From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA597EB64DC for ; Tue, 11 Jul 2023 23:45:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B5EB06B0071; Tue, 11 Jul 2023 19:45:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B0E556B0072; Tue, 11 Jul 2023 19:45:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D6166B0075; Tue, 11 Jul 2023 19:45:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 8EE3F6B0071 for ; Tue, 11 Jul 2023 19:45:58 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 463D61C8426 for ; Tue, 11 Jul 2023 23:45:58 +0000 (UTC) X-FDA: 81000966396.03.01752B7 Received: from mail-yw1-f174.google.com (mail-yw1-f174.google.com [209.85.128.174]) by imf30.hostedemail.com (Postfix) with ESMTP id 8620C8000C for ; Tue, 11 Jul 2023 23:45:56 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=Z+95RQom; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf30.hostedemail.com: domain of surenb@google.com designates 209.85.128.174 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689119156; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qnOYGpy5GqJBTt3XqT83fZj5mwnud32/BrA0R25dhgs=; b=jMt776k79Qe02+mzaZCf41kb28i/LlFbBvsK3gXpCCfWtlv1O2Rsq6FRxu6e+bmZr+tAw9 kziDZfK4bwc7zS7YeGW0AFglu77ig+9r5TwwkBpGhqiNr/ym3AXZHoHeR0ePLHG+j0aDN8 w+8Wjo5CVtBuGiffLLosL9lZdt0vz9s= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=Z+95RQom; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf30.hostedemail.com: domain of surenb@google.com designates 209.85.128.174 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689119156; a=rsa-sha256; cv=none; b=bU4wdw/HvhrdrGX80WiCD7h/s2UgiYHxKRsCTsKKx6ShNqsrMOfNc61nxtjciJrhHihPQI Iyn2VCkKS6ocmzA0kA3xT+LHD0Zw0OHMGz2s6ngsYFiJGuRahNYrgwQ3TJqmVH3/g0v+8C e05ZSVXIxHZ8A9CxvdSxOjYygd4hGa0= Received: by mail-yw1-f174.google.com with SMTP id 00721157ae682-579ef51428eso76235787b3.2 for ; Tue, 11 Jul 2023 16:45:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689119155; x=1691711155; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=qnOYGpy5GqJBTt3XqT83fZj5mwnud32/BrA0R25dhgs=; b=Z+95RQomMRyqmnQINLh3PUB1wxYyzEpYluGEIseqdHFJSjWSoTyn2qd9IURaEP8LRv aZ84ncjtyL6sw8obTd+65PeTkEVMJXDTWTrQp8x4ECKvRR+1CgoB/wK3Ftb42ZUKVB8g 72h/8KN5yyMNE3iAIbJQuwNlSQs059mtcMMUL/qyfPCzX667oZDJ/62oJDW2cXQULs2J PpQ9qabOk77PywgtxWo0ki3OvseAiwKzh5U3L9+zkDGLrYj2lirqPWXKW+8FSkXbpIDu H+VlBUML6+2eLumXsZo5frtv5LZGacVD8RvNQvPXmt+Iq+cjHbc85sP7DpzZZ2EC9g/W oThA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689119155; x=1691711155; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qnOYGpy5GqJBTt3XqT83fZj5mwnud32/BrA0R25dhgs=; b=eU1w2gaXeSwrYhA4Y2tkU/pIQHsfq2lAuZLD8RDqDRqnRB9XckwzAJ4wZMK92T696T XJ8XdgxtKLdDTnOxUbZUfjXzHs6slPbXmer3wQeN8MGwDlfXO0U0LZeCS0dSeg1E3zTx cJH+K53mWr7Uy3yaq22V4MlNKqcqssE0Hr0W9mWN1o9BPKgnO6OSHuMPHK3db9yuIjxE