From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=6rh8=FZ=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.7 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 730C2C433DB
	for <linux-mm@archiver.kernel.org>; Mon, 21 Dec 2020 21:50:02 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 00EAC224F9
	for <linux-mm@archiver.kernel.org>; Mon, 21 Dec 2020 21:50:01 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 00EAC224F9
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 2CD5B6B0036; Mon, 21 Dec 2020 16:50:01 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 27D336B005C; Mon, 21 Dec 2020 16:50:01 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 16C386B0068; Mon, 21 Dec 2020 16:50:01 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0203.hostedemail.com [216.40.44.203])
	by kanga.kvack.org (Postfix) with ESMTP id 00A556B0036
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 16:50:00 -0500 (EST)
Received: from smtpin17.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id B6A85362A
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 21:50:00 +0000 (UTC)
X-FDA: 77618632560.17.stew31_1b075ae2745a
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin17.hostedemail.com (Postfix) with ESMTP id 922A6180D0180
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 21:50:00 +0000 (UTC)
X-HE-Tag: stew31_1b075ae2745a
X-Filterd-Recvd-Size: 5594
Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172])
	by imf40.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 21:49:59 +0000 (UTC)
Received: by mail-pl1-f172.google.com with SMTP id y8so6301930plp.8
        for <linux-mm@kvack.org>; Mon, 21 Dec 2020 13:49:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=ENVx1TIFwWZDYQN4TlMQ6f05oWb+S//w/+xge1VzXRE=;
        b=ZnI7YCz6bvbcpuZHMNM3Pd25ADWmPny8PHFIMyqzH8pVMzkENwiACukAtcGCqw1MTo
         ZNARuDUW4LMOnzXuXqk5zRfcQ/7TQqUZ5//Wg7UlT85dMGYRZrvX75U7mdoOyqQ3r6VM
         sxrMDFYJ7tL/H3VHmDN76km+3DThwfm5YkJ0O58jn++vlribZh1CGcvSF3RXVBzwFiLh
         AT8wweAqJHTHRQ9hMRzFxVu7xhOSogL/Twr+N488veNpTBnQ2VxOQ6Q3f13u/mvEBO4R
         nb3jOQvj9YeHFpBs2vj1dct0obQKMXBXB6QT+MCfruWXOramElBoQtgPZAmXimjCdomk
         fuXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=ENVx1TIFwWZDYQN4TlMQ6f05oWb+S//w/+xge1VzXRE=;
        b=IPJeTxid54+lAdrCWONRjh5AxYPWBzphhQkOjDjyqbQSpyx4S7uaR0CFM7xDp66kzB
         aHXBvdqPA/omOztbA+wAbqBwNEeVyF/FxCU0FPr/hszaV+vqbvurqmQrPEEwb3szy9j/
         u8VjJ464mADsuIjv4i+cpCUq8KMFMCNNRdqYjL0A/wc8gNI1pWMI+wMX1WghSJ8LDsrX
         cTziC45bC5Le7V/6LSIBEu38ZVUbS7MnHKhMlHpNZMhQI6QBN2y0Wo3MZ41BbmhZUQ5p
         WxDC8U85+WXGCirgNCfCpXRqGdAjRJKR58saeKdL091/dq2AssQaBo9xe267swJdoAin
         v+og==
X-Gm-Message-State: AOAM531hOXMhEFLxzwdGwd+16pFbXbZqHm1a3z6W0Xu5qczWL5wEV3mN
	Z3JTaAhR4acFMbsCjtNStl4=
X-Google-Smtp-Source: ABdhPJzaluLsAc9JhO3pHoVTVI0q1cc75x5a8necdzKcNNfPjJO9k+kkJm+kbyxRttFnrmo0z1hKtQ==
X-Received: by 2002:a17:90a:c396:: with SMTP id h22mr19319869pjt.84.1608587398756;
        Mon, 21 Dec 2020 13:49:58 -0800 (PST)
Received: from ?IPv6:2601:647:4700:9b2:104c:8d35:de28:b8dc? ([2601:647:4700:9b2:104c:8d35:de28:b8dc])
        by smtp.gmail.com with ESMTPSA id 84sm18357779pfy.9.2020.12.21.13.49.56
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 21 Dec 2020 13:49:57 -0800 (PST)
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Subject: Re: [PATCH] mm/userfaultfd: fix memory corruption due to writeprotect
From: Nadav Amit <nadav.amit@gmail.com>
In-Reply-To: <X+ESkna2z3WjjniN@google.com>
Date: Mon, 21 Dec 2020 13:49:55 -0800
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
 Peter Xu <peterx@redhat.com>,
 Andrea Arcangeli <aarcange@redhat.com>,
 linux-mm <linux-mm@kvack.org>,
 lkml <linux-kernel@vger.kernel.org>,
 Pavel Emelyanov <xemul@openvz.org>,
 Mike Kravetz <mike.kravetz@oracle.com>,
 Mike Rapoport <rppt@linux.vnet.ibm.com>,
 stable <stable@vger.kernel.org>,
 Minchan Kim <minchan@kernel.org>,
 Andy Lutomirski <luto@kernel.org>,
 Will Deacon <will@kernel.org>,
 Peter Zijlstra <peterz@infradead.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <1FCC8F93-FF29-44D3-A73A-DF943D056680@gmail.com>
References: <X95RRZ3hkebEmmaj@redhat.com>
 <EDC00345-B46E-4396-8379-98E943723809@gmail.com>
 <X97pprdcRXusLGnq@google.com>
 <DDA15360-D6D4-46A8-95A4-5EE34107A407@gmail.com>
 <20201221172711.GE6640@xz-x1>
 <76B4F49B-ED61-47EA-9BE4-7F17A26B610D@gmail.com>
 <X+D0hTZCrWS3P5Pi@google.com>
 <CAHk-=wg_UBuo7ro1fpEGkMyFKA1+PxrE85f9J_AhUfr-nJPpLQ@mail.gmail.com>
 <9E301C7C-882A-4E0F-8D6D-1170E792065A@gmail.com>
 <CAHk-=wg-Y+svNy3CDkJjj0X_CJkSbpERLg64-Vqwq5u7SC4z0g@mail.gmail.com>
 <X+ESkna2z3WjjniN@google.com>
To: Yu Zhao <yuzhao@google.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

