Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp3372375lqp; Tue, 26 Mar 2024 07:32:56 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXs6g6k6y4yl/ctQonI95t0RiXRV45AqBIfuoaiUXzg1pp6oUGYqgEvt+addioRlWS1gwNco+vRICJGW1Cka9LVIAOYt2Q98P3AOLXazQ== X-Google-Smtp-Source: AGHT+IF32WcpY2+U7gITN0tLTNMpKy4ZWnahaDjr46Mow2pUSLXS4/GMtN7Shb6KD/OFKT52vNV0 X-Received: by 2002:a50:bae2:0:b0:568:b702:e0d3 with SMTP id x89-20020a50bae2000000b00568b702e0d3mr1964349ede.21.1711463576169; Tue, 26 Mar 2024 07:32:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711463576; cv=pass; d=google.com; s=arc-20160816; b=QO3FI0zw45K0gdXslIU6dtzFeeg5APVhYE6O3PuSgrJ1wZ3k3pv1Iyl0rwymI8ilpv t75Ctm1Q7cc3S5T966wNDg3ktjUfqB96gntxH5haIPJWgkLuoiPX0SI0/MFeDor3R7t8 fZytEam4sxBTEViETn+5AsFZTWRS5dgYfKSLknULoBWQtQMs3ZLq/9pvggWoWUZGqwKX FuRo4m1iy139zJx/L7fgG35V0MuSGAozOtC8yaTRlecGAjmF0d8sberH6Z4PhlweS2nY h9/246d3LL6a7dUzZfWVknLSlxYg5iou9zDAhPsVij9vfBi7I8/lx4tcANDc192wPZkx Ix/w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=jCQ18XUYGXxAblag6bvSJIJrwTPD6Hhm3KxukBaiG2A=; fh=qbRXjho4lPIXs5B9PfbtWxXH3ivnywFdr2Py1Rq4+Cw=; b=NtzDHVFzNyBA29u9/9T1PinjkYg10Md7k7QSAu0LdwuBdmX6Xofo6F3ueiH5FXSL+q ZMbtTkVTB2uHTuxMBU41q0RrFle0+LzVtxlVypnsXRV/TKt9wben/bzsYo6wuZLVjp13 YjIbmglOHLY1023nRoxTJlzr5Wwi4gQ6NruxvBxhlCVyrqGZhawht1BuY8lK19nN/Ze0 zrFfuUQDCHc+X3Xw7a0vpL23iG/Oo4INHjADpOKsraA2TO814SlFSaqmLMHUDIz5IKMc svC9oFk7rtnWJvVWnuaDnKIKxdOrA4icBe72paGD4R/6jsQFDAQVhZy1UdRjxcPYxYio cw8A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=W+PsGvPt; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-119182-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-119182-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id q17-20020a056402249100b005689f90706esi3805170eda.79.2024.03.26.07.32.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Mar 2024 07:32:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-119182-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=W+PsGvPt; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-119182-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-119182-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id E097B1F35F50 for ; Tue, 26 Mar 2024 14:32:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 47B7813C3E7; Tue, 26 Mar 2024 14:32:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="W+PsGvPt" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3B8D13C3C0 for ; Tue, 26 Mar 2024 14:32:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711463564; cv=none; b=P8gLgobohkW4rRGI7Qm4PvFnRddUeppDa8S5Hoo4tx5XeQltzpTB5zWBaJIf3FSZ44s2ByOKP7NDH4fNSPSfFd4Iq8J0sPN5Tqs/abUnT9QZ6SY666XJlKb3Ngr/NZZIq/TgAPD6mjn0VdmZg8t1dOuroEt6KUhSLisFYZzN/6g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711463564; c=relaxed/simple; bh=3BfObOBItLmXWASUgTdfkgiwVlyf/Sm1OH87Hu2jEv4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=u/Dn4rGQdLUc9NwUaHf1YrVu5GopapS8rcUZX/0XX7aWQglDVVR3Wotf6xxpq2U6nlGxOxa1aqhwpPXavZYkZxEvqZcYb4PiGXzvlQNQMpH0NKXTBD/iLCaMsr+OSEO68Xi2CctE2HLZoXbczcrXaufDe+H6aeJvD+T6gipjUI0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=W+PsGvPt; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1711463561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jCQ18XUYGXxAblag6bvSJIJrwTPD6Hhm3KxukBaiG2A=; b=W+PsGvPto/7dV1XNioWFiWvQemJgIGerwYHPPYBPk0Nlukjx7FW34eU5wclCSi7KLJWmP7 yaEhusXhG0Jy5kB1URnwyPGQDbUOwm+8kBGcT6iZRPYw6Bx81T9ds3qAH27PSkWRjWiBZt xbYlTDSkmSygB1prZ7YGKRg/O20g1as= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-130-SUIk7uSiPqOSHPDYataC4g-1; Tue, 26 Mar 2024 10:32:38 -0400 X-MC-Unique: SUIk7uSiPqOSHPDYataC4g-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 95BD23C0C889; Tue, 26 Mar 2024 14:32:37 +0000 (UTC) Received: from t14s.fritz.box (unknown [10.39.192.164]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6784340C6CBE; Tue, 26 Mar 2024 14:32:34 +0000 (UTC) From: David Hildenbrand To: linux-kernel@vger.kernel.org Cc: linux-mm@kvack.org, David Hildenbrand , Andrew Morton , Mike Rapoport , Miklos Szeredi , Lorenzo Stoakes , xingwei lee , yue sun , Miklos Szeredi , stable@vger.kernel.org Subject: [PATCH v2 1/3] mm/secretmem: fix GUP-fast succeeding on secretmem folios Date: Tue, 26 Mar 2024 15:32:08 +0100 Message-ID: <20240326143210.291116-2-david@redhat.com> In-Reply-To: <20240326143210.291116-1-david@redhat.com> References: <20240326143210.291116-1-david@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.2 folio_is_secretmem() currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or temporarily have their LRU flag cleared. Consequently, the LRU flag is unreliable for this purpose. In particular, this is the case when secretmem_fault() allocates a fresh page and calls filemap_add_folio()->folio_add_lru(). The folio might be added to the per-cpu folio batch and won't get the LRU flag set until the batch was drained using e.g., lru_add_drain(). Consequently, folio_is_secretmem() might not detect secretmem folios and GUP-fast can succeed in grabbing a secretmem folio, crashing the kernel when we would later try reading/writing to the folio, because the folio has been unmapped from the directmap. Fix it by removing that unreliable check. Reported-by: xingwei lee Reported-by: yue sun Closes: https://lore.kernel.org/lkml/CABOYnLyevJeravW=QrH0JUPYEcDN160aZFb7kwndm-J2rmz0HQ@mail.gmail.com/ Debugged-by: Miklos Szeredi Tested-by: Miklos Szeredi Fixes: 1507f51255c9 ("mm: introduce memfd_secret system call to create "secret" memory areas") Cc: Signed-off-by: David Hildenbrand --- include/linux/secretmem.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/secretmem.h b/include/linux/secretmem.h index 35f3a4a8ceb1..acf7e1a3f3de 100644 --- a/include/linux/secretmem.h +++ b/include/linux/secretmem.h @@ -13,10 +13,10 @@ static inline bool folio_is_secretmem(struct folio *folio) /* * Using folio_mapping() is quite slow because of the actual call * instruction. - * We know that secretmem pages are not compound and LRU so we can + * We know that secretmem pages are not compound, so we can * save a couple of cycles here. */ - if (folio_test_large(folio) || !folio_test_lru(folio)) + if (folio_test_large(folio)) return false; mapping = (struct address_space *) -- 2.43.2