* Lokesh Gidra <lokeshgidra@xxxxxxxxxx> [240213 06:25]: > On Mon, Feb 12, 2024 at 7:33 PM Liam R. Howlett <Liam.Howlett@xxxxxxxxxx> wrote: > > > > * Lokesh Gidra <lokeshgidra@xxxxxxxxxx> [240212 19:19]: > > > All userfaultfd operations, except write-protect, opportunistically use > > > per-vma locks to lock vmas. On failure, attempt again inside mmap_lock > > > critical section. > > > > > > Write-protect operation requires mmap_lock as it iterates over multiple > > > vmas. > > > > > > Signed-off-by: Lokesh Gidra <lokeshgidra@xxxxxxxxxx> > > > --- > > > fs/userfaultfd.c | 13 +- > > > include/linux/userfaultfd_k.h | 5 +- > > > mm/userfaultfd.c | 392 ++++++++++++++++++++++++++-------- > > > 3 files changed, 312 insertions(+), 98 deletions(-) > > > > > ... I just remembered an issue with the mmap tree that exists today that you needs to be accounted for in this change. If you hit a NULL VMA, you need to fall back to the mmap_lock() scenario today. This is a necessity to avoid a race of removal/replacement of a VMA in the mmap(MAP_FIXED) case. In this case, we munmap() prior to mmap()'ing an area - which means you could see a NULL when there never should have been a null. Although this would be exceedingly rare, you need to handle this case. Sorry I missed this earlier, Liam
