Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3912084pxf;
        Mon, 29 Mar 2021 15:20:36 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyxXebMtvk8q0ltaSixK7lPW+PDa7tATxErSAdb0XBBKSF1gPPaDMzy5nEynSKIbquBaAe4
X-Received: by 2002:a17:907:778d:: with SMTP id ky13mr30634462ejc.291.1617056436201;
        Mon, 29 Mar 2021 15:20:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1617056436; cv=none;
        d=google.com; s=arc-20160816;
        b=LyUiycABbJSvI5NWKGG+aqPcDU124kYw6cU80i+4VoSb1f/Jd2/Jodl14tcYVcAkOX
         6TtxgV2/c38ybg7TIK5Xb6mi9RA594vwDMdw8TdXeEoD8c3D9ZJFAJyB599y7/aiYMbI
         9obe0tDNVXH2MrhPl+tW2IB4sD4turpAYBCD0WYXRizgndMqZH4R0658Orj8OO/nyL35
         6Qm9tJENEww8+Xk/m3IIcFfBpK1ooL2w3Maawtz64fg9yj0rhwkzhc8toOzGOLwxWwm8
         ZfYBFruN+yVWEDhU5Qhn3Du70LO9UVrH3eaVa7gLPydFAElg0EOUVQobYEy58eRez5H3
         6B+g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=J8n2ApTDe4gB8TGr/cPQrTmoB7FExgwYwSEYb/uNSiE=;
        b=H1zcVcv0bxsg4hap4aj780QAC7B1UDuuNGoaRfDNShsFnYXIcuXSBfka4xLqPVlNLk
         OxAzy+LMo9hc5uEDflkAWPUIkPosA/8uvHg/TOIZHgYUDn1w3GgVh/aoY9OrZIOUBdop
         9Z7BBsLyfvtq1vdcZIYxRw2Tds23fk7YNAsmrTTDzrJzss6sqMyLX6qC2NVwQoLF/NDN
         lkwMa+8cDedTj5LVPBCpTqDYMRssEt33sxKalx56nhaQoXpLTK+mrdkHQTyMFHTJXoch
         HPhPDrR9yCXVaQAoQ16irCYyztzzHRn9e9YpIHVS/U/Y/dsLh7Mu97joNgpvlfeYrfbb
         78Gw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Yx7BdnrC;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m5si14002043ejn.599.2021.03.29.15.20.13;
        Mon, 29 Mar 2021 15:20:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Yx7BdnrC;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231737AbhC2WTH (ORCPT <rfc822;mahathug.lkml@gmail.com>
        + 99 others); Mon, 29 Mar 2021 18:19:07 -0400
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:42435 "EHLO
        us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S231543AbhC2WSn (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Mar 2021 18:18:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1617056322;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=J8n2ApTDe4gB8TGr/cPQrTmoB7FExgwYwSEYb/uNSiE=;
        b=Yx7BdnrC7RKYv2ZCNSCFge8wEKO+a11AkUvGvdJU74eSsfmKs1r6HctRqXaDLOgqbFN62T
        5mkhurApsTicIsfdolVWMe0a78Y9SmFu04kuoa2y9IiXxwla9u270grDEsV8U7o+nFxiEo
        u8cbDcptnymmJ2qSrBByHJQ3vOfoFlk=
Received: from mail-qk1-f197.google.com (mail-qk1-f197.google.com
 [209.85.222.197]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-288-iEeIHj6UNAWIMjwPROjGLw-1; Mon, 29 Mar 2021 18:18:40 -0400
X-MC-Unique: iEeIHj6UNAWIMjwPROjGLw-1
Received: by mail-qk1-f197.google.com with SMTP id k68so13220788qke.2
        for <linux-kernel@vger.kernel.org>; Mon, 29 Mar 2021 15:18:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=J8n2ApTDe4gB8TGr/cPQrTmoB7FExgwYwSEYb/uNSiE=;
        b=Hny4Jb9EAU7usKOubSifTozjHwhfRTHHJeijA9KWy85mQk73AdMf9HcxSyJZay4b9q
         imqwHY1SfqAJQsu6Uj2jkim7pRZTNDoe852jSjwd3Lulg/OfoppsQG54Jr24CbO4S61P
         gsUrPZxM77UIWJYhMeu3YamL1Z2GPLYryQToD776GU9hVIEOsMPB1hzhCZotGrxEkXe0
         teF9M9OoLtovMJf4pKHqtKPOskY7QSmHTPIYCaFI2t3NC+pCRjZhePbEbGrrYaIiC9iI
         bMTt+Zz53iXCADClZXjyGDPBkK5lNXMvmi8zRteZS+hnZIXH70qfUtlvKFXcQH82tZGd
         IWgA==
X-Gm-Message-State: AOAM533wBNRIywrInb0TRSBC8XaJWJLoDIkCeMGMn3k6yFoSrPgx3wvb
        hN7KsnGuE1YlVoDHyH0RN6K2SVub5QBkZTemh2SM1mi2aM1lulYEOCEUO8RY4yPZXO32l8putKp
