Linux s390 Architecture development
 help / color / mirror / Atom feed
From: Gerald Schaefer <gerald.schaefer@linux.ibm.com>
To: Oscar Salvador <osalvador@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Karsten Desler <kdesler@soohrt.org>,
	Muchun Song <muchun.song@linux.dev>,
	David Hildenbrand <david@kernel.org>,
	Lorenzo Stoakes <ljs@kernel.org>,
	Vlastimil Babka <vbabka@kernel.org>,
	"Liam R . Howlett" <liam@infradead.org>,
	Andreas Larsson <andreas@gaisler.com>,
	"David S . Miller" <davem@davemloft.net>,
	Huacai Chen <chenhuacai@kernel.org>,
	Alexander Gordeev <agordeev@linux.ibm.com>,
	linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	linux-s390@vger.kernel.org
Subject: Re: [PATCH 4/8] arch/s390: Stop special-casing hugetlb mappings in arch_get_unmapped_area
Date: Tue, 30 Jun 2026 19:10:09 +0200	[thread overview]
Message-ID: <20260630191009.048d94a0@thinkpad-T15> (raw)
In-Reply-To: <20260606035003.529685-5-osalvador@suse.de>

On Sat,  6 Jun 2026 05:49:59 +0200
Oscar Salvador <osalvador@suse.de> wrote:

> arch_get_unmapped_area* sets info.align_mask to make room for extra alignment,
> so that is added on top of the length we request in unmapped_area{_topdown}.
> hugetlb_get_unmapped_area() already adds this extra padding in the 'len'
> parameter, and it also masks off the address it gets to properly align it to
> the huge_page_size we are using.
> 
> So, stop special-casing hugetlb in arch_get_unmapped_area* functions.
> 
> Also, there is no need to worry about align_offset because that will be
> masked off back in hugetlb_get_unmapped_area().
> 
> Signed-off-by: Oscar Salvador <osalvador@suse.de>
> ---
>  arch/s390/mm/mmap.c | 9 ++-------
>  1 file changed, 2 insertions(+), 7 deletions(-)

With regard to the Critical finding for s390 in Sashiko review in
https://sashiko.dev/#/patchset/20260606035003.529685-1-osalvador@suse.de

Yes, I think crst_table_upgrade() could be skipped "If the original length
fits right below TASK_SIZE, but the inflated length pushes addr + len over
TASK_SIZE".

But subsequent page faults should then generate an ASCE-type exception,
killing the user space program, and not alias with lower virtual addresses
causing memory corruption.

Still, I wonder if we want an extra check for "addr + (inflated) len > TASK_SIZE"
in check_asce_limit(), or somewhere else.

This "inflated length" approach also seems to have other subtle impact for
other archs, according to Sashiko. Possibly resulting in failed mappings for
valid addresses and ranges. So some extra checking or retry logic might be
needed anyway.

           reply	other threads:[~2026-06-30 17:10 UTC|newest]

Thread overview: expand[flat|nested]  mbox.gz  Atom feed
 [parent not found: <20260606035003.529685-5-osalvador@suse.de>]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260630191009.048d94a0@thinkpad-T15 \
    --to=gerald.schaefer@linux.ibm.com \
    --cc=agordeev@linux.ibm.com \
    --cc=akpm@linux-foundation.org \
    --cc=andreas@gaisler.com \
    --cc=chenhuacai@kernel.org \
    --cc=dave.hansen@linux.intel.com \
    --cc=davem@davemloft.net \
    --cc=david@kernel.org \
    --cc=kdesler@soohrt.org \
    --cc=liam@infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-s390@vger.kernel.org \
    --cc=ljs@kernel.org \
    --cc=muchun.song@linux.dev \
    --cc=osalvador@suse.de \
    --cc=vbabka@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox