Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp410569ybi; Fri, 31 May 2019 03:31:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqwhi7xvLRXe0tWEauJ7Rie0vXBmJglK6IqfWo7niM9MvECGiYOWmJHasH94qaa8I4GB7JaN X-Received: by 2002:a17:90a:9303:: with SMTP id p3mr7913527pjo.23.1559298696755; Fri, 31 May 2019 03:31:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559298696; cv=none; d=google.com; s=arc-20160816; b=gODqF3+J/D7+HEdzm9Q2m0jAyF47sO84kyyyYO8OVinvK1UrBtAfje0uMrTnNO9+fI s6Lj+Wn9IyFWEkNr9A2OP8ZivfwCTZ5HbhbZqeas/dvHffw1GX9GscG6puBniunGQZFk TRWaqWPeQkjpoHLhSiequw/GprJK7cH2iPIdrlPDw6GN33r6RYK5Wv/HxkDABjgfpWvU /5JwLmsHsGGY7GYeQws5p2ItwzL7NneVn1anYVr5fB6gd92Z3EJrPpN8Kdhx7MMMIcXC fDtM/vIwsEJwXdfu1EA4CsrGX0qT8OP8ul2UtYDPb8sZWUs+cHu8MrqtuwwkHZEz9klm +H2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=vWqWKbrAXVr1vv0ljUZ6j7dXVWf1RBTgGsA5MBSNUDk=; b=ig6HxN7OxlJAcVsTbBJKo4s7d/Vg8aYPmmVvhOYOahngV9VbRmxnp/qVBA890wIWzC s2ZtkbkQP52J0/uthHAFUlN8UgHtxS96xz3DGCTxCI7wO9AQNswctQHlYPOIB14ytu1E Dz8hueAeZw2y0cg9M8uuqH162HPb5L4MamQjepL+0MN4e8PseEyNDTftC6umnz3Jgfdm gdvlCKeqDRZ0Xfgzm+aQ+CSw34HXg2aJBzcwOXMaCDeGxS55tYzwGw/yVV/vUTZw6S1z /I1mnhEXYpBj4CLU4ZDP38Wj+5nrr2FRJTGiGOZ6TQi8MYu6Ap/eVW0BHcM0z5hSEksR KYLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=IArgLlu8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o10si5307325plk.368.2019.05.31.03.31.18; Fri, 31 May 2019 03:31:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=IArgLlu8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727129AbfEaKaE (ORCPT + 99 others); Fri, 31 May 2019 06:30:04 -0400 Received: from mail-it1-f194.google.com ([209.85.166.194]:40155 "EHLO mail-it1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726233AbfEaKaC (ORCPT ); Fri, 31 May 2019 06:30:02 -0400 Received: by mail-it1-f194.google.com with SMTP id h11so14391970itf.5 for ; Fri, 31 May 2019 03:30:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vWqWKbrAXVr1vv0ljUZ6j7dXVWf1RBTgGsA5MBSNUDk=; b=IArgLlu8LmO7rxsbIzDBJH+C6i9e6ya0ROYBmaFB3kCW73c9o7/AAGRhMxxwj5BsQk LT8g8mNOZg3+RkmnjyD1jX2oHO8otMAFNYFmpJRNTieoM7JuWMEdIk/MH/wRlzLkzh3c wxgzLHTd2OMG9kAh3C65YbgKeePH/wCbNmtVgnKF2LvKD7mxHvppTesb2d3vctOKskrP zurQOU+5/Eyjwb5C6VbVvl7G6CF6Z2AOlfsbucyCTiWABaF/hxeIMVWaL/gDVZeLswZA oINW4QjBd65Ls/5rhMQfnSVwxOLVzI770l1bBLs3bBsugkPx7avPsn4xu5SYHrRe5J7W PKZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vWqWKbrAXVr1vv0ljUZ6j7dXVWf1RBTgGsA5MBSNUDk=; b=MJaxkKo16sHbt1YBBXSN9y2r4UmJNIEq7ggs3+6H9JI68kTxCy4idT8HSArCaUA8JF jj/4QPE2uTOsjOtbFNb9sB4ktGogHH4St3Ivp0udjFYdJnM758Qi4cK2TjV1FPPGPcRz B7LZcmxA3x7LC1JghfXuPa6+eqBqJsaG0ZiwJ5krd1zPU7nAhmb2fXMCr08ClT1vjld6 giQfGryfvGH9TCpzxPfbmxDNajxDl3WRwWcc/cUSjBcy//rD43OvhOA/CnbjkpYw0j0Q yXyUF3EAxcEULQ/vYRWes3+8t1ZNfw7TD1LNInzDXy2VRuGTp+3KZhJrcjSPSLJRn2Sd ZpKg== X-Gm-Message-State: APjAAAVh7JRc5S1db+eKgZEtHJvn9ypbdURX7tySndCg9PkQkqt5Kv7c Ykv+9UIG2khc/HKcc/rxcDrixpfLmy5+tdbQrw== X-Received: by 2002:a24:5095:: with SMTP id m143mr6363629itb.68.1559298601767; Fri, 31 May 2019 03:30:01 -0700 (PDT) MIME-Version: 1.0 References: <1559170444-3304-1-git-send-email-kernelfans@gmail.com> <20190530214726.GA14000@iweiny-DESK2.sc.intel.com> In-Reply-To: <20190530214726.GA14000@iweiny-DESK2.sc.intel.com> From: Pingfan Liu Date: Fri, 31 May 2019 18:29:50 +0800 Message-ID: Subject: Re: [PATCH] mm/gup: fix omission of check on FOLL_LONGTERM in get_user_pages_fast() To: Ira Weiny Cc: linux-mm@kvack.org, Andrew Morton , Mike Rapoport , Dan Williams , Matthew Wilcox , John Hubbard , "Aneesh Kumar K.V" , Keith Busch , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 31, 2019 at 5:46 AM Ira Weiny wrote: > > On Thu, May 30, 2019 at 06:54:04AM +0800, Pingfan Liu wrote: > > As for FOLL_LONGTERM, it is checked in the slow path > > __gup_longterm_unlocked(). But it is not checked in the fast path, which > > means a possible leak of CMA page to longterm pinned requirement through > > this crack. > > > > Place a check in the fast path. > > > > Signed-off-by: Pingfan Liu > > Cc: Ira Weiny > > Cc: Andrew Morton > > Cc: Mike Rapoport > > Cc: Dan Williams > > Cc: Matthew Wilcox > > Cc: John Hubbard > > Cc: "Aneesh Kumar K.V" > > Cc: Keith Busch > > Cc: linux-kernel@vger.kernel.org > > --- > > mm/gup.c | 12 ++++++++++++ > > 1 file changed, 12 insertions(+) > > > > diff --git a/mm/gup.c b/mm/gup.c > > index f173fcb..00feab3 100644 > > --- a/mm/gup.c > > +++ b/mm/gup.c > > @@ -2235,6 +2235,18 @@ int get_user_pages_fast(unsigned long start, int nr_pages, > > local_irq_enable(); > > ret = nr; > > } > > +#if defined(CONFIG_CMA) > > + if (unlikely(gup_flags & FOLL_LONGTERM)) { > > + int i, j; > > + > > + for (i = 0; i < nr; i++) > > + if (is_migrate_cma_page(pages[i])) { > > + for (j = i; j < nr; j++) > > + put_page(pages[j]); > > Should be put_user_page() now. For now that just calls put_page() but it is > slated to change soon. > Not aware of these changes. And get your point now. > I also wonder if this would be more efficient as a check as we are walking the > page tables and bail early. > > Perhaps the code complexity is not worth it? > Yes. That will spread such logic in huge page and normal page. > > + nr = i; > > Why not just break from the loop here? > A mistake. Thanks, Pingfan > Or better yet just use 'i' in the inner loop... > > Ira > > > + } > > + } > > +#endif > > > > if (nr < nr_pages) { > > /* Try to get the remaining pages with get_user_pages */ > > -- > > 2.7.5 > >