RGjcmfKZ8BqORyPYk8Ylj+efV2z2vdilx6U3P/VIvIg9VSxM2gGp00+0Fv/RJ6uyx6/K ONpvCExlp6VRKJQqZ+NUMew4MXaGdvGYg7SVqdzFIUGEt++MZgixvMBRltC1GtvCb4VL F1ug== X-Gm-Message-State: ABy/qLZPxsQPaDQsWetvW4PYxi2PJRYFjfbc1mgNdlouEz8YOVidCrbU C4ez2FCB+P9OafylOoJuSNfQaZMbKEllTyXNNmnFYQ== X-Google-Smtp-Source: APBJJlGrUKUoW3u9JqYsokLtTiP6q5VznNTWMUuBFgpPqe1NtdAGnwzixmUs2SwDMc9oed+7KZcCaE1YbKa6JEPX1LQ= X-Received: by 2002:a81:6254:0:b0:573:a763:5876 with SMTP id w81-20020a816254000000b00573a7635876mr16040952ywb.51.1689119155366; Tue, 11 Jul 2023 16:45:55 -0700 (PDT) MIME-Version: 1.0 References: <9704a138-60e6-4ede-91f0-844e1df2ad84@moroto.mountain> In-Reply-To: From: Suren Baghdasaryan Date: Tue, 11 Jul 2023 16:45:42 -0700 Message-ID: Subject: Re: [bug report] mm: replace vma->vm_flags direct modifications with modifier calls To: Matthew Wilcox Cc: Dan Carpenter , linux-mm@kvack.org, Andrew Morton , "Liam R. Howlett" , Laurent Dufour , Michel Lespinasse , Jerome Glisse , Michal Hocko , Vlastimil Babka , Johannes Weiner , Peter Xu , David Hildenbrand , Dimitri Sivanich , Mike Travis , Steve Wahl Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 8620C8000C X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: sksixgk33ea3rye3gjcroi85wd1y8ibr X-HE-Tag: 1689119156-587944 X-HE-Meta: U2FsdGVkX1+gUk2auQuYGYRy27bBveKCgy5eYd0F+tz8xcZqmViDdSjsaEs9p8QQzDmW7hjoCFSLwGRNwgn31HsXWLg8cLkUuq+E05t3DX1pUYpYnTI1QpaNtlppBd6dVKtm5qQgzQOUmSZ8FWL4Ot9lt+tNmC9kLe4CFIA5yVINQmtJkOBCdgsUrHbKsdEDqAwSOzCynCzQNhCuuj0ZYnbNKXvMOfJ03Q+nRSM7e/zzeCQGunTIupHJ2KU+g2Hn/zWbBhfKLOaXI3Cm7xzhv3WKhNssCj0HzspRtU7vWrv6ukeaihjBD3hnyQIZF7/qUsyZ6gc0T4Kjvjdet5GNujlcXqCV7VL/DKSTdp1gLcEjQik79TrRza3i7/LLtaU4JXrFedQt0oX3d4pVGypG8YpYw/tuSnOYxMgKr68iDPbkWGP6+PCbf81/FW1vUcL5O/rVGz4WBgvuia7SWyQNWMTr3HHQMlMUoAO9AYh+Xd8dpjxVBOT4o7EaLitAAyqUllzwTMLbnc5Gvo7Ua/G5ptRN5Yz3Y11x+Y1KRyHNHnl4UvJZx4Cw9r3F5u+/UsAAL8gYgLJ4FwrSDlhNsjKVTjRcn+1muos2cqP9i7I/LkqzfqA8Cel2fu0zBp6cWySla4OqkVDXhyPJfaUiDL2QjAAD6yCCfqVUvYo2DcNz56+yZNW7SZDcaPePywcxCeUkoLhl1r/aBic3Zl/mCKyvJAbSr3LEsSo8F2aGeys86cfGfflQEg/7jdEaPlMsmtwbvjoLkShb0JvT4AMIwN/13e46yWJfEEyPYVzm+98MV3q/JG73h3iyUBelFhl12e4llU39JJJSrJ1Mcdsm9EQvLSNONDLohHRoJ6ocpjMhuyW3f43ZEBkIKLGTLqAUgEHbsSdzIJsBo1m+lhPzIwfkyX3Xrtohtqih2d0vt1QrY5+0YYMnR+n/P+TqOtdRpO8aQIBBe1XuMmq2mX3GIdP vSw+uLM6 YNbeUb82uo2S+3jgv2GKB9tU3gKgjLCB3B0XXYlCKGpUl5Dc628Xt6ojUsHJJJagSmuanh1LOW7rdZ+lpn6YI2FHmigbvKWXD0wNH9Pba5C8IeeX4ccY4cYlxJXd8ZerwTsfq7oLSo5XyEecRzcn64R6EfhSOzyUAgyKZGpZPkzevVUX4He7x/AllikZ3OZ1K31QgsgUxRxxwKlfRud/Vc3TKopYeA9zEHwvrvIBwuG6MkRGy3xTkwnubY32P+vzGV/afHq0Pf50Irh5Bit+IMlDAqyJnSHKTgibvifgqrS+r4JW6mMdhFwkbpiexOKa/JCqo+YYEgdIm1Ck4vhve83qyXsBGB4NB+jnu68pGy1e0eu/3pfJWZXE4yPiRN9VpEShBR433SHKZgHU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Jul 11, 2023 at 3:21=E2=80=AFPM