        Vd+Xmplqx0lJ0fOw2VPMRbPs4
X-Received: by 2002:ac8:4799:: with SMTP id k25mr5954520qtq.319.1617056320252;
        Mon, 29 Mar 2021 15:18:40 -0700 (PDT)
X-Received: by 2002:ac8:4799:: with SMTP id k25mr5954493qtq.319.1617056319943;
        Mon, 29 Mar 2021 15:18:39 -0700 (PDT)
Received: from xz-x1.redhat.com (bras-base-toroon474qw-grc-82-174-91-135-175.dsl.bell.ca. [174.91.135.175])
        by smtp.gmail.com with ESMTPSA id i17sm12255215qtr.33.2021.03.29.15.18.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 29 Mar 2021 15:18:39 -0700 (PDT)
From:   Peter Xu <peterx@redhat.com>
To:     linux-mm@kvack.org, linux-kernel@vger.kernel.org,
        linux-man@vger.kernel.org
Cc:     Axel Rasmussen <axelrasmussen@google.com>, peterx@redhat.com,
        Nadav Amit <nadav.amit@gmail.com>,
        Mike Rapoport <rppt@linux.vnet.ibm.com>,
        Alejandro Colomar <alx.manpages@gmail.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Michael Kerrisk <mtk.manpages@gmail.com>,
        Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH v5 2/4] userfaultfd.2: Add write-protect mode
Date:   Mon, 29 Mar 2021 18:18:31 -0400
Message-Id: <20210329221833.517923-3-peterx@redhat.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20210329221833.517923-1-peterx@redhat.com>
References: <20210329221833.517923-1-peterx@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Write-protect mode is supported starting from Linux 5.7.

Acked-by: Mike Rapoport <rppt@linux.vnet.ibm.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
 man2/userfaultfd.2 | 108 +++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 104 insertions(+), 4 deletions(-)

diff --git a/man2/userfaultfd.2 b/man2/userfaultfd.2
index 5c41e4816..474294c3d 100644
--- a/man2/userfaultfd.2
+++ b/man2/userfaultfd.2
@@ -78,6 +78,32 @@ all memory ranges that were registered with the object are unregistered
 and unread events are flushed.
 .\"
 .PP
+Userfaultfd supports two modes of registration:
+.TP
+.BR UFFDIO_REGISTER_MODE_MISSING " (since 4.10)"
+When registered with
+.B UFFDIO_REGISTER_MODE_MISSING
+mode, the userspace will receive a page fault message
+when a missing page is accessed.
+The faulted thread will be stopped from execution until the page fault is
+resolved from the userspace by either an
+.B UFFDIO_COPY
+or an
+.B UFFDIO_ZEROPAGE
+ioctl.
+.TP
+.BR UFFDIO_REGISTER_MODE_WP " (since 5.7)"
+When registered with
+.B UFFDIO_REGISTER_MODE_WP
+mode, the userspace will receive a page fault message
+when a write-protected page is written.
+The faulted thread will be stopped from execution
+until the userspace write-unprotect the page using an
+.B UFFDIO_WRITEPROTECT
+ioctl.
+.PP
+Multiple modes can be enabled at the same time for the same memory range.
+.PP
 Since Linux 4.14, userfaultfd page fault message can selectively embed faulting
 thread ID information into the fault message.
 One needs to enable this feature explicitly using the
@@ -107,7 +133,7 @@ the process that monitors userfaultfd and handles page faults
 needs to be aware of the changes in the virtual memory layout
 of the faulting process to avoid memory corruption.
 .PP
-Starting from Linux 4.11,
+Since Linux 4.11,
 userfaultfd can also notify the fault-handling threads about changes
 in the virtual memory layout of the faulting process.
