On Tue, Dec 7, 2021 at 7:05 PM Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Sat, 4 Dec 2021 18:23:13 +0000 Pasha Tatashin <pasha.tatashin@xxxxxxxxxx> wrote: > > > Check user page table entries at the time they are added and removed. > > > > Allows to synchronously catch memory corruption issues related to double > > mapping. > > > > When a pte for an anonymous page is added into page table, we verify that > > this pte does not already point to a file backed page, and vice versa if > > this is a file backed page that is being added we verify that this page > > does not have an anonymous mapping > > > > We also enforce that read-only sharing for anonymous pages is allowed > > (i.e. cow after fork). All other sharing must be for file pages. > > > > Page table check allows to protect and debug cases where "struct page" > > metadata became corrupted for some reason. For example, when refcnt or > > mapcount become invalid. > > > > ... > > > > --- a/arch/Kconfig > > +++ b/arch/Kconfig > > @@ -1307,6 +1307,9 @@ config HAVE_ARCH_PFN_VALID > > config ARCH_SUPPORTS_DEBUG_PAGEALLOC > > bool > > > > +config ARCH_SUPPORTS_PAGE_TABLE_CHECK > > + bool > > + > > I guess a dependency on CONFIG_DEBUG_VM would be appropriate? I do not think CONFIG_DEBUG_VM is needed here. We would like to have page table check enabled on some production machines to ensure there are no double mappings. With CONFIG_DEBUG_VM enabled that would not be possible. For example, CONFIG_PAGE_OWNER, also uses extended struct page entries and does not depend on CONFIG_DEBUG_VM Pasha