Matthew Wilcox wrote: > > On Tue, Jul 11, 2023 at 02:55:20PM -0700, Suren Baghdasaryan wrote: > > On Tue, Jul 11, 2023 at 12:21=E2=80=AFAM Dan Carpenter wrote: > > > > > > Hello Suren Baghdasaryan, > > > > > > The patch 1c71222e5f23: "mm: replace vma->vm_flags direct > > > modifications with modifier calls" from Jan 26, 2023, leads to the > > > following Smatch static checker warning: > > > > > > ./include/linux/mm.h:729 vma_start_write() > > > warn: sleeping in atomic context > > > > > > include/linux/mm.h > > > 722 static inline void vma_start_write(struct vm_area_struct *vma= ) > > > 723 { > > > 724 int mm_lock_seq; > > > 725 > > > 726 if (__is_vma_write_locked(vma, &mm_lock_seq)) > > > 727 return; > > > 728 > > > --> 729 down_write(&vma->vm_lock->lock); > > > 730 vma->vm_lock_seq =3D mm_lock_seq; > > > 731 up_write(&vma->vm_lock->lock); > > > 732 } > > > > > > The call tree is: > > > > > > gru_fault() <- disables preempt > > > -> remap_pfn_range() > > > -> track_pfn_remap() > > > -> remap_pfn_range_notrack() > > > -> vm_flags_set() > > > -> vma_start_write() > > > > > > Before track_pfn_remap() and remap_pfn_range_notrack() would just do = |=3D > > > to set the flags but now they use vm_flags_set() so there is a potent= ial > > > they could sleep. > > > > Hi Dan, > > Thanks for reporting! Looks like the page fault handler is modifying > > the VMA flags, which has to be done under write-locked mmap_lock and I > > don't see that being done here... I wonder if that should be allowed. > > I'm CC'ing some MM folks to check if this is a valid VMA modification > > and should be allowed. Matthew, this might be especially interesting > > for you since gru_fault() handles file-backed page faults AFAIKT. > > I don't run the ->fault handler under RCU, only the ->map_pages() > method. I don't intend to change that. > > > Back to the issue at hand. If such modification should be indeed > > allowed then the simplest fix I think would be to add new > > remap_pfn_range_locked() function to be called from gru_fault() which > > would use __vm_flags_mod() instead of vm_flags_set(). __vm_flags_mod() > > does not lock the VMA, so would not have this issue. If the conclusion > > is that this is a valid scenario then I can post a fix I described. > > I'm not certain, but calling remap_pfn_range() in the fault handler > is definitely weird. It's normally called _instead_ of having a fault > handler. The fault handler usually calls set_pte_at() directly. Hmm. Is it weird enough to be considered invalid or weird but still ok? Also, is it ok to modify VMA flags here without write-locking the mmap_lock (and without write-locking the VMA)? The fault handler is done under read-locked mmap_lock but I thought VMA modifications require stronger locking...