Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp6504313rwr; Tue, 2 May 2023 01:06:12 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6zMgYk0SfhaK9468EpxkdzToVG8nZpgfSHisWHf0tul0/XzqSgxtdKAOZbB1Q35+ipZbaK X-Received: by 2002:a05:6a00:1ac9:b0:641:558:8e2e with SMTP id f9-20020a056a001ac900b0064105588e2emr22382019pfv.15.1683014771723; Tue, 02 May 2023 01:06:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683014771; cv=none; d=google.com; s=arc-20160816; b=vS7D5Thb8KRR5evDDRK7oaWJOBXXsjkSHlakFZO/wHU9Wp/e+04JoxealibdjckA3i eiT2SOBgzyWD4BqHuWbbB4C7O6wxqKfSedcYT9v+A+RvfVL1avyM70r08F/QSk8hA5qI 15Ff4uTEd9jj+MgE7cp9uoX6LiCZJ0Dbm5usADrL9kJN5k6NETOxBFaY5/VR19h5GL4/ uiKuGUJEX0ZBrMUNBUXRqaOAfMZ+SoB2r7O2U6vXHIOwm+GtkM/n9Hc9TM7sWiHLZAko 7ox2ztNJJbeOG7ck04NTdHhXU9o9TTunXVvtuA+KPvhfhNAtvb3JUqdgwFKMKOZkw3X4 px4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :dkim-signature; bh=NP9x04IpamZ+4J4+YQ6L241Lqle1HdNEDLK94FhKL1s=; b=tECzmHDFoGjaNpFuX9DZPyPTmCulkREqA9M0QKf5Jx6U7z35Kmv7nNOpFlA/JaWoFn zvl4p90VvTIB+vTjoarbuLcRsd504VLW5wbz1rs5ZJOFA8jzf5oGySuHTeTY7eJloU9d sNLfllqEce983M8By4mV2SAkLk0ju0nHnTgDDxOXEe0wuTLZXryaFNrmsxQXv+7vh+xk ZZsws8xeaCFUWo/DhAPsGnHNq8/UhgWfrnrKGtLwvO0wPz8gs2j2uEqexeHHPfumGSTf 1FMlSqclqe8GAOLE872VXBTmsxK6TEg55Rzh/aVAYID89tgwtd63W1gPVKz9856SE+kb 6VIQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=i0Ht6owz; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=F85KhN7n; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u62-20020a638541000000b00525048cb4dasi24136781pgd.555.2023.05.02.01.05.58; Tue, 02 May 2023 01:06:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=i0Ht6owz; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=F85KhN7n; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233721AbjEBIAW (ORCPT + 99 others); Tue, 2 May 2023 04:00:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52284 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229722AbjEBIAU (ORCPT ); Tue, 2 May 2023 04:00:20 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 05E5AE5D; Tue, 2 May 2023 01:00:19 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 9E54422316; Tue, 2 May 2023 08:00:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1683014417; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=NP9x04IpamZ+4J4+YQ6L241Lqle1HdNEDLK94FhKL1s=; b=i0Ht6owzagxVsusrh+k5TXS/6F2cGI8FuxyGJtxaFJRM4m4Tbvw8zxYpoPAbak19HBxF5W cxJXamUCHUZLnK6iJcMa2ugn7dBT0o4+Usv0KcVpqAJ9chkraDeslIW2T4hEJ5YlEX4YME 8K8Dtc7Sx2s/ac0VicMWDMCjyyb5saQ= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1683014417; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=NP9x04IpamZ+4J4+YQ6L241Lqle1HdNEDLK94FhKL1s=; b=F85KhN7n9ZQMG5OTs4r7YsDZdS0LgI/nHqlYSWjEfVtH7P6F5XG6gXBa2RHb8jxNFawQrD W5FFX4gWEOqqNXDg== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 6DE96134FB; Tue, 2 May 2023 08:00:17 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id HTxOGxHDUGTwIwAAMHmgww (envelope-from ); Tue, 02 May 2023 08:00:17 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id A2D8AA0735; Tue, 2 May 2023 10:00:16 +0200 (CEST) Date: Tue, 2 May 2023 10:00:16 +0200 From: Jan Kara To: "Kirill A . Shutemov" Cc: David Hildenbrand , Peter Xu , Lorenzo Stoakes , Jason Gunthorpe , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrew Morton , Jens Axboe , Matthew Wilcox , Dennis Dalessandro , Leon Romanovsky , Christian Benvenuti , Nelson Escobar , Bernard Metzler , Peter Zijlstra , Ingo Molnar , Arnaldo Carvalho de Melo , Mark Rutland , Alexander Shishkin , Jiri Olsa , Namhyung Kim , Ian Rogers , Adrian Hunter , Bjorn Topel , Magnus Karlsson , Maciej Fijalkowski , Jonathan Lemon , "David S . Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Christian Brauner , Richard Cochran , Alexei Starovoitov , Daniel Borkmann , Jesper Dangaard Brouer , John Fastabend , linux-fsdevel@vger.kernel.org, linux-perf-users@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, Oleg Nesterov , John Hubbard , Jan Kara , Pavel Begunkov , Mika Penttila , David Howells , Christoph Hellwig Subject: Re: [PATCH v5] mm/gup: disallow GUP writing to file-backed mappings by default Message-ID: <20230502080016.4tgmqb4sy2ztfgrd@quack3> References: <62ec50da-5f73-559c-c4b3-bde4eb215e08@redhat.com> <6ddc7ac4-4091-632a-7b2c-df2005438ec4@redhat.com> <20230428160925.5medjfxkyvmzfyhq@box.shutemov.name> <39cc0f26-8fc2-79dd-2e84-62238d27fd98@redhat.com> <20230428162207.o3ejmcz7rzezpt6n@box.shutemov.name> <173337c0-14f4-3246-15ff-7fbf03861c94@redhat.com> <20230428165623.pqchgi5gtfhxd5b5@box.shutemov.name> <1039c830-acec-d99b-b315-c2a6e26c34ca@redhat.com> <20230428234332.2vhprztuotlqir4x@box.shutemov.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230428234332.2vhprztuotlqir4x@box.shutemov.name> X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat 29-04-23 02:43:32, Kirill A . Shutemov wrote: > I think I found relevant snippet of code that solves similar issue. > get_futex_key() uses RCU to stabilize page->mapping after GUP_fast: > > > /* > * The associated futex object in this case is the inode and > * the page->mapping must be traversed. Ordinarily this should > * be stabilised under page lock but it's not strictly > * necessary in this case as we just want to pin the inode, not > * update the radix tree or anything like that. > * > * The RCU read lock is taken as the inode is finally freed > * under RCU. If the mapping still matches expectations then the > * mapping->host can be safely accessed as being a valid inode. > */ > rcu_read_lock(); > > if (READ_ONCE(page->mapping) != mapping) { > rcu_read_unlock(); > put_page(page); > > goto again; > } > > inode = READ_ONCE(mapping->host); > if (!inode) { > rcu_read_unlock(); > put_page(page); > > goto again; > } > > I think something similar can be used inside GUP_fast too. Yeah, inodes (and thus struct address_space) is RCU protected these days so grabbing RCU lock in gup_fast() will get you enough protection for checking aops if you are careful (like the futex code is). Honza -- Jan Kara SUSE Labs, CR