
goto retry;
}
if (fault & VM_FAULT_COMPLETED)
return DONE;
mmap_read_unlock(mm);
if (likely(!(fault & VM_FAULT_ERROR)))
return DONE;
if (!(flags & FAULT_FLAG_USER))
return KERN;
if (fault & VM_FAULT_OOM) {
pagefault_out_of_memory();
return FOAD;
}
if (fault & VM_FAULT_SIGSEGV)
return SIGSEGV;
if (fault & VM_FAULT_SIGBUS)
return SIGBUS;
if (fault & VM_FAULT_HWPOISON)
return POISON + PAGE_SHIFT; // POISON == 256
if (fault & VM_FAULT_HWPOISON_LARGE)
return POISON + hstate_index_to_shift(VM_FAULT_GET_HINDEX(fault));
BUG();
Eunmapped:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? MAPERR : KERN;
Eaccess:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? ACCERR : KERN;
}
possible return values (and that's obviously not the identifiers to be
used for real; for now I'm just looking for feasibility of it all):
DONE success, nothing else to be done
FOAD OOM/fatal signal with VM_FAULT_RETRY/
signal with VM_FAULT_RETRY from userland - nothing
to be done here.
KERN kernel mode failed fault, fixup or oops
MAPERR unmapped address, SIGSEGV/SEGV_MAPERR for you
ACCERR nothing in vm_flags present in ->vm_flags of vma;
SIGSEGV/SEGV_ACCERR
SIGSEGV VM_FAULT_SIGSEGV; some architectures treat that
as SEGV_MAPERR, some as SEGV_ACCERR.
SIGBUS VM_FAULT_SIGBUS; SIGBUS/BUS_ADRERR
POISON + shift VM_FAULT_HWPOISON and VM_FAULT_HWPOISON_LARGE, with
log2(affected page size) encoded into return value.
This is obviously not even close to final helper, but... alpha, arc, arm, arm64,
csky, hexagon, loongarch convert to that cleanly.
Itanic very much does not (due to weird dual stacks, awful address space layout,
etc.), but then git rm arch/ia64 is long overdue.
Fairly typical look after conversion:
arc:
{
struct task_struct *tsk = current;
struct mm_struct *mm = tsk->mm;
unsigned int mask;
unsigned int flags;
unsigned int res;
/*
* NOTE! We MUST NOT take any locks for this case. We may
* be in an interrupt or a critical region, and should
* only copy the information from the master page table,
* nothing more.
*/
if (address >= VMALLOC_START && !user_mode(regs)) {
if (unlikely(handle_kernel_vaddr_fault(address)))
goto no_context;
else
return;
}
/*
* If we're in an interrupt or have no user
* context, we must not take the fault..
*/
if (faulthandler_disabled() || !mm)
goto no_context;
flags = FAULT_FLAG_DEFAULT;
if (user_mode(regs))
flags |= FAULT_FLAG_USER;
mask = VM_READ;
if (regs->ecr_cause & ECR_C_PROTV_STORE) { /* ST/EX */
flags |= FAULT_FLAG_WRITE;
mask = VM_WRITE;
} else if ((regs->ecr_vec == ECR_V_PROTV) &&
(regs->ecr_cause == ECR_C_PROTV_INST_FETCH)) {
mask = VM_EXEC;
}
res = generic_fault(address, flags, mask, regs);
if (likely(res == DONE))
return;
if (res == FOAD)
return;
if (res == KERN) {
no_context:
if (fixup_exception(regs))
return;
die("Oops", regs, address);
}
tsk->thread.fault_address = address;
if (res == SIGBUS)
force_sig_fault(SIGBUS, BUS_ADRERR, (void __user *) address);
else
force_sig_fault(SIGSEGV, res == ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
(void __user *) address);
}
Or this arm64:
{
const struct fault_info *inf;
struct mm_struct *mm = current->mm;
unsigned long vm_flags;
unsigned int mm_flags = FAULT_FLAG_DEFAULT;
unsigned long addr = untagged_addr(far);
unsigned int res;
if (kprobe_page_fault(regs, esr))
return 0;
/*
* If we're in an interrupt or have no user context, we must not take
* the fault.
