Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp1655679ioo; Sun, 22 May 2022 23:13:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyDm1LJ6WbEw67+rX3j683POgNIGcw2CEbclyVk5GP1+d59mamcHK0KXirSGz/QmUgxDvPp X-Received: by 2002:a63:a4d:0:b0:3db:7de7:58b0 with SMTP id z13-20020a630a4d000000b003db7de758b0mr19453612pgk.128.1653286397073; Sun, 22 May 2022 23:13:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1653286397; cv=none; d=google.com; s=arc-20160816; b=uiu187cM1tdw6THtbJno2EPce8uCe/Yg5QrxcA2M5BW5htQzRxDaGFZ1eMle0gy1n3 sNbqZcAnCBWk6IrfG3JCqteid6PQYOu565AVH4hIcOOGSieXOErboriUGOEyP+Ewv2gV vWasvXpxzwr61eEuUSZ03aVKX1cjrEaPwqe3QSrsp4/eB/AWzExXK5z/DfQ9zqdr/M0U iIYheRYM4k24Sz6xOU13PORABaNREleOlgGnGcwhofJccERBd9+llWQlZKYKExdLbEJ8 O1AT8vUcKYur1MieIlWMLxCmI9NpvmRh36MK690DejddznhK14Xv+v5DEETdr416qDfO 0Etw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=TdE6K5mZnMzfi0LF9qaS0eQuKIQMNnhmY0eqSGQAtho=; b=mHcwwDNiWSlPG2UQRNfO6+ddUJA400Zn2brNF6OKDQqULDubuIpKfO52PY8hqEXz4m S4TX5fj/ohp6WnDlmUHiY00Hza3U1FOqQRQ1odWjsFataEhQilxjKed0SGgzZtfRYrKY IQbOouvrfc5Aq9lKfT5HWm2jO7sYo5wBU16asX0tRdv9itgNT97ch+LLXTGQNDAJ1yl4 VWahnzg3cJWj/bfS1RNYvP5nPsPSi/5vddbowPplXlBMFR45WSbyfQ3QVnyGV5BVSwj2 G8WIVBr1r7dFfNyP/4fj7IiCjJoWTrCQ03VM7QlnsKXnEfq7euc5UN0L7iyATKSb7ycT 7E2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=mUUGhPjn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id i13-20020a636d0d000000b003c1dc83e6b6si9103468pgc.317.2022.05.22.23.13.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 22 May 2022 23:13:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=mUUGhPjn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 35A77C38; Sun, 22 May 2022 23:01:07 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232157AbiETOsn (ORCPT + 99 others); Fri, 20 May 2022 10:48:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49516 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350459AbiETOsV (ORCPT ); Fri, 20 May 2022 10:48:21 -0400 Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B9BB21737F1 for ; Fri, 20 May 2022 07:48:00 -0700 (PDT) Received: by mail-ua1-x92d.google.com with SMTP id 90so3076134uam.8 for ; Fri, 20 May 2022 07:48:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=TdE6K5mZnMzfi0LF9qaS0eQuKIQMNnhmY0eqSGQAtho=; b=mUUGhPjn5fYL8N//HRUtYG1NSgB+aEK0JW6CWta7a81zxnc8/Qrf1FvIF8u+x3rvTL iuaLSaiAd/xVdL8qYJexNCJJpEhs38roYttyPZG418V8yFOkzV3i69Ft/onbcISB7P8l K75gO8RRcDmEyIxncusiC4YAa7blx1oPbF323/t7XC4HgcW9v+tYE4Kxw2Faa4wVKPUN VfktW63jbnJrFdkIrXHIT6fcSlQ2EbT7aL8n1epYNy1RzCeJDps/qnmIsF4DDT70ipaN I4YpVwsIkmDo+3Rj8aQi5hiBiym5zHTz8boJrA1e+iwmi7ITT6R6mQMfal+wcJVBeeWf FeYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=TdE6K5mZnMzfi0LF9qaS0eQuKIQMNnhmY0eqSGQAtho=; b=dddb0yJR6od7xzQxP2fc5SIgIvrKcb/+bWGRsAmR34gPZu1eEnlqm/EUGf7CNmmjfe Wfl47lSlXmdBNDJSgnE58rjXqT/SHz+ayIUCVnoJnnLxC0x0hnp7cDfoPvNSjP15nccW