On 9/3/2024 9:12 PM, Kasireddy, Vivek wrote:
Hi Steve,
Subject: [PATCH V1 0/5] memfd-pin huge page fixes
Fix multiple bugs that occur when using memfd_pin_folios with hugetlb
pages
and THP. The hugetlb bugs only bite when the page is not yet faulted in
when memfd_pin_folios is called. The THP bug bites when the starting offset
passed to memfd_pin_folios is not huge page aligned. See the commit
messages
for details.
Thank you for fixing these bugs. I have Acked all patches except for patch #1,
as my understanding of xarrays is limited at this point.
Also, could you please briefly describe how you have exercised memfd_alloc_folio()
code path or what tests you have run to uncover these bugs? I'd like to
figure out ways to augment the list of udmabuf tests to validate scenarios
where hugetlb pages are not faulted in and memfd_pin_folios() is called.
I am extending iommufd to support memfd pinning, so I added a new ioctl which
takes an fd, offset, and length to pin. I am just getting started, so currently
it does nothing more than call memfd_pin_folios immediately followed by unpin_folios.
Then exit the process. That is sufficient to trigger all the bugs except the alloc
race panic. I tested with these files:
/dev/hugepages/file
/dev/shm/file with: mount -o remount,huge=always /dev/shm
memfd_create(MFD_HUGETLB)
memfd_create(0) with: echo always > /sys/kernel/mm/transparent_hugepage/shmem_enabled
- Steve
Steve Sistare (5):
mm/filemap: fix filemap_get_folios_contig THP panic
mm/hugetlb: fix memfd_pin_folios free_huge_pages leak
mm/hugetlb: fix memfd_pin_folios resv_huge_pages leak
mm/gup: fix memfd_pin_folios hugetlb page allocation
mm/gup: fix memfd_pin_folios alloc race panic
include/linux/hugetlb.h | 10 ++++++++++
mm/filemap.c | 4 ++++
mm/gup.c | 5 ++++-
mm/hugetlb.c | 17 +++++++++++++++++
mm/memfd.c | 15 +++++++++------
5 files changed, 44 insertions(+), 7 deletions(-)
--
1.8.3.1