*/
if (faulthandler_disabled() || !mm)
goto no_context;
if (user_mode(regs))
mm_flags |= FAULT_FLAG_USER;
/*
* vm_flags tells us what bits we must have in vma->vm_flags
* for the fault to be benign, __do_page_fault() would check
* vma->vm_flags & vm_flags and returns an error if the
* intersection is empty
*/
if (is_el0_instruction_abort(esr)) {
/* It was exec fault */
vm_flags = VM_EXEC;
mm_flags |= FAULT_FLAG_INSTRUCTION;
} else if (is_write_abort(esr)) {
/* It was write fault */
vm_flags = VM_WRITE;
mm_flags |= FAULT_FLAG_WRITE;
} else {
/* It was read fault */
vm_flags = VM_READ;
/* Write implies read */
vm_flags |= VM_WRITE;
/* If EPAN is absent then exec implies read */
if (!cpus_have_const_cap(ARM64_HAS_EPAN))
vm_flags |= VM_EXEC;
}
if (is_ttbr0_addr(addr) && is_el1_permission_fault(addr, esr, regs)) {
if (is_el1_instruction_abort(esr))
die_kernel_fault("execution of user memory",
addr, esr, regs);
if (!search_exception_tables(regs->pc))
die_kernel_fault("access to user memory outside uaccess routines",
addr, esr, regs);
}
res = generic_fault(addr, mm_flags, vm_flags, regs);
if (likely(res == DONE))
return 0;
if (res == FOAD)
return 0;
if (res == KERN) {
no_context:
__do_kernel_fault(addr, esr, regs);
return 0;
}
inf = esr_to_fault_info(esr);
set_thread_esr(addr, esr);
if (res == SIGBUS) {
/*
* We had some memory, but were unable to successfully fix up
* this page fault.
*/
arm64_force_sig_fault(SIGBUS, BUS_ADRERR, far, inf->name);
} else if (res > POISON) {
arm64_force_sig_mceerr(BUS_MCEERR_AR, far, res - POISON, inf->name);
} else {
/*
* Something tried to access memory that isn't in our memory
* map.
*/
arm64_force_sig_fault(SIGSEGV,
res == ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
far, inf->name);
}
return 0;
}
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Peter Xu <peterx@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-arch@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-ia64@vger.kernel.org, linux-hexagon@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, Michal Simek <monstr@monstr.eu>,
Dinh Nguyen <dinguyen@kernel.org>,
openrisc@lists.librecores.org, linux-parisc@vger.kernel.org,
linux-riscv@lists.infradead.org, sparclinux@vger.kernel.org
Subject: Re: [RFC][PATCHSET] VM_FAULT_RETRY fixes
Date: Sat, 4 Feb 2023 00:26:39 +0000 [thread overview]
Message-ID: <Y92mP1GT28KfnPEQ@ZenIV> (raw)
In-Reply-To: <Y9w/lrL6g4yauXz4@x1n>
On Thu, Feb 02, 2023 at 05:56:22PM -0500, Peter Xu wrote:
> IMHO it'll be merely impossible to merge things across most (if not to say,
> all) archs. It will need to be start from one or at least a few that still
> shares a major common base - I would still rely on x86 as a start - then we
> try to use the helper in as much archs as possible.
>
> Even on x86, I do also see challenges so I'm not sure whether a common
> enough routine can be abstracted indeed. But I believe there's a way to do
> this because obviously we still see tons of duplicated logics falling
> around. It may definitely need time to think out where's the best spot to
> start, and how to gradually move towards covering more archs starting from
> one.
FWIW, after going through everything from alpha to loongarch (in alphabetic
order, skipping the itanic) the following seems to be suitable for all of
them:
generic_fault(address, flags, vm_flags, regs)
{
struct mm_struct *mm = current->mm;
struct vm_area_struct *vma;
vm_fault_t fault;
perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
if (unlikely(!mmap_read_trylock(mm))) {
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs))) {
/*
* Fault from code in kernel from
* which we do not expect faults.
