Re: [PATCH v1] mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02.03.23 23:29, Peter Xu wrote:
On Thu, Mar 02, 2023 at 06:54:23PM +0100, David Hildenbrand wrote:
Currently, we'd lose the userfaultfd-wp marker when PTE-mapping a huge
zeropage, resulting in the next write faults in the PMD range
not triggering uffd-wp events.

Various actions (partial MADV_DONTNEED, partial mremap, partial munmap,
partial mprotect) could trigger this. However, most importantly,
un-protecting a single sub-page from the userfaultfd-wp handler when
processing a uffd-wp event will PTE-map the shared huge zeropage and
lose the uffd-wp bit for the remainder of the PMD.

Let's properly propagate the uffd-wp bit to the PMDs.

Ouch.. I thought this was reported once, probably it fell through the
cracks.

Yes, I reported it a while ago, but our understanding back then was that primarily MADV_DONTNEED would trigger it (which my reproducer back then did), and e.g., QEMU would make sure to not have concurrent MADV_DONTNEED while doing background snapshots.

I realized only yesterday when retesting my patch that that a simple unprotect is already sufficient to mess it up.


Acked-by: Peter Xu <peterx@xxxxxxxxxx>

Thanks!

--
Thanks,

David / dhildenb





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux