From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=6rh8=FZ=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 02A6FC433E0
	for <linux-mm@archiver.kernel.org>; Mon, 21 Dec 2020 20:25:30 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 938AF224D1
	for <linux-mm@archiver.kernel.org>; Mon, 21 Dec 2020 20:25:29 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 938AF224D1
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 21C4A6B0036; Mon, 21 Dec 2020 15:25:29 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 1CD1A6B005C; Mon, 21 Dec 2020 15:25:29 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 0E31E6B0068; Mon, 21 Dec 2020 15:25:29 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0136.hostedemail.com [216.40.44.136])
	by kanga.kvack.org (Postfix) with ESMTP id E9DE96B0036
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 15:25:28 -0500 (EST)
Received: from smtpin05.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id 97C59180ACEE4
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 20:25:28 +0000 (UTC)
X-FDA: 77618419536.05.ring58_190a5032745a
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin05.hostedemail.com (Postfix) with ESMTP id 7447518016825
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 20:25:28 +0000 (UTC)
X-HE-Tag: ring58_190a5032745a
X-Filterd-Recvd-Size: 4827
Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52])
	by imf03.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Mon, 21 Dec 2020 20:25:27 +0000 (UTC)
Received: by mail-lf1-f52.google.com with SMTP id l11so26805853lfg.0
        for <linux-mm@kvack.org>; Mon, 21 Dec 2020 12:25:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=k5zaXo4wHvh1dW+KqsesRxK7xiAm0BCunbjnJYxvhz8=;
        b=Ms5Xy1U+4jhVMIkNDhKzne/rZJlQEFuV7hucbckZy+YFqWk5mcJQ96C3W1K+G8i09y
         8J9WxZMu8pqcOCErRRebf2lG7lky5KbqBcvfLLdaBfCIvva4S386rnAsqChHlbUnSFYf
         pJY2/7Xoxilz9bukgW9iDxfnFQILnhL6fjU2E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=k5zaXo4wHvh1dW+KqsesRxK7xiAm0BCunbjnJYxvhz8=;
        b=MHcA6GQl/HZJ0mPI533aNTHbwSexcLgvYRdvZ9H6Um8EMgU1EDi44avQCFHeJPJrKa
         QFWxh7mIlrVjkReX8grrmcx6Ufj4G7q3zZ0g0jaUfiR3MTdoFtGeEJsRnIOrwmFWiWQC
         1J35Z37lJJkK7GYn+XB+OtOke/8krjBBpMyDNrcaVAxSy8aewNe24vxNwjkM2u8S2Jc3
         2qpDgkFEDpUTpieWZ3fgBQigr1a/pnLuXY9Ay5IAjvLT5UAjO4uiQAYuS03kHsittaZE
         834kA1RgUGPTcjm4rf5KJ22iCCRVf2ckVtu+Ezk8X0Kgg7BysFFiWDfaAWL5uz0Dypuz
         MElA==
X-Gm-Message-State: AOAM5335ywc09rFpGCT5E+fM7kujs2PoiVjx3xxgCPNGpu4+HjQe0dda
	WnMadFWG6U89YzQjRv3zuaDm+mt7vLFb5w==
X-Google-Smtp-Source: ABdhPJziFbBdFGEeLFOgDgLoWeHahX/uUWZxSWYfb8zCC5WE0efpScT8x6R5dw6WeBojhMLu+kf+jA==
X-Received: by 2002:a2e:96da:: with SMTP id d26mr7663417ljj.233.1608582325729;
        Mon, 21 Dec 2020 12:25:25 -0800 (PST)
Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com. [209.85.167.41])
        by smtp.gmail.com with ESMTPSA id s27sm2400235ljd.25.2020.12.21.12.25.24
        for <linux-mm@kvack.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Mon, 21 Dec 2020 12:25:24 -0800 (PST)
Received: by mail-lf1-f41.google.com with SMTP id 23so26669087lfg.10
        for <linux-mm@kvack.org>; Mon, 21 Dec 2020 12:25:24 -0800 (PST)
X-Received: by 2002:a2e:8995:: with SMTP id c21mr7868338lji.251.1608582323808;
 Mon, 21 Dec 2020 12:25:23 -0800 (PST)
MIME-Version: 1.0
References: <20201219043006.2206347-1-namit@vmware.com> <X95RRZ3hkebEmmaj@redhat.com>
 <EDC00345-B46E-4396-8379-98E943723809@gmail.com> <X97pprdcRXusLGnq@google.com>
 <DDA15360-D6D4-46A8-95A4-5EE34107A407@gmail.com> <20201221172711.GE6640@xz-x1>
 <76B4F49B-ED61-47EA-9BE4-7F17A26B610D@gmail.com> <X+D0hTZCrWS3P5Pi@google.com>
 <CAHk-=wg_UBuo7ro1fpEGkMyFKA1+PxrE85f9J_AhUfr-nJPpLQ@mail.gmail.com> <X+EDslLVp9yRRru6@google.com>
In-Reply-To: <X+EDslLVp9yRRru6@google.com>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 21 Dec 2020 12:25:07 -0800
X-Gmail-Original-Message-ID: <CAHk-=wjUST1qd9Q668rwSzwOLQxTaAC1oUd7pPQBSj2s6PkqAw@mail.gmail.com>
Message-ID: <CAHk-=wjUST1qd9Q668rwSzwOLQxTaAC1oUd7pPQBSj2s6PkqAw@mail.gmail.com>
Subject: Re: [PATCH] mm/userfaultfd: fix memory corruption due to writeprotect
To: Yu Zhao <yuzhao@google.com>
Cc: Peter Xu <peterx@redhat.com>, Andrea Arcangeli <aarcange@redhat.com>, 
	linux-mm <linux-mm@kvack.org>, lkml <linux-kernel@vger.kernel.org>, 
	Pavel Emelyanov <xemul@openvz.org>, Mike Kravetz <mike.kravetz@oracle.com>, 
	Mike Rapoport <rppt@linux.vnet.ibm.com>, stable <stable@vger.kernel.org>, 
	Minchan Kim <minchan@kernel.org>, Andy Lutomirski <luto@kernel.org>, Will Deacon <will@kernel.org>, 
	Peter Zijlstra <peterz@infradead.org>, Nadav Amit <nadav.amit@gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Dec 21, 2020 at 12:21 PM Yu Zhao <yuzhao@google.com> wrote:
>
> Well, unfortunately we have places that use optimizations like
>
>   inc_tlb_flush_pending()
>     lock page table
>       pte_wrprotect
>   flush_tlb_range()
>   dec_tlb_flush_pending()
>
> which complicate things.

My point is, none of that  matters.

Because the software side that does the actual page table
modifications do not depend on the TLB at all.

They depend on the page table lock, and the pte in memory.

So the "pending flush" simply shoudln't be an issue. It's about the
actual hardware usage.

But what DOES matter for the software accesses is that you can't
modify protections without holding the proper lock.

And userfaultfd seems to do exactly that, breaking the whole "load pte
early, then check that it didn't change".

(Which we do in other places too, not just COW - it's basically _the_
pattern for page table updates).

               Linus