*/
return KERN;
}
retry:
mmap_read_lock(mm);
} else {
might_sleep();
#ifdef CONFIG_DEBUG_VM
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs)))
return KERN;
#endif
}
vma = find_vma(mm, address);
if (!vma)
goto Eunmapped;
if (unlikely(vma->vm_start > address)) {
if (!(vma->vm_flags & VM_GROWSDOWN))
goto Eunmapped;
if (addr < FIRST_USER_ADDRESS)
goto Eunmapped;
if (expand_stack(vma, address))
goto Eunmapped;
}
/* Ok, we have a good vm_area for this memory access, so
we can handle it. */
if (!(vma->vm_flags & vm_flags))
goto Eaccess;
/* If for any reason at all we couldn't handle the fault,
make sure we exit gracefully rather than endlessly redo
the fault. */
fault = handle_mm_fault(vma, address, flags, regs);
if (unlikely(fault & VM_FAULT_RETRY)) {
if (!(flags & FAULT_FLAG_USER)) {
if (fatal_signal_pending(current))
return KERN;
} else {
if (signal_pending(current))
return FOAD;
}
flags |= FAULT_FLAG_TRIED;
goto retry;
}
if (fault & VM_FAULT_COMPLETED)
return DONE;
mmap_read_unlock(mm);
if (likely(!(fault & VM_FAULT_ERROR)))
return DONE;
if (!(flags & FAULT_FLAG_USER))
return KERN;
if (fault & VM_FAULT_OOM) {
pagefault_out_of_memory();
return FOAD;
}
if (fault & VM_FAULT_SIGSEGV)
return SIGSEGV;
if (fault & VM_FAULT_SIGBUS)
return SIGBUS;
if (fault & VM_FAULT_HWPOISON)
return POISON + PAGE_SHIFT; // POISON == 256
if (fault & VM_FAULT_HWPOISON_LARGE)
return POISON + hstate_index_to_shift(VM_FAULT_GET_HINDEX(fault));
BUG();
Eunmapped:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? MAPERR : KERN;
Eaccess:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? ACCERR : KERN;
}
possible return values (and that's obviously not the identifiers to be
used for real; for now I'm just looking for feasibility of it all):
DONE success, nothing else to be done
FOAD OOM/fatal signal with VM_FAULT_RETRY/
signal with VM_FAULT_RETRY from userland - nothing
to be done here.
KERN kernel mode failed fault, fixup or oops
MAPERR unmapped address, SIGSEGV/SEGV_MAPERR for you
ACCERR nothing in vm_flags present in ->vm_flags of vma;
SIGSEGV/SEGV_ACCERR
SIGSEGV VM_FAULT_SIGSEGV; some architectures treat that
as SEGV_MAPERR, some as SEGV_ACCERR.
SIGBUS VM_FAULT_SIGBUS; SIGBUS/BUS_ADRERR
POISON + shift VM_FAULT_HWPOISON and VM_FAULT_HWPOISON_LARGE, with
log2(affected page size) encoded into return value.
This is obviously not even close to final helper, but... alpha, arc, arm, arm64,
csky, hexagon, loongarch convert to that cleanly.
Itanic very much does not (due to weird dual stacks, awful address space layout,
etc.), but then git rm arch/ia64 is long overdue.
Fairly typical look after conversion:
arc:
{
struct task_struct *tsk = current;
struct mm_struct *mm = tsk->mm;
unsigned int mask;
unsigned int flags;
unsigned int res;
/*
* NOTE! We MUST NOT take any locks for this case. We may
* be in an interrupt or a critical region, and should
* only copy the information from the master page table,
* nothing more.
*/
if (address >= VMALLOC_START && !user_mode(regs)) {
if (unlikely(handle_kernel_vaddr_fault(address)))
goto no_context;
else
return;
}
/*
* If we're in an interrupt or have no user
* context, we must not take the fault..
