Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1533359imm; Wed, 10 Oct 2018 16:46:32 -0700 (PDT) X-Google-Smtp-Source: ACcGV60dYuxJzG44sRn7v8UE6MYBNO2ejJtR7NpfjVgnAUM7cA79aaXU7JxZyaW3KFza9rB//UvU X-Received: by 2002:a17:902:f01:: with SMTP id 1-v6mr34968934ply.8.1539215192383; Wed, 10 Oct 2018 16:46:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539215192; cv=none; d=google.com; s=arc-20160816; b=JNvGsxCBtu/OcqbX4disFIHbSFHcPR9AndIthIH0hOEbcbbdtg68a+Fs68JF3LeNB5 BOG/Mi2J8AfK+V1HHwJfrryrKD+NXWNeXEFSHn0vaxwPwJ7/aNXzblB0OorfKHyRPO/P 5RaEVmR5IDUeO/7RJsCWN7ZOSsuCI8+bWXFI0PMdNrYDMo8bj9wgsKR3kPpi77+SgTc3 pIHuR+K6nsTuUE3z5Q4I0n0ELjhfTzpPsKD9ZSmWugb7vZbvnWV8GghsaBs9ZhhxZz2n ZWs1/VsnA2BFjLFrL6P/YzDrDXb9S6AQc0kBWSXYGQF0fe+S+P0UUqp5VLM5Gc/m/jmX ds7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=jfG1KVIhKHs4hr4BXA4PvlOfjNJv6dfPoy+lsOmYTZM=; b=eW3yUwpttBQzib9ev7Oga9Q0RNozl0E0bxP5OoeR33z7NVktQwWbacUHSlUDRYNZe+ yNPcOzqxjlkf3El5KKw4LIfkidCHGamgzcGVYSOn03o++DT/ZQn1MVb+IKnnhdoLYDsV qHvhggxbNlSGMBfFFdnVqj7tNURv4qAjqoqQQiX7xOYa26KzjpMGy8ydH6IfVK4jMCpx KDzZr1zbwW1fxC62TbnAfClONsDfIbmEi6A7X+ctjDtBdFU/WYnFAIUmmAdrv0gNHSa9 U3Ba85gpaB5xDr46m3RWTGKXVbNLe3BsFDehmciRF97RIAHG2wNuVXUN4twVprCnhf+w 2Uxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d10-v6si30726858pln.68.2018.10.10.16.46.16; Wed, 10 Oct 2018 16:46:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726220AbeJKHKL (ORCPT + 99 others); Thu, 11 Oct 2018 03:10:11 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:54186 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725968AbeJKHKL (ORCPT ); Thu, 11 Oct 2018 03:10:11 -0400 Received: from localhost.localdomain (c-24-4-154-175.hsd1.ca.comcast.net [24.4.154.175]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 1A1CCB5D; Wed, 10 Oct 2018 23:45:42 +0000 (UTC) Date: Wed, 10 Oct 2018 16:45:41 -0700 From: Andrew Morton To: John Hubbard Cc: , Matthew Wilcox , Michal Hocko , Christopher Lameter , Jason Gunthorpe , Dan Williams , Jan Kara , , LKML , linux-rdma , , Al Viro , Jerome Glisse , Christoph Hellwig , Ralph Campbell Subject: Re: [PATCH v4 2/3] mm: introduce put_user_page*(), placeholder versions Message-Id: <20181010164541.ec4bf53f5a9e4ba6e5b52a21@linux-foundation.org> In-Reply-To: <5198a797-fa34-c859-ff9d-568834a85a83@nvidia.com> References: <20181008211623.30796-1-jhubbard@nvidia.com> <20181008211623.30796-3-jhubbard@nvidia.com> <20181008171442.d3b3a1ea07d56c26d813a11e@linux-foundation.org> <5198a797-fa34-c859-ff9d-568834a85a83@nvidia.com> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 9 Oct 2018 17:42:09 -0700 John Hubbard wrote: > > Also, maintainability. What happens if someone now uses put_page() by > > mistake? Kernel fails in some mysterious fashion? How can we prevent > > this from occurring as code evolves? Is there a cheap way of detecting > > this bug at runtime? > > > > It might be possible to do a few run-time checks, such as "does page that came > back to put_user_page() have the correct flags?", but it's harder (without > having a dedicated page flag) to detect the other direction: "did someone page > in a get_user_pages page, to put_page?" > > As Jan said in his reply, converting get_user_pages (and put_user_page) to > work with a new data type that wraps struct pages, would solve it, but that's > an awfully large change. Still...given how much of a mess this can turn into > if it's wrong, I wonder if it's worth it--maybe? This is a real worry. If someone uses a mistaken put_page() then how will that bug manifest at runtime? Under what set of circumstances will the kernel trigger the bug? (btw, please cc me on all patches, not just [0/n]!)