 In addition, if the faulting process invokes
@@ -144,6 +170,17 @@ single threaded non-cooperative userfaultfd manager implementations.
 .\" and limitations remaining in 4.11
 .\" Maybe it's worth adding a dedicated sub-section...
 .\"
+.PP
+Since Linux 5.7, userfaultfd is able to do
+synchronous page dirty tracking using the new write-protect register mode.
+One should check against the feature bit
+.B UFFD_FEATURE_PAGEFAULT_FLAG_WP
+before using this feature.
+Similar to the original userfaultfd missing mode, the write-protect mode will
+generate an userfaultfd message when the protected page is written.
+The user needs to resolve the page fault by unprotecting the faulted page and
+kick the faulted thread to continue.
+For more information, please refer to "Userfaultfd write-protect mode" section.
 .SS Userfaultfd operation
 After the userfaultfd object is created with
 .BR userfaultfd (),
@@ -179,7 +216,7 @@ or
 .BR ioctl (2)
 operations to resolve the page fault.
 .PP
-Starting from Linux 4.14, if the application sets the
+Since Linux 4.14, if the application sets the
 .B UFFD_FEATURE_SIGBUS
 feature bit using the
 .B UFFDIO_API
@@ -219,6 +256,65 @@ userfaultfd can be used only with anonymous private memory mappings.
 Since Linux 4.11,
 userfaultfd can be also used with hugetlbfs and shared memory mappings.
 .\"
+.SS Userfaultfd write-protect mode (since 5.7)
+Since Linux 5.7, userfaultfd supports write-protect mode.
+The user needs to first check availability of this feature using
+.B UFFDIO_API
+ioctl against the feature bit
+.B UFFD_FEATURE_PAGEFAULT_FLAG_WP
+before using this feature.
+.PP
+To register with userfaultfd write-protect mode, the user needs to initiate the
+.B UFFDIO_REGISTER
+ioctl with mode
+.B UFFDIO_REGISTER_MODE_WP
+set.
+Note that it's legal to monitor the same memory range with multiple modes.
+For example, the user can do
+.B UFFDIO_REGISTER
+with the mode set to
+.BR "UFFDIO_REGISTER_MODE_MISSING | UFFDIO_REGISTER_MODE_WP" .
+When there is only
+.B UFFDIO_REGISTER_MODE_WP
+registered, the userspace will
+.I not
+receive any message when a missing page is written.
+Instead, the userspace will only receive a write-protect page fault message
+when an existing but write-protected page got written.
+.PP
+After the
+.B UFFDIO_REGISTER
+ioctl completed with
+.B UFFDIO_REGISTER_MODE_WP
+mode set,
+the user can write-protect any existing memory within the range using the ioctl
+.B UFFDIO_WRITEPROTECT
+where
+.I uffdio_writeprotect.mode
+should be set to
+.BR UFFDIO_WRITEPROTECT_MODE_WP .
+.PP
+When a write-protect event happens,
+the userspace will receive a page fault message whose
+.I uffd_msg.pagefault.flags
+will be with
+.B UFFD_PAGEFAULT_FLAG_WP
+flag set.
+Note: since only writes can trigger such kind of fault,
+write-protect messages will always be with
+.B UFFD_PAGEFAULT_FLAG_WRITE
+bit set too along with bit
+.BR UFFD_PAGEFAULT_FLAG_WP .
+.PP
+To resolve a write-protection page fault, the user should initiate another
+.B UFFDIO_WRITEPROTECT
+ioctl, whose
+.I uffd_msg.pagefault.flags
+should have the flag
+.B UFFDIO_WRITEPROTECT_MODE_WP
+cleared upon the faulted page or range.
+.PP
+Write-protect mode only supports private anonymous memory.
 .SS Reading from the userfaultfd structure
 Each
 .BR read (2)
@@ -364,8 +460,12 @@ flag (see
 .BR ioctl_userfaultfd (2))
 and this flag is set, this a write fault;
 otherwise it is a read fault.
-.\"
-.\" UFFD_PAGEFAULT_FLAG_WP is not yet supported.
+.TP
+.B UFFD_PAGEFAULT_FLAG_WP
+If the address is in a range that was registered with the
+.B UFFDIO_REGISTER_MODE_WP
+flag, when this bit is set it means it's a write-protect fault.
+Otherwise it's a page missing fault.
 .RE
 .TP
 .I pagefault.feat.pid
-- 
2.26.2