*/
if (faulthandler_disabled() || !mm)
goto no_context;
flags = FAULT_FLAG_DEFAULT;
if (user_mode(regs))
flags |= FAULT_FLAG_USER;
mask = VM_READ;
if (regs->ecr_cause & ECR_C_PROTV_STORE) { /* ST/EX */
flags |= FAULT_FLAG_WRITE;
mask = VM_WRITE;
} else if ((regs->ecr_vec == ECR_V_PROTV) &&
(regs->ecr_cause == ECR_C_PROTV_INST_FETCH)) {
mask = VM_EXEC;
}
res = generic_fault(address, flags, mask, regs);
if (likely(res == DONE))
return;
if (res == FOAD)
return;
if (res == KERN) {
no_context:
if (fixup_exception(regs))
return;
die("Oops", regs, address);
}
tsk->thread.fault_address = address;
if (res == SIGBUS)
force_sig_fault(SIGBUS, BUS_ADRERR, (void __user *) address);
else
force_sig_fault(SIGSEGV, res == ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
(void __user *) address);
}
Or this arm64:
{
const struct fault_info *inf;
struct mm_struct *mm = current->mm;
unsigned long vm_flags;
unsigned int mm_flags = FAULT_FLAG_DEFAULT;
unsigned long addr = untagged_addr(far);
unsigned int res;
if (kprobe_page_fault(regs, esr))
return 0;
/*
* If we're in an interrupt or have no user context, we must not take
* the fault.
*/
if (faulthandler_disabled() || !mm)
goto no_context;
if (user_mode(regs))
mm_flags |= FAULT_FLAG_USER;
/*
* vm_flags tells us what bits we must have in vma->vm_flags
* for the fault to be benign, __do_page_fault() would check
* vma->vm_flags & vm_flags and returns an error if the
* intersection is empty
*/
if (is_el0_instruction_abort(esr)) {
/* It was exec fault */
vm_flags = VM_EXEC;
mm_flags |= FAULT_FLAG_INSTRUCTION;
} else if (is_write_abort(esr)) {
/* It was write fault */
vm_flags = VM_WRITE;
mm_flags |= FAULT_FLAG_WRITE;
} else {
/* It was read fault */
vm_flags = VM_READ;
/* Write implies read */
vm_flags |= VM_WRITE;
/* If EPAN is absent then exec implies read */
if (!cpus_have_const_cap(ARM64_HAS_EPAN))
vm_flags |= VM_EXEC;
}
if (is_ttbr0_addr(addr) && is_el1_permission_fault(addr, esr, regs)) {
if (is_el1_instruction_abort(esr))
die_kernel_fault("execution of user memory",
addr, esr, regs);
if (!search_exception_tables(regs->pc))
die_kernel_fault("access to user memory outside uaccess routines",
addr, esr, regs);
}
res = generic_fault(addr, mm_flags, vm_flags, regs);
if (likely(res == DONE))
return 0;
if (res == FOAD)
return 0;
if (res == KERN) {
no_context:
__do_kernel_fault(addr, esr, regs);
return 0;
}
inf = esr_to_fault_info(esr);
set_thread_esr(addr, esr);
if (res == SIGBUS) {
/*
* We had some memory, but were unable to successfully fix up
* this page fault.
*/
arm64_force_sig_fault(SIGBUS, BUS_ADRERR, far, inf->name);
} else if (res > POISON) {
arm64_force_sig_mceerr(BUS_MCEERR_AR, far, res - POISON, inf->name);
} else {
/*
* Something tried to access memory that isn't in our memory
* map.
*/
arm64_force_sig_fault(SIGSEGV,
res == ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
far, inf->name);
}
return 0;
}
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Peter Xu <peterx@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-arch@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-ia64@vger.kernel.org, linux-hexagon@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, Michal Simek <monstr@monstr.eu>,
Dinh Nguyen <dinguyen@kernel.org>,
openrisc@lists.librecores.org, linux-parisc@vger.kernel.org,
linux-riscv@lists.infradead.org, sparclinux@vger.kernel.org
Subject: Re: [RFC][PATCHSET] VM_FAULT_RETRY fixes
Date: Sat, 04 Feb 2023 00:26:39 +0000 [thread overview]
Message-ID: <Y92mP1GT28KfnPEQ@ZenIV> (raw)
In-Reply-To: <Y9w/lrL6g4yauXz4@x1n>
On Thu, Feb 02, 2023 at 05:56:22PM -0500, Peter Xu wrote:
> IMHO it'll be merely impossible to merge things across most (if not to say,
> all) archs. It will need to be start from one or at least a few that still
> shares a major common base - I would still rely on x86 as a start - then we
> try to use the helper in as much archs as possible.
