Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp366660img; Tue, 26 Feb 2019 01:14:48 -0800 (PST) X-Google-Smtp-Source: AHgI3Ib5GX/p9Il1gbABlorhVv0oq0+d2TtTwfl0XrLDQLC2dfp96BSBNAmjn+eSXtZNz+lIB2r/ X-Received: by 2002:a63:a11:: with SMTP id 17mr19673100pgk.310.1551172488398; Tue, 26 Feb 2019 01:14:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551172488; cv=none; d=google.com; s=arc-20160816; b=SEtG7RQ4hW/8Jt9isv8EGkvRIqAwJk7sYdlzGuTaN3KWrv4EocYInULIVTQ5t1Celf HerXiRTg8ANu0og3lF1l7o5Yl6HwCStCE2jcNbTcGEEMXUfJWBPydh5eHdKeP4rvya+H oWhUMVsHX8BdojBuetK+OEJ9q8wTQx/GxKkNOAZeeXUlpjCLvUj/RG7B7pyqb1vFxKPl /0AMvhk27v8kmJBjinL5aepYCfd5njkpVU/pk4u4lPmTCUEaHWxqlvOY79MiYGms6BHx yVRxtlGFCj5FnUz9z497LW6LVwFCseOeF+XXyCyehmVGRaFBQWX8h9+epD3J2TV5lUBQ ggsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=40aXNnKPO2K5rE4XgLrrm/LGc41r4UtUEgcE62scM/U=; b=AwdkzCIonlVMXo8jxdcrD13cnVShgJfEqugFMVUgHh37i73A00RCIV9gp0HcM5h07K QBqntdAQ00sFzPc9oBHjkh5akoARGVaGOSUt7SJrZQPOgJhHS8xpMGKpwUbtINDu9rUw vLYLXKVjL1H+0fqtr0eBt1P911lJYAIvVNSRChFLBPaPJ3RnkBGYgyJanDRzNrcTVWSD gp/YgRmNDvhTdVcjAjh1RSoa9APB8K+VtpY0WnCYB5B6KwfBXpBvw9eXALNYIFw1qFVe 6cVLitZUPE0hcJpvcDz7HPZhuM+pBXsj5cTPTPZ1cOrLbbZkenYq9FAh3kb2AMyg74O/ wXyw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 8si3119818pgq.591.2019.02.26.01.14.33; Tue, 26 Feb 2019 01:14:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727488AbfBZJNk (ORCPT + 99 others); Tue, 26 Feb 2019 04:13:40 -0500 Received: from smtp.nue.novell.com ([195.135.221.5]:36818 "EHLO smtp.nue.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725941AbfBZJNk (ORCPT ); Tue, 26 Feb 2019 04:13:40 -0500 Received: from emea4-mta.ukb.novell.com ([10.120.13.87]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Tue, 26 Feb 2019 10:13:38 +0100 Received: from d104.suse.de (nwb-a10-snat.microfocus.com [10.120.13.202]) by emea4-mta.ukb.novell.com with ESMTP (NOT encrypted); Tue, 26 Feb 2019 09:13:28 +0000 From: Oscar Salvador To: akpm@linux-foundation.org Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, hughd@google.com, kirill@shutemov.name, vbabka@suse.cz, joel@joelfernandes.org, jglisse@redhat.com, yang.shi@linux.alibaba.com, mgorman@techsingularity.net, Oscar Salvador Subject: [PATCH] mm,mremap: Bail out earlier in mremap_to under map pressure Date: Tue, 26 Feb 2019 10:13:14 +0100 Message-Id: <20190226091314.18446-1-osalvador@suse.de> X-Mailer: git-send-email 2.13.7 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When using mremap() syscall in addition to MREMAP_FIXED flag, mremap() calls mremap_to() which does the following: 1) unmaps the destination region where we are going to move the map 2) If the new region is going to be smaller, we unmap the last part of the old region Then, we will eventually call move_vma() to do the actual move. move_vma() checks whether we are at least 4 maps below max_map_count before going further, otherwise it bails out with -ENOMEM. The problem is that we might have already unmapped the vma's in steps 1) and 2), so it is not possible for userspace to figure out the state of the vma's after it gets -ENOMEM, and it gets tricky for userspace to clean up properly on error path. While it is true that we can return -ENOMEM for more reasons (e.g: see may_expand_vm() or move_page_tables()), I think that we can avoid this scenario in concret if we check early in mremap_to() if the operation has high chances to succeed map-wise. Should not be that the case, we can bail out before we even try to unmap anything, so we make sure the vma's are left untouched in case we are likely to be short of maps. The thumb-rule now is to rely on the worst-scenario case we can have. That is when both vma's (old region and new region) are going to be split in 3, so we get two more maps to the ones we already hold (one per each). If current map count + 2 maps still leads us to 4 maps below the threshold, we are going to pass the check in move_vma(). Of course, this is not free, as it might generate false positives when it is true that we are tight map-wise, but the unmap operation can release several vma's leading us to a good state. Another approach was also investigated [1], but it may be too much hassle for what it brings. [1] https://lore.kernel.org/lkml/20190219155320.tkfkwvqk53tfdojt@d104.suse.de/ Signed-off-by: Oscar Salvador Acked-by: Vlastimil Babka Acked-by: Kirill A. Shutemov --- mm/mremap.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/mm/mremap.c b/mm/mremap.c index 3320616ed93f..e3edef6b7a12 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -516,6 +516,23 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, if (addr + old_len > new_addr && new_addr + new_len > addr) goto out; + /* + * move_vma() need us to stay 4 maps below the threshold, otherwise + * it will bail out at the very beginning. + * That is a problem if we have already unmaped the regions here + * (new_addr, and old_addr), because userspace will not know the + * state of the vma's after it gets -ENOMEM. + * So, to avoid such scenario we can pre-compute if the whole + * operation has high chances to success map-wise. + * Worst-scenario case is when both vma's (new_addr and old_addr) get + * split in 3 before unmaping it. + * That means 2 more maps (1 for each) to the ones we already hold. + * Check whether current map count plus 2 still leads us to 4 maps below + * the threshold, otherwise return -ENOMEM here to be more safe. + */ + if ((mm->map_count + 2) >= sysctl_max_map_count - 3) + return -ENOMEM; + ret = do_munmap(mm, new_addr, new_len, uf_unmap_early); if (ret) goto out; -- 2.13.7