From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 855A9C47DD9 for ; Fri, 23 Feb 2024 00:36:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A7D256B00B3; Thu, 22 Feb 2024 19:36:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A2DA36B00C9; Thu, 22 Feb 2024 19:36:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6F9276B00CA; Thu, 22 Feb 2024 19:36:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 5DC6D6B00B3 for ; Thu, 22 Feb 2024 19:36:10 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id D7BE71A0FED for ; Fri, 23 Feb 2024 00:36:09 +0000 (UTC) X-FDA: 81821201658.06.E4E61E0 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf08.hostedemail.com (Postfix) with ESMTP id 358BE160007 for ; Fri, 23 Feb 2024 00:36:04 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=vx0lAI9O; spf=none (imf08.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708648568; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Jjp0B9J5MnbOQoNMfaQog5UT9Wod0mD1lECH/WlLFiA=; b=cjTeCPu4jeCK7tGRAanGDCyxwFBnnbKpv4tRxcwA9KFxex/C1Xx8xiugjviQ38iysfKaQQ vD838++1ydGdKQ3xaKXoHRjmP4pBTEAS+lSztu2FNbPYotS0ehLPvAh+1Z6ihspzST8sin KsmpWcmENF2k/WEthB/6k1sSGk08cSA= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1708648568; a=rsa-sha256; cv=none; b=8iyYqUWVW8lJMcJME3J6F8aZH4n71gnvGCj4aJYnO6mB7vMpicaGJKgP+85PRfdtg4e6Bg FLfIInc1Y9AW0QcYks4fkuptZJ7eP7u/7/BKuJTYh6XWfrvPEI7s/z+Tx4TYARz0UKEms6 N3Bbs7srtzQZWgsT72JFTvNHd1F2p8Y= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=vx0lAI9O; spf=none (imf08.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org; dmarc=none DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Jjp0B9J5MnbOQoNMfaQog5UT9Wod0mD1lECH/WlLFiA=; b=vx0lAI9OP3zaj26NbO7YK2kxuL rxq6qOocccU9w2yUa/5HMJoRpmtWfr+tBtPwB+CGJECRTiFCjdwO5xc5UdSmb972zkdu7BjD+uqC5 ubiywajEuHOhv+hTCpDNgKXvOFPOegHcx3eRaKYh0dYMiRr3sKWWbb8Tcxj/kjKgeZAVrAS37kNCX 4XJgXKFYPlIOre4tzu+X3ZDzObpdTyMo+OiTSRoAwIFiQuempCYRJ0SD+navq/qnVcArmH06rzeed 1K6vfCbFRmKdh5tUX6xlnrSqGHaBX5Y4ZjeoAnodqK5ny8r16TpruMlihybbAJDlbb6QhIETbTUAl /tcoXSJg==; Received: from willy by casper.infradead.org with local (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJX5-00000005CET-0p6c; Fri, 23 Feb 2024 00:35:19 +0000 Date: Fri, 23 Feb 2024 00:35:19 +0000 From: Matthew Wilcox To: Fuad Tabba , kvm@vger.kernel.org, kvmarm@lists.linux.dev, pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com Cc: linux-mm@kvack.org Subject: folio_mmapped Message-ID: References: <20240222161047.402609-1-tabba@google.com> <20240222141602976-0800.eberman@hu-eberman-lv.