>
> Even on x86, I do also see challenges so I'm not sure whether a common
> enough routine can be abstracted indeed. But I believe there's a way to do
> this because obviously we still see tons of duplicated logics falling
> around. It may definitely need time to think out where's the best spot to
> start, and how to gradually move towards covering more archs starting from
> one.
FWIW, after going through everything from alpha to loongarch (in alphabetic
order, skipping the itanic) the following seems to be suitable for all of
them:
generic_fault(address, flags, vm_flags, regs)
{
struct mm_struct *mm = current->mm;
struct vm_area_struct *vma;
vm_fault_t fault;
perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
if (unlikely(!mmap_read_trylock(mm))) {
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs))) {
/*
* Fault from code in kernel from
* which we do not expect faults.
*/
return KERN;
}
retry:
mmap_read_lock(mm);
} else {
might_sleep();
#ifdef CONFIG_DEBUG_VM
if (!(flags & FAULT_FLAG_USER) &&
!search_exception_tables(instruction_pointer(regs)))
return KERN;
#endif
}
vma = find_vma(mm, address);
if (!vma)
goto Eunmapped;
if (unlikely(vma->vm_start > address)) {
if (!(vma->vm_flags & VM_GROWSDOWN))
goto Eunmapped;
if (addr < FIRST_USER_ADDRESS)
goto Eunmapped;
if (expand_stack(vma, address))
goto Eunmapped;
}
/* Ok, we have a good vm_area for this memory access, so
we can handle it. */
if (!(vma->vm_flags & vm_flags))
goto Eaccess;
/* If for any reason at all we couldn't handle the fault,
make sure we exit gracefully rather than endlessly redo
the fault. */
fault = handle_mm_fault(vma, address, flags, regs);
if (unlikely(fault & VM_FAULT_RETRY)) {
if (!(flags & FAULT_FLAG_USER)) {
if (fatal_signal_pending(current))
return KERN;
} else {
if (signal_pending(current))
return FOAD;
}
flags |= FAULT_FLAG_TRIED;
goto retry;
}
if (fault & VM_FAULT_COMPLETED)
return DONE;
mmap_read_unlock(mm);
if (likely(!(fault & VM_FAULT_ERROR)))
return DONE;
if (!(flags & FAULT_FLAG_USER))
return KERN;
if (fault & VM_FAULT_OOM) {
pagefault_out_of_memory();
return FOAD;
}
if (fault & VM_FAULT_SIGSEGV)
return SIGSEGV;
if (fault & VM_FAULT_SIGBUS)
return SIGBUS;
if (fault & VM_FAULT_HWPOISON)
return POISON + PAGE_SHIFT; // POISON = 256
if (fault & VM_FAULT_HWPOISON_LARGE)
return POISON + hstate_index_to_shift(VM_FAULT_GET_HINDEX(fault));
BUG();
Eunmapped:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? MAPERR : KERN;
Eaccess:
mmap_read_unlock(mm);
return flags & FAULT_FLAG_USER ? ACCERR : KERN;
}
possible return values (and that's obviously not the identifiers to be
used for real; for now I'm just looking for feasibility of it all):
DONE success, nothing else to be done
FOAD OOM/fatal signal with VM_FAULT_RETRY/
signal with VM_FAULT_RETRY from userland - nothing
to be done here.
KERN kernel mode failed fault, fixup or oops
MAPERR unmapped address, SIGSEGV/SEGV_MAPERR for you
ACCERR nothing in vm_flags present in ->vm_flags of vma;
SIGSEGV/SEGV_ACCERR
SIGSEGV VM_FAULT_SIGSEGV; some architectures treat that
as SEGV_MAPERR, some as SEGV_ACCERR.
