From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A910BC47258
	for <linux-mm@archiver.kernel.org>; Tue, 23 Jan 2024 20:54:49 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 2E02E8D0002; Tue, 23 Jan 2024 15:54:49 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 28FFE8D0001; Tue, 23 Jan 2024 15:54:49 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1574B8D0002; Tue, 23 Jan 2024 15:54:49 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 073348D0001
	for <linux-mm@kvack.org>; Tue, 23 Jan 2024 15:54:49 -0500 (EST)
Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 97F1540B5E
	for <linux-mm@kvack.org>; Tue, 23 Jan 2024 20:54:48 +0000 (UTC)
X-FDA: 81711779856.22.1D37074
Received: from mail-yb1-f177.google.com (mail-yb1-f177.google.com [209.85.219.177])
	by imf01.hostedemail.com (Postfix) with ESMTP id C97E04000E
	for <linux-mm@kvack.org>; Tue, 23 Jan 2024 20:54:46 +0000 (UTC)
Authentication-Results: imf01.hostedemail.com;
	dkim=pass header.d=google.com header.s=20230601 header.b="fdI9/UyL";
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf01.hostedemail.com: domain of surenb@google.com designates 209.85.219.177 as permitted sender) smtp.mailfrom=surenb@google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1706043286;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=gl07MP6Dft3GnY2An3f89kIhbwqXTsxqZbn6Z+h3ZIE=;
	b=GrvNG4ZlgcgApozofsXU08TrXPk4x1YhCyE/gfnCsdVdz395ho5dWxfyOn64MaMOXC8Wlc
	GHWSL4TQ75/x62KolPOTMgAQCmHSwfTcrX7sAg+zqpyIoSXUN5HOiGgbu97oIWOS4A+78X
	6N3S64sGBmmV9SUzEkkhbwvPQIRBmv0=
ARC-Authentication-Results: i=1;
	imf01.hostedemail.com;
	dkim=pass header.d=google.com header.s=20230601 header.b="fdI9/UyL";
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf01.hostedemail.com: domain of surenb@google.com designates 209.85.219.177 as permitted sender) smtp.mailfrom=surenb@google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706043286; a=rsa-sha256;
	cv=none;
	b=Ghhh3wrpsbD6a72G4ZwfIOnJFGSNt8JkUZE5Q3Pp5hMz1ceVVHV0NQRngR39GPrbjzK+3M
	CsK1kW8fz7Jo2YMsdJhEaW9YWKpOyWRutGhvNrZYr9XeHXxtqbpLNM2IKQz4WCKOkDQQVQ
	X186k4ELKEzKncWMGMNb6iy4uWvDJyE=
Received: by mail-yb1-f177.google.com with SMTP id 3f1490d57ef6-dc371b04559so1236356276.0
        for <linux-mm@kvack.org>; Tue, 23 Jan 2024 12:54:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1706043286; x=1706648086; darn=kvack.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=gl07MP6Dft3GnY2An3f89kIhbwqXTsxqZbn6Z+h3ZIE=;
        b=fdI9/UyLjyEqJxsbIkxABNYajxC0SnS6lkNCreqE5FP5S3jTYbngf4daIGyccduYD8
         9Clhrw/hDZy2rZta3ylJL6N71zThr7I0+UBOeeKfMCJIT3DTDUzez6DdVYqV4uBegQmW
         dkY/5mqIhFcjFa2K+aU2gtql6LyO2amX6ShVm5fW9pL5OJwxb4BSU8a0l8sYRYpuVD+t
         UT9g2Qge9FJBbgC7QukO1pyw6Tloa3XzvwjvyIvAc1Gqtdpr7vOgpjeKRlnIsJ/dfUUn
         XB1zlMrfpUcPT+Mg6rxqaF+km7BbmJ2RjltvONYsPZlkwEc5DBN1VHKKYrJpZfoUUxyc
         dflw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1706043286; x=1706648086;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=gl07MP6Dft3GnY2An3f89kIhbwqXTsxqZbn6Z+h3ZIE=;
        b=KE/XYUMpCgxtBqvgYskFxt11LGpykE3t/0zjatqB0Ap8BTM4TgXw7ZgKHtRuG5gcxd
         FQwOHnOO7dc3maGvGCAZms9E71VUfWDHJ4uPzKePs76vcGtTg+zkZeYLVuBC/rksXalb
