From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Peter Xu <peterx@redhat.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
"Liam R . Howlett" <Liam.Howlett@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>, Jann Horn <jannh@google.com>,
Pedro Falcato <pfalcato@suse.de>, Rik van Riel <riel@surriel.com>,
linux-mm@kvack.org, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org
Subject: Re: [PATCH v3 09/10] mm/mremap: permit mremap() move of multiple VMAs
Date: Wed, 16 Jul 2025 20:36:24 +0100 [thread overview]
Message-ID: <4fbf4271-6ab9-49c0-b30f-c8716bf19f09@lucifer.local> (raw)
In-Reply-To: <8f41e72b0543953d277e96d5e67a52f287cdbac3.1752232673.git.lorenzo.stoakes@oracle.com>
Hi Andrew,
Just a quick fix to address issues raised by syzkaller. I removed this code
previously based on misinterpreting review feedback as indicating that I
could do so...
In any case I have tested this against the repro (a well-placed RCU barrier
causes reliable repro it turns out) and confirmed it fixes the issue.
Thanks, Lorenzo
----8<----
From 4e07d53c6627af21847752ec71f5ecd00afab03b Mon Sep 17 00:00:00 2001
From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Date: Wed, 16 Jul 2025 20:29:54 +0100
Subject: [PATCH] mm/mremap: reset VMI on unmap
Any separate VMA iterator may become invalidated when VMAs are unmapped at
nodes in proximity to the current position of the iterator.
Therefore, reset the iterator at each point where this occurs on a mremap
move.
Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
---
mm/mremap.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/mremap.c b/mm/mremap.c
index 7a2e7022139a..15cbd41515ed 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -1113,6 +1113,7 @@ static void unmap_source_vma(struct vma_remap_struct *vrm)
err = do_vmi_munmap(&vmi, mm, addr, len, vrm->uf_unmap, /* unlock= */false);
vrm->vma = NULL; /* Invalidated. */
+ vrm->vmi_needs_reset = true;
if (err) {
/* OOM: unable to split vma, just get accounts right */
vm_acct_memory(len >> PAGE_SHIFT);
@@ -1367,6 +1368,7 @@ static unsigned long mremap_to(struct vma_remap_struct *vrm)
err = do_munmap(mm, vrm->new_addr, vrm->new_len,
vrm->uf_unmap_early);
vrm->vma = NULL; /* Invalidated. */
+ vrm->vmi_needs_reset = true;
if (err)
return err;
--
2.50.1
next prev parent reply other threads:[~2025-07-16 19:37 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-11 11:38 [PATCH v3 00/10] mm/mremap: permit mremap() move of multiple VMAs Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 01/10] mm/mremap: perform some simple cleanups Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 02/10] mm/mremap: refactor initial parameter sanity checks Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 03/10] mm/mremap: put VMA check and prep logic into helper function Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 04/10] mm/mremap: cleanup post-processing stage of mremap Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 05/10] mm/mremap: use an explicit uffd failure path for mremap Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 06/10] mm/mremap: check remap conditions earlier Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 07/10] mm/mremap: move remap_is_valid() into check_prep_vma() Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 08/10] mm/mremap: clean up mlock populate behaviour Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 09/10] mm/mremap: permit mremap() move of multiple VMAs Lorenzo Stoakes
2025-07-11 13:34 ` Vlastimil Babka
2025-07-11 13:49 ` Lorenzo Stoakes
2025-07-11 14:14 ` Lorenzo Stoakes
2025-07-16 19:36 ` Lorenzo Stoakes [this message]
2025-07-25 17:11 ` Jann Horn
2025-07-25 17:27 ` Lorenzo Stoakes
2025-07-25 19:10 ` Jann Horn
2025-07-25 19:59 ` Lorenzo Stoakes
2025-07-11 11:38 ` [PATCH v3 10/10] tools/testing/selftests: extend mremap_test to test multi-VMA mremap Lorenzo Stoakes
2025-07-11 13:45 ` [PATCH v3 00/10] mm/mremap: permit mremap() move of multiple VMAs Lorenzo Stoakes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4fbf4271-6ab9-49c0-b30f-c8716bf19f09@lucifer.local \
--to=lorenzo.stoakes@oracle.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=brauner@kernel.org \
--cc=jack@suse.cz \
--cc=jannh@google.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=peterx@redhat.com \
--cc=pfalcato@suse.de \
--cc=riel@surriel.com \
--cc=vbabka@suse.cz \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).