SIGBUS VM_FAULT_SIGBUS; SIGBUS/BUS_ADRERR
POISON + shift VM_FAULT_HWPOISON and VM_FAULT_HWPOISON_LARGE, with
log2(affected page size) encoded into return value.
This is obviously not even close to final helper, but... alpha, arc, arm, arm64,
csky, hexagon, loongarch convert to that cleanly.
Itanic very much does not (due to weird dual stacks, awful address space layout,
etc.), but then git rm arch/ia64 is long overdue.
Fairly typical look after conversion:
arc:
{
struct task_struct *tsk = current;
struct mm_struct *mm = tsk->mm;
unsigned int mask;
unsigned int flags;
unsigned int res;
/*
* NOTE! We MUST NOT take any locks for this case. We may
* be in an interrupt or a critical region, and should
* only copy the information from the master page table,
* nothing more.
*/
if (address >= VMALLOC_START && !user_mode(regs)) {
if (unlikely(handle_kernel_vaddr_fault(address)))
goto no_context;
else
return;
}
/*
* If we're in an interrupt or have no user
* context, we must not take the fault..
*/
if (faulthandler_disabled() || !mm)
goto no_context;
flags = FAULT_FLAG_DEFAULT;
if (user_mode(regs))
flags |= FAULT_FLAG_USER;
mask = VM_READ;
if (regs->ecr_cause & ECR_C_PROTV_STORE) { /* ST/EX */
flags |= FAULT_FLAG_WRITE;
mask = VM_WRITE;
} else if ((regs->ecr_vec = ECR_V_PROTV) &&
(regs->ecr_cause = ECR_C_PROTV_INST_FETCH)) {
mask = VM_EXEC;
}
res = generic_fault(address, flags, mask, regs);
if (likely(res = DONE))
return;
if (res = FOAD)
return;
if (res = KERN) {
no_context:
if (fixup_exception(regs))
return;
die("Oops", regs, address);
}
tsk->thread.fault_address = address;
if (res = SIGBUS)
force_sig_fault(SIGBUS, BUS_ADRERR, (void __user *) address);
else
force_sig_fault(SIGSEGV, res = ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
(void __user *) address);
}
Or this arm64:
{
const struct fault_info *inf;
struct mm_struct *mm = current->mm;
unsigned long vm_flags;
unsigned int mm_flags = FAULT_FLAG_DEFAULT;
unsigned long addr = untagged_addr(far);
unsigned int res;
if (kprobe_page_fault(regs, esr))
return 0;
/*
* If we're in an interrupt or have no user context, we must not take
* the fault.
*/
if (faulthandler_disabled() || !mm)
goto no_context;
if (user_mode(regs))
mm_flags |= FAULT_FLAG_USER;
/*
* vm_flags tells us what bits we must have in vma->vm_flags
* for the fault to be benign, __do_page_fault() would check
* vma->vm_flags & vm_flags and returns an error if the
* intersection is empty
*/
if (is_el0_instruction_abort(esr)) {
/* It was exec fault */
vm_flags = VM_EXEC;
mm_flags |= FAULT_FLAG_INSTRUCTION;
} else if (is_write_abort(esr)) {
/* It was write fault */
vm_flags = VM_WRITE;
mm_flags |= FAULT_FLAG_WRITE;
} else {
/* It was read fault */
vm_flags = VM_READ;
/* Write implies read */
vm_flags |= VM_WRITE;
/* If EPAN is absent then exec implies read */
if (!cpus_have_const_cap(ARM64_HAS_EPAN))
vm_flags |= VM_EXEC;
}
if (is_ttbr0_addr(addr) && is_el1_permission_fault(addr, esr, regs)) {
if (is_el1_instruction_abort(esr))
die_kernel_fault("execution of user memory",
addr, esr, regs);
if (!search_exception_tables(regs->pc))
die_kernel_fault("access to user memory outside uaccess routines",
addr, esr, regs);
}
res = generic_fault(addr, mm_flags, vm_flags, regs);
if (likely(res = DONE))
return 0;
if (res = FOAD)
return 0;
if (res = KERN) {
no_context:
__do_kernel_fault(addr, esr, regs);
return 0;
}
inf = esr_to_fault_info(esr);
set_thread_esr(addr, esr);
if (res = SIGBUS) {
/*
* We had some memory, but were unable to successfully fix up
* this page fault.