j5YGGx1hziaP0Z9Qs1/bM4litZGXkLj9Rs7D5H3+nEl4SrpeYkrHpQfNKA+xAkMOEoqr 4slJWAvGB1onFhi9LMX6/J+PW9/k6RbTVMqn3s1EHCdV4gKnSzX5ety+nzFFZDREGPHw u5keGcx+N0KJQlRAR4V5WOJ/3cVCsk6Ic5Nlu5acQIqsGmsJnd+avYVeYvKIvgNJ0q6P ibZQ== X-Gm-Message-State: AOAM530htrXxeogepV/55rPACUrQ5PDZU7CH0LIzGjLx9BtqsY1GiYsi Vq9l9NNOEGL2HKgei2xuI94PEWDaMUjPr2RORk0= X-Received: by 2002:ab0:614a:0:b0:368:bf32:5b37 with SMTP id w10-20020ab0614a000000b00368bf325b37mr4158060uan.30.1653058079775; Fri, 20 May 2022 07:47:59 -0700 (PDT) MIME-Version: 1.0 References: <20220516125405.1675-1-matenajakub@gmail.com> <20220516125405.1675-3-matenajakub@gmail.com> <20220520134124.6glbfzhrgzutfor6@box.shutemov.name> In-Reply-To: <20220520134124.6glbfzhrgzutfor6@box.shutemov.name> From: =?UTF-8?Q?Jakub_Mat=C4=9Bna?= Date: Fri, 20 May 2022 16:48:08 +0200 Message-ID: Subject: Re: [RFC PATCH v3 2/6] [PATCH 2/6] mm: add merging after mremap resize To: "Kirill A. Shutemov" Cc: linux-mm@kvack.org, patches@lists.linux.dev, linux-kernel@vger.kernel.org, Vlastimil Babka , mhocko@kernel.org, mgorman@techsingularity.net, willy@infradead.org, Liam Howlett , Hugh Dickins , riel@surriel.com, rostedt@goodmis.org, peterz@infradead.org, david@redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 20, 2022 at 3:39 PM Kirill A. Shutemov w= rote: > > On Mon, May 16, 2022 at 02:54:01PM +0200, Jakub Mat=C4=9Bna wrote: > > When mremap call results in expansion, it might be possible to merge th= e > > VMA with the next VMA which might become adjacent. This patch adds > > vma_merge call after the expansion is done to try and merge. > > > > Signed-off-by: Jakub Mat=C4=9Bna > > --- > > mm/mremap.c | 7 +++++-- > > 1 file changed, 5 insertions(+), 2 deletions(-) > > > > diff --git a/mm/mremap.c b/mm/mremap.c > > index 303d3290b938..75cda854ec58 100644 > > --- a/mm/mremap.c > > +++ b/mm/mremap.c > > @@ -9,6 +9,7 @@ > > */ > > > > #include > > +#include > > #include > > #include > > #include > > @@ -1022,8 +1023,10 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, uns= igned long, old_len, > > } > > } > > > > - if (vma_adjust(vma, vma->vm_start, addr + new_len= , > > - vma->vm_pgoff, NULL)) { > > + if (!vma_merge(mm, vma, addr + old_len, addr + ne= w_len, > > + vma->vm_flags, vma->anon_vma, vma= ->vm_file, > > + vma->vm_pgoff + (old_len >> PAGE_= SHIFT), vma_policy(vma), > > + vma->vm_userfaultfd_ctx, anon_vma= _name(vma))) { > > Hm. Don't you need to update 'vma' with result of vma_merge()? > > 'vma' is used below the point and IIUC it can be use-after-free. > Actually, this merge call is always either case 1 or 2 as they are defined in the vma_merge(). So, either way the 'vma' can absorb its neighbors but never gets absorbed itself. But you are right and I will add the update, because otherwise it would depend on the vma_merge() implementation, which could possibly change in the future and cause a bug. > -- > Kirill A. Shutemov