         KqDuoZiAqCbSYra63EvB+zlE3bob4imJVrkn8uiDRwH9zH2/Ayha0rCGVHzfA2lpr5bZ
         cXLTDwHVyjk8BPEO0+E8Y4UvOOopy6A3skWqmE8+rduRoY8XgCMRgN1tGDdYhLwHWCeA
         hc1QeslmCrxcPHhUt7Lzfqget47Omyx0JzvziGj07rMQlemuA37J8b60ayaaCf5coGHw
         IGNw==
X-Gm-Message-State: AOJu0Yy9DYbhUO+Q++6+9wV3ywL1dBjRF2Mm/cyyUT8eVg+1SAZiyQnu
	UaiuqpyvHBOy8FKfEKYDLs8O58fKwj6kxsX7LLiFPPgoRnqPzFoejfT1VNTpmsxH0h609RvSGqG
	odnG9CWRIGhKbO9Eo8gW6PJIFhdkamlYld96v
X-Google-Smtp-Source: AGHT+IGIDDV6Xif3zfszAvWUgx55hYHWP92JIwzIAMBCpfcMTZDmAofz1+EqAbg5sXTR9v3g4PQ3bHazPeBbwAqFHOY=
X-Received: by 2002:a05:6902:2409:b0:dbd:5aae:2f75 with SMTP id
 dr9-20020a056902240900b00dbd5aae2f75mr5223040ybb.100.1706043285562; Tue, 23
 Jan 2024 12:54:45 -0800 (PST)
MIME-Version: 1.0
References: <20240123141755.3836179-1-ryan.roberts@arm.com>
In-Reply-To: <20240123141755.3836179-1-ryan.roberts@arm.com>
From: Suren Baghdasaryan <surenb@google.com>
Date: Tue, 23 Jan 2024 12:54:32 -0800
Message-ID: <CAJuCfpHSibd+zn2kM5ZWiCKMgBJs0aG01t+10Td=VEJVG41tRA@mail.gmail.com>
Subject: Re: [PATCH v1] mm/userfaultfd: UFFDIO_MOVE implementation should use ptep_get()
To: Ryan Roberts <ryan.roberts@arm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>, Andrea Arcangeli <aarcange@redhat.com>, linux-mm@kvack.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: C97E04000E
X-Rspam-User: 
X-Rspamd-Server: rspam05
X-Stat-Signature: 85esftdn6co44s89sdp54tucpu4akydj
X-HE-Tag: 1706043286-665754
X-HE-Meta: U2FsdGVkX1/bdavOi9cB8RzSHcHhWlmrCh+mLkReF8kAxt9G639uZPvCw3QNyvCTY4A2Xs/EfGTRIcX8WpPkUwEPKNDz876AOw+nx0jSTyAX3SYOIKMMF1ScOtxYoNWtXSHdCR6mI9w7wUa7gHLsmebMfZlUQVvf4SWqStjum76tZcOvM7sjrjZJi3Kn0v0tApETBiRKWottlAxOJ+T84V70vXF7ZiV2Ko9eJoKCKuEc3ezm1CPFrT8aq9rTDCkOCrBslgOhWG4EEKX3BbW5oBtPvS9UZpqHOO4/rvSDu8XP1dIe5cZ53AOrjAjZrRa1XfO2H3AuvG8YK+af74SSG8+xCFt5UmWktUUsea5T7zjxrkkfdHJYPXd+/orNQjgOLDQOyfEaaIkpUI3/wO1P+vZy9oT2Kar+qubAD2RuMyHP4ca9R20Q98jxL/OtVmtEavxSLqEuFvuIAhf5mBmJxu34iNg8rjhSQenVwFmP5FoWYfMj6sd/IzH+gn/n20bKZk2DnyDEwRFgT7RQ58fthyuvF/ehVX/kSYADUo3XyRysZMawsdbrKb5cYVZ00NLIbkA4SuPE4qzkdg70NfTsvsH5/3WwHQKQ485TJVbtprSKU+MrsNaQKxsn81WFp9N9dP9xBDHCss292ZrCqSURqZS4PrrHJhysV6njngR/9ebIzwijCNs7a8vYez1IP+WBivAOp2HwFYh28uTr2DQCLIH/90TPOrbaCRLIKCXk3xJJoOBsuc99/ATUiaar1Wx3o11Ybx8vGg5GKmW/fTUAUun1q4WpsUK6+NmpwEVfvxO3JRo/p84zejGyN7RBc+8/NL9w0AvFthM9hpcKgX7IMwdWGlIwC5n4Z2YDTBCZJE1j3sEg45LqlzWjyEHxxKB/EpXsQRcIwkt3ZjHkWxDenJ5gYTBFD17cK4ODD03+ijB0P8M5fpkjKBVWLr7UYwFArFuDm7VWS+umByGwCll
 g+TGnSh1
 MappxDFpCLWxV+TBc3ArT0zCXB8zl1nCPo9muco02brawPai/hsMcqbbWh58MNv8KcA9ryMoeEcw5YyyAywFbinJyGe7EVOt/54Y7ckfbZIc8QqHTiwrAT4wnL97DlyfW9ovkwQXUVIkeHbAGSAVRmYsHCADRN7soN4GYudmZsCrFPP1DcJ7Bf9jWDK04jdfL7TUtZfevuOorzkLmAz0X44lNAsalM2u2sRUuBa81pkStnzAdARxaK5IGML1yPZEipy+3ezkVWXtJwXGawOyTfNau3Svdiyog3NqcGvghtSm1w+oKv9jXFpzenu0b++yfcysKAhJis3Cmf6QRW90rJlO+/4Kdmw/BYXWh
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000051, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Tue, Jan 23, 2024 at 6:18=E2=80=AFAM Ryan Roberts <ryan.roberts@arm.com>=
 wrote:
>
> Commit c33c794828f2 ("mm: ptep_get() conversion") converted all
> (non-arch) call sites to use ptep_get() instead of doing a direct
> dereference of the pte. Full rationale can be found in that commit's
> log.