*/
arm64_force_sig_fault(SIGBUS, BUS_ADRERR, far, inf->name);
} else if (res > POISON) {
arm64_force_sig_mceerr(BUS_MCEERR_AR, far, res - POISON, inf->name);
} else {
/*
* Something tried to access memory that isn't in our memory
* map.
*/
arm64_force_sig_fault(SIGSEGV,
res = ACCERR ? SEGV_ACCERR : SEGV_MAPERR,
far, inf->name);
}
return 0;
}
next prev parent reply other threads:[~2023-02-04 0:26 UTC|newest]
Thread overview: 120+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-31 20:02 [RFC][PATCHSET] VM_FAULT_RETRY fixes Al Viro
2023-01-31 20:02 ` Al Viro
2023-01-31 20:03 ` [PATCH 01/10] alpha: fix livelock in uaccess Al Viro
2023-01-31 20:03 ` Al Viro
2023-03-07 0:48 ` patchwork-bot+linux-riscv
2023-03-07 0:48 ` patchwork-bot+linux-riscv
2023-01-31 20:03 ` [PATCH 02/10] hexagon: " Al Viro
2023-01-31 20:03 ` Al Viro
2023-02-10 2:59 ` Brian Cain
2023-02-10 2:59 ` Brian Cain
2023-01-31 20:04 ` [PATCH 03/10] ia64: " Al Viro
2023-01-31 20:04 ` Al Viro
2023-01-31 20:04 ` [PATCH 04/10] m68k: " Al Viro
2023-01-31 20:04 ` Al Viro
2023-02-05 6:18 ` Finn Thain
2023-02-05 6:18 ` Finn Thain
2023-02-05 6:18 ` Finn Thain
2023-02-05 18:51 ` Linus Torvalds
2023-02-05 18:51 ` Linus Torvalds
2023-02-05 18:51 ` Linus Torvalds
2023-02-07 3:07 ` Finn Thain
2023-02-07 3:07 ` Finn Thain
2023-02-07 3:07 ` Finn Thain
2023-02-05 20:39 ` Al Viro
2023-02-05 20:39 ` Al Viro
2023-02-05 20:39 ` Al Viro
2023-02-05 20:41 ` Linus Torvalds
2023-02-05 20:41 ` Linus Torvalds
2023-02-05 20:41 ` Linus Torvalds
2023-02-06 12:08 ` Geert Uytterhoeven
2023-02-06 12:08 ` Geert Uytterhoeven
2023-02-06 12:08 ` Geert Uytterhoeven
2023-01-31 20:05 ` [PATCH 05/10] microblaze: " Al Viro
2023-01-31 20:05 ` Al Viro
2023-01-31 20:05 ` [PATCH 06/10] nios2: " Al Viro
2023-01-31 20:05 ` Al Viro
2023-01-31 20:06 ` [PATCH 07/10] openrisc: " Al Viro
2023-01-31 20:06 ` Al Viro
2023-01-31 20:06 ` [PATCH 08/10] parisc: " Al Viro
2023-01-31 20:06 ` Al Viro
2023-02-06 16:58 ` Helge Deller
2023-02-06 16:58 ` Helge Deller
2023-02-06 16:58 ` Helge Deller
2023-02-28 17:34 ` Al Viro
2023-02-28 17:34 ` Al Viro
2023-02-28 18:26 ` Helge Deller
2023-02-28 19:14 ` Al Viro
2023-02-28 19:32 ` Helge Deller
2023-02-28 20:00 ` Helge Deller
2023-02-28 20:22 ` Helge Deller
2023-02-28 22:57 ` Al Viro
2023-03-01 4:00 ` Helge Deller
2023-03-02 17:53 ` Al Viro
2023-02-28 15:22 ` Guenter Roeck
2023-02-28 15:22 ` Guenter Roeck
2023-02-28 15:22 ` Guenter Roeck
2023-02-28 19:18 ` Michael Schmitz
