From: Mike Rapoport <rppt@kernel.org>
To: Peter Xu <peterx@redhat.com>
Cc: linux-mm@kvack.org, Andrea Arcangeli <aarcange@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Axel Rasmussen <axelrasmussen@google.com>,
Baolin Wang <baolin.wang@linux.alibaba.com>,
David Hildenbrand <david@redhat.com>,
Hugh Dickins <hughd@google.com>,
James Houghton <jthoughton@google.com>,
"Liam R. Howlett" <Liam.Howlett@oracle.com>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
Michal Hocko <mhocko@suse.com>,
Muchun Song <muchun.song@linux.dev>,
Nikita Kalyazin <kalyazin@amazon.com>,
Oscar Salvador <osalvador@suse.de>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Shuah Khan <shuah@kernel.org>,
Suren Baghdasaryan <surenb@google.com>,
Vlastimil Babka <vbabka@suse.cz>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-kselftest@vger.kernel.org
Subject: Re: [PATCH RFC 01/17] userfaultfd: introduce mfill_copy_folio_locked() helper
Date: Sun, 8 Feb 2026 11:49:27 +0200 [thread overview]
Message-ID: <aYhcJy86AYesUSEe@kernel.org> (raw)
In-Reply-To: <aYI0HmP-XZNBI-gb@x1.local>
Hi Peter,
On Tue, Feb 03, 2026 at 12:45:02PM -0500, Peter Xu wrote:
> On Tue, Jan 27, 2026 at 09:29:20PM +0200, Mike Rapoport wrote:
> > From: "Mike Rapoport (Microsoft)" <rppt@kernel.org>
> >
> > Split copying of data when locks held from mfill_atomic_pte_copy() into
> > a helper function mfill_copy_folio_locked().
> >
> > This makes improves code readability and makes complex
> > mfill_atomic_pte_copy() function easier to comprehend.
> >
> > No functional change.
> >
> > Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
>
> The movement looks all fine,
>
> Acked-by: Peter Xu <peterx@redhat.com>
Thanks!
> Just one pure question to ask.
>
> > ---
> > mm/userfaultfd.c | 59 ++++++++++++++++++++++++++++--------------------
> > 1 file changed, 35 insertions(+), 24 deletions(-)
> >
> > diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c
> > index e6dfd5f28acd..a0885d543f22 100644
> > --- a/mm/userfaultfd.c
> > +++ b/mm/userfaultfd.c
> > @@ -238,6 +238,40 @@ int mfill_atomic_install_pte(pmd_t *dst_pmd,
> > return ret;
> > }
> >
> > +static int mfill_copy_folio_locked(struct folio *folio, unsigned long src_addr)
> > +{
> > + void *kaddr;
> > + int ret;
> > +
> > + kaddr = kmap_local_folio(folio, 0);
> > + /*
> > + * The read mmap_lock is held here. Despite the
> > + * mmap_lock being read recursive a deadlock is still
> > + * possible if a writer has taken a lock. For example:
> > + *
> > + * process A thread 1 takes read lock on own mmap_lock
> > + * process A thread 2 calls mmap, blocks taking write lock
> > + * process B thread 1 takes page fault, read lock on own mmap lock
> > + * process B thread 2 calls mmap, blocks taking write lock
> > + * process A thread 1 blocks taking read lock on process B
> > + * process B thread 1 blocks taking read lock on process A
>
> While moving, I wonder if we need this complex use case to describe the
> deadlock. Shouldn't this already happen with 1 process only?
>
> process A thread 1 takes read lock (e.g. reaching here but
> before copy_from_user)
> process A thread 2 calls mmap, blocks taking write lock
> process A thread 1 goes on copy_from_user(), trigger page fault,
> then tries to re-take the read lock
>
> IIUC above should already cause deadlock when rwsem prioritize the write
> lock here.
We surely can improve the description here, but it should be a separate
patch with its own changelog and it's out of scope of this series.
> > + *
> > + * Disable page faults to prevent potential deadlock
> > + * and retry the copy outside the mmap_lock.