>
> Since then, UFFDIO_MOVE has been implemented which does 7 direct pte
> dereferences. Let's fix those up to use ptep_get().
>
> Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI")
> Signed-off-by: Ryan Roberts <ryan.roberts@arm.com>

Looks like it does convert all instances introduced by UFFDIO_MOVE
patch. Thanks!

Reviewed-by: Suren Baghdasaryan <surenb@google.com>

> ---
> Hi All,
>
> This applies on top of v6.8-rc1. I'm hoping this can be merged into the
> next rc.
>
> I've asserted in the past that there is no reliable automated mechanism
> to catch these; I'm relying on a combination of Coccinelle (which throws
> up a lot of false positives) and some compiler magic to force a compiler
> error on dereference. But given the frequency with which new issues are
> coming up, I'll add it to my todo list to try to find an automated
> solution.
>
> Thanks,
> Ryan
>
>  mm/userfaultfd.c | 14 +++++++-------
>  1 file changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c
> index 20e3b0d9cf7e..aaa7b9821342 100644
> --- a/mm/userfaultfd.c
> +++ b/mm/userfaultfd.c
> @@ -891,8 +891,8 @@ static int move_present_pte(struct mm_struct *mm,
>
>         double_pt_lock(dst_ptl, src_ptl);
>
> -       if (!pte_same(*src_pte, orig_src_pte) ||
> -           !pte_same(*dst_pte, orig_dst_pte)) {
> +       if (!pte_same(ptep_get(src_pte), orig_src_pte) ||
> +           !pte_same(ptep_get(dst_pte), orig_dst_pte)) {
>                 err =3D -EAGAIN;
>                 goto out;
>         }
> @@ -935,8 +935,8 @@ static int move_swap_pte(struct mm_struct *mm,
>
>         double_pt_lock(dst_ptl, src_ptl);
>
> -       if (!pte_same(*src_pte, orig_src_pte) ||
> -           !pte_same(*dst_pte, orig_dst_pte)) {
> +       if (!pte_same(ptep_get(src_pte), orig_src_pte) ||
> +           !pte_same(ptep_get(dst_pte), orig_dst_pte)) {
>                 double_pt_unlock(dst_ptl, src_ptl);
>                 return -EAGAIN;
>         }
> @@ -1005,7 +1005,7 @@ static int move_pages_pte(struct mm_struct *mm, pmd=
_t *dst_pmd, pmd_t *src_pmd,
>         }
>
>         spin_lock(dst_ptl);
> -       orig_dst_pte =3D *dst_pte;
> +       orig_dst_pte =3D ptep_get(dst_pte);
>         spin_unlock(dst_ptl);
>         if (!pte_none(orig_dst_pte)) {
>                 err =3D -EEXIST;
> @@ -1013,7 +1013,7 @@ static int move_pages_pte(struct mm_struct *mm, pmd=
_t *dst_pmd, pmd_t *src_pmd,
>         }
>
>         spin_lock(src_ptl);
> -       orig_src_pte =3D *src_pte;
> +       orig_src_pte =3D ptep_get(src_pte);
>         spin_unlock(src_ptl);
>         if (pte_none(orig_src_pte)) {
>                 if (!(mode & UFFDIO_MOVE_MODE_ALLOW_SRC_HOLES))
> @@ -1043,7 +1043,7 @@ static int move_pages_pte(struct mm_struct *mm, pmd=
_t *dst_pmd, pmd_t *src_pmd,
>                          * page isn't freed under us
>                          */
>                         spin_lock(src_ptl);
> -                       if (!pte_same(orig_src_pte, *src_pte)) {
> +                       if (!pte_same(orig_src_pte, ptep_get(src_pte))) {
>                                 spin_unlock(src_ptl);
>                                 err =3D -EAGAIN;
>                                 goto out;
> --
> 2.25.1
>