2023-02-28 19:18 ` Michael Schmitz
2023-02-28 19:18 ` Michael Schmitz
2023-01-31 20:06 ` [PATCH 09/10] riscv: " Al Viro
2023-01-31 20:06 ` Al Viro
2023-02-06 20:06 ` Björn Töpel
2023-02-06 20:06 ` Björn Töpel
2023-02-06 20:06 ` Björn Töpel
2023-02-07 16:11 ` Geert Uytterhoeven
2023-02-07 16:11 ` Geert Uytterhoeven
2023-02-07 16:11 ` Geert Uytterhoeven
2023-01-31 20:07 ` [PATCH 10/10] sparc: " Al Viro
2023-01-31 20:07 ` Al Viro
2023-01-31 20:24 ` [RFC][PATCHSET] VM_FAULT_RETRY fixes Linus Torvalds
2023-01-31 20:24 ` Linus Torvalds
2023-01-31 20:24 ` Linus Torvalds
2023-01-31 21:10 ` Al Viro
2023-01-31 21:10 ` Al Viro
2023-01-31 21:19 ` Linus Torvalds
2023-01-31 21:19 ` Linus Torvalds
2023-01-31 21:19 ` Linus Torvalds
2023-01-31 21:49 ` Al Viro
2023-01-31 21:49 ` Al Viro
2023-02-01 0:00 ` Linus Torvalds
2023-02-01 0:00 ` Linus Torvalds
2023-02-01 0:00 ` Linus Torvalds
2023-02-01 19:48 ` Peter Xu
2023-02-01 19:48 ` Peter Xu
2023-02-01 19:48 ` Peter Xu
2023-02-01 22:18 ` Al Viro
2023-02-01 22:18 ` Al Viro
2023-02-01 22:18 ` Al Viro
2023-02-02 0:57 ` Al Viro
2023-02-02 0:57 ` Al Viro
2023-02-02 0:57 ` Al Viro
2023-02-02 22:56 ` Peter Xu
2023-02-02 22:56 ` Peter Xu
2023-02-02 22:56 ` Peter Xu
2023-02-04 0:26 ` Al Viro [this message]
2023-02-04 0:26 ` Al Viro
2023-02-04 0:26 ` Al Viro
2023-02-05 5:10 ` Al Viro
2023-02-05 5:10 ` Al Viro
2023-02-05 5:10 ` Al Viro
2023-02-04 0:47 ` [loongarch oddities] " Al Viro
2023-02-01 8:21 ` Helge Deller
2023-02-01 8:21 ` Helge Deller
2023-02-01 8:21 ` Helge Deller
2023-02-01 19:51 ` Linus Torvalds
2023-02-01 19:51 ` Linus Torvalds
2023-02-01 19:51 ` Linus Torvalds
2023-02-02 6:58 ` Al Viro
2023-02-02 6:58 ` Al Viro
2023-02-02 8:54 ` Michael Cree
2023-02-02 9:56 ` John Paul Adrian Glaubitz
2023-02-02 15:20 ` Al Viro
2023-02-02 20:20 ` Al Viro
2023-02-02 20:34 ` Linus Torvalds
2023-02-01 10:50 ` Mark Rutland
2023-02-01 10:50 ` Mark Rutland
2023-02-01 10:50 ` Mark Rutland
2023-02-06 12:08 ` Geert Uytterhoeven
2023-02-06 12:08 ` Geert Uytterhoeven
2023-02-06 12:08 ` Geert Uytterhoeven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y92mP1GT28KfnPEQ@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=dinguyen@kernel.org \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hexagon@vger.kernel.org \
--cc=linux-ia64@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=monstr@monstr.eu \
--cc=openrisc@lists.librecores.org \
--cc=peterx@redhat.com \
--cc=sparclinux@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.