> On Dec 21, 2020, at 1:24 PM, Yu Zhao <yuzhao@google.com> wrote:
>=20
> On Mon, Dec 21, 2020 at 12:26:22PM -0800, Linus Torvalds wrote:
>> On Mon, Dec 21, 2020 at 12:23 PM Nadav Amit <nadav.amit@gmail.com> =
wrote:
>>> Using mmap_write_lock() was my initial fix and there was a strong =
pushback
>>> on this approach due to its potential impact on performance.
>>=20
>> =46rom whom?
>>=20
>> Somebody who doesn't understand that correctness is more important
>> than performance? And that userfaultfd is not the most important part
>> of the system?
>>=20
>> The fact is, userfaultfd is CLEARLY BUGGY.
>>=20
>>          Linus
>=20
> Fair enough.
>=20
> Nadav, for your patch (you might want to update the commit message).

Yes, the commit message is completely off. Will fix.

Thanks for your guidance and assistance.

>=20
> Reviewed-by: Yu Zhao <yuzhao@google.com>
>=20
> While we are all here, there is also clear_soft_dirty() that could
> use a similar fix=E2=80=A6

Let me try to build a small reproducer for clear_soft_dirty() and then =
I=E2=80=99ll
send another patch for it too.

BTW: In general, I think that you are right, and that changing of PTEs
should not require taking mmap_lock for write. However, I am not sure
cow_user_page() is not the only one that poses a problem and whether a =
more
systematic solution is needed. If cow_user_pages() is the only problem, =
do
you think it is possible to do the copying while holding the PTL? It =
works
for normal-pages, but I am not sure whether special-pages pose special
problems.

Anyhow, this is an enhancement that we can try later.

Thanks again,
Nadav=