On 2/7/22 23:36, Muchun Song wrote:
> The userfaultfd calls copy_huge_page_from_user() which does not do
> any cache flushing for the target page. Then the target page will
> be mapped to the user space with a different address (user address),
> which might have an alias issue with the kernel address used to copy
> the data from the user to. Fix this issue by flushing dcache in
> copy_huge_page_from_user().
Quick question.
Should this also be done for the non-hugetlb case? Take a look at the
routines __mcopy_atomic() and mcopy_atomic_pte(). Or, is that somehow
handled?
For this change,
Reviewed-by: Mike Kravetz <mike.kravetz@xxxxxxxxxx>
--
Mike Kravetz
>
> Fixes: fa4d75c1de13 ("userfaultfd: hugetlbfs: add copy_huge_page_from_user for hugetlb userfaultfd support")
> Signed-off-by: Muchun Song <songmuchun@xxxxxxxxxxxxx>
> ---
> mm/memory.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/mm/memory.c b/mm/memory.c
> index e8ce066be5f2..eb027da68aa7 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -5405,6 +5405,8 @@ long copy_huge_page_from_user(struct page *dst_page,
> if (rc)
> break;
>
> + flush_dcache_page(subpage);
> +
> cond_resched();
> }
> return ret_val;
