On Mon, May 8, 2023 at 4:37 PM David Hildenbrand <david@xxxxxxxxxx> wrote: > > On 09.05.23 01:21, Pasha Tatashin wrote: > >> For normal Kernel-MM operations, vm_normal_page() should be used to > >> get "struct page" based on vma+addr+pte combination, but > >> page_table_check does not use vma for its operation in order to > >> strengthen the verification of no invalid page sharing. But, even > > I'm not sure if that's the right approach for this case here, though. > > >> vm_normal_page() can cause access to the "struct page" for VM_PFNMAP > >> if pfn_valid(pfn) is true. So, vm_normal_page() can return a struct > >> page for a user mapped slab page. > > > > Only for !ARCH_HAS_PTE_SPECIAL case, otherwise NULL is returned. > > That would violate VM_PFNMAP semantics, though. I remember that there > was a trick to it. > > Assuming we map /dev/mem, what stops a page we mapped and determined to > be !anon to be freed and reused, such that we suddenly have an anon page > mappped? > > In that case, we really don't want to look at the "struct page" ever, no? Good point. page_table_check just does not work well /dev/mem. I am thinking of adding BUG_ON(PageSlab(page); and also "depends on !DEVMEM" for the PAGE_TABLE_CHECK config option. Pasha