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240222141602976-0800.eberman@hu-eberman-lv.qualcomm.com> X-Rspamd-Queue-Id: 358BE160007 X-Rspam-User: X-Stat-Signature: qtbryem5budrq6uf3xpw666yoqrp4ykg X-Rspamd-Server: rspam03 X-HE-Tag: 1708648563-413662 X-HE-Meta: U2FsdGVkX1/TRbs8v5WUKbo23ydlH6vZcDtn8DWdZv3WsP1cMxsz/YnOlajVLi9L+Y7Q5ps5bvCDXkj9wtvbhHPW0JV5NqKDv3DnInA4wRt5CtaZ2M6mZ4lMhyc7mRhj34Mu0vd2aOQtbzBVD4VS6YgnIZc0AdFiEAw8fNPwt4mJ37zqaehuWHzcsFnlRUnd7+60rbm6sWoN5yTKdL66YAZxAiJAJ3nNDOU0clcA8wuKuRTZE54EjjqIKiOg4yEELpP+jFHrirYWlj58QmJCykIeAhku4qYzeuWRQtREE+fODGOMBLnBd33VZ3cRQOHptim0irUHqSIz5SkyYHEngCfC+bsfFFMYjk3Wx9aUBzHOzSgApKMYME6pgd+juTEHdcMgH6NLCNbGmvgjNXopcq/oc8TcKJes7YBk6FvSjoGvImz8X2K44/zAVfd/0yph4YfT+H0YqQlqLPBHOfnGaCZyTzBCQQXmYcSPLOTs1ZW6D24hAouFi4I2ls3zHTFrnn4AULZFAqz9iK5vaB7PaigyItobv8n89bVksYLnQZgTOHWWzIpM/mb5MXMno8dl8MRW+K9tXh+LYzegR+WHMAXvD/ZwhatZ1eyg94LaFYFy4Ot4Hq/idjj8uIR5fQaeV248EGnacvc5K2KlanbpdZJjIfWu4w+nV9b2OHWMGf7ObpPMG/sViDJa2Ugyz3AJnFK9xFTdnGVTdKJ9LPt3Z5qBC66KdKizdvM7syk8+8qt2tjlYKW1YstaOAayzu2ZThILHToV52vOgy69IS9IRcgjfFAVU/bCG8Pu+5fMUFTbWrLkMPxqAB9MpbX78bqTGSdzxLnAbxtNfEunU1fGI7J9Vur89gEjriLc3MkqHqBG0r4fR4KNOBgjzO33Sq9uJtm6pyWZE+NFuussD+aDawWtL2YGHTEXIWp8BXkculG21QCHzVuj2UNgpxvAL9m+eNqeAFnEshJlXf5qpBx OBvumQXP 6QFF5KDlLhwhopoptVcmoQWWwPlogvfRP5A4KL3L0rGoUaFN19ZCXtMWah7EgKWGdvzhbu99YZ0ufBNkdH8v9tIyUEifj04Bg1f1BmR1+r7V/tnKYqfpPDTYYe1darQft1+Gd2VblH2JBlbiMv8YwnM/20f72FhhU1u2rBTe5oqnJNzYdi1Z3kHq6083x7uOZ1/eSaXsu8tvpUu/HFBa7nmPIcfp4+uBVucAmh6OIOZl0wDAwF28y+AAD1L4m/62R2tzP1M5bSYYcyOUUFRQ6gc7l2RXR/C6ouHl6I6Wt0YBGbhBBLaRMqOh2sqGpiFuT2OoxZm/hH5OqbP3VUF7dI2jhIMrdcFQYH4PDmYN9sEWFzcxYTvOZDBNghQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Feb 22, 2024 at 03:43:56PM -0800, Elliot Berman wrote: > > This creates the situation where access to successfully mmap()'d > > memory might SIGBUS at page fault. There is precedence for > > similar behavior in the kernel I believe, with MADV_HWPOISON and > > the hugetlbfs cgroups controller, which could SIGBUS at page > > fault time depending on the accounting limit. > > I added a test: folio_mmapped() [1] which checks if there's a vma > covering the corresponding offset into the guest_memfd. I use this > test before trying to make page private to guest and I've been able to > ensure that userspace can't even mmap() private guest memory. If I try > to make memory private, I can test that it's not mmapped and not allow > memory to become private. In my testing so far, this is enough to > prevent SIGBUS from happening. > > This test probably should be moved outside Gunyah specific code, and was > looking for maintainer to suggest the right home for it :) > > [1]: https://lore.kernel.org/all/20240222-gunyah-v17-20-1e9da6763d38@quicinc.com/ You, um, might have wanted to send an email to linux-mm, not bury it in the middle of a series of 35 patches? So this isn't folio_mapped() because you're interested if anyone _could_ fault this page, not whether the folio is currently present in anyone's page tables. It's like walk_page_mapping() but with a trivial mm_walk_ops; not sure it's worth the effort to use walk_page_mapping(), but I would defer to David.