> > + */
> > + pagefault_disable();
> > + ret = copy_from_user(kaddr, (const void __user *) src_addr,
> > + PAGE_SIZE);
> > + pagefault_enable();
> > + kunmap_local(kaddr);
--
Sincerely yours,
Mike.
next prev parent reply other threads:[~2026-02-08 9:49 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-27 19:29 [PATCH RFC 00/17] mm, kvm: allow uffd suppot in guest_memfd Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 01/17] userfaultfd: introduce mfill_copy_folio_locked() helper Mike Rapoport
2026-02-03 17:45 ` Peter Xu
2026-02-08 9:49 ` Mike Rapoport [this message]
2026-01-27 19:29 ` [PATCH RFC 02/17] userfaultfd: introduce struct mfill_state Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 03/17] userfaultfd: introduce mfill_get_pmd() helper Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 04/17] userfaultfd: introduce mfill_get_vma() and mfill_put_vma() Mike Rapoport
2026-02-02 21:49 ` Peter Xu
2026-02-08 9:54 ` Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 05/17] userfaultfd: retry copying with locks dropped in mfill_atomic_pte_copy() Mike Rapoport
2026-02-02 21:23 ` Peter Xu
2026-02-08 10:01 ` Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 06/17] userfaultfd: move vma_can_userfault out of line Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 07/17] userfaultfd: introduce vm_uffd_ops Mike Rapoport
2026-02-02 21:36 ` Peter Xu
2026-02-08 10:13 ` Mike Rapoport
2026-02-11 19:35 ` Peter Xu
2026-02-15 17:47 ` Mike Rapoport
2026-02-18 21:34 ` Peter Xu
2026-01-27 19:29 ` [PATCH RFC 08/17] userfaultfd, shmem: use a VMA callback to handle UFFDIO_CONTINUE Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 09/17] userfaultfd: introduce vm_uffd_ops->alloc_folio() Mike Rapoport
2026-02-02 22:13 ` Peter Xu
2026-02-08 10:22 ` Mike Rapoport
2026-02-11 19:37 ` Peter Xu
2026-01-27 19:29 ` [PATCH RFC 10/17] shmem, userfaultfd: implement shmem uffd operations using vm_uffd_ops Mike Rapoport
2026-02-03 17:40 ` Peter Xu
2026-02-08 10:35 ` Mike Rapoport
2026-02-11 20:00 ` Peter Xu
2026-02-15 17:45 ` Mike Rapoport
2026-02-18 21:45 ` Peter Xu
2026-01-27 19:29 ` [PATCH RFC 11/17] userfaultfd: mfill_atomic() remove retry logic Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 12/17] mm: introduce VM_FAULT_UFFD_MINOR fault reason Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 13/17] mm: introduce VM_FAULT_UFFD_MISSING " Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 14/17] KVM: guest_memfd: implement userfaultfd minor mode Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 15/17] KVM: guest_memfd: implement userfaultfd missing mode Mike Rapoport
2026-03-04 17:12 ` Nikita Kalyazin
2026-03-04 17:17 ` Nikita Kalyazin
2026-01-27 19:29 ` [PATCH RFC 16/17] KVM: selftests: test userfaultfd minor for guest_memfd Mike Rapoport
2026-01-27 19:29 ` [PATCH RFC 17/17] KVM: selftests: test userfaultfd missing " Mike Rapoport
2026-02-03 20:56 ` [PATCH RFC 00/17] mm, kvm: allow uffd suppot in guest_memfd Peter Xu
2026-02-09 15:35 ` David Hildenbrand (Arm)
2026-02-11 6:04 ` Mike Rapoport
2026-02-11 9:52 ` David Hildenbrand (Arm)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aYhcJy86AYesUSEe@kernel.org \
--to=rppt@kernel.org \
--cc=Liam.Howlett@oracle.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=axelrasmussen@google.com \
--cc=baolin.wang@linux.alibaba.com \
--cc=david@redhat.com \
--cc=hughd@google.com \
--cc=jthoughton@google.com \
--cc=kalyazin@amazon.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mhocko@suse.com \
--cc=muchun.song@linux.dev \
--cc=osalvador@suse.de \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=seanjc@google.com \
--cc=shuah@kernel.org \
--cc=surenb@google.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.