Received: by 2002:ab2:69cc:0:b0:1f4:be93:e15a with SMTP id n12csp1528957lqp; Mon, 15 Apr 2024 08:59:35 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWKVD+HHAAQ3yM65L9xVU54Wdh2UBGIGhU2domHYKGYxFk5hl4agxSN21mniTZOhkRfPfOHFB8jivMMq4LhYCUS+Oa8MRtYPYzvX1fBvA== X-Google-Smtp-Source: AGHT+IF2wk8VQH1wDmTFFEMcX/UIKuodH1GD3X/9UouleXxNC5W/oMtHTjspmtAnkB6BlCD+OKT+ X-Received: by 2002:a05:6a00:1915:b0:6e8:f708:4b09 with SMTP id y21-20020a056a00191500b006e8f7084b09mr10686711pfi.15.1713196774869; Mon, 15 Apr 2024 08:59:34 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713196774; cv=pass; d=google.com; s=arc-20160816; b=jedagCXiw0HrID4yUkPXQGj9uCvUMgNlX7ZLBjZ+TuP9Hdn1GDncTy80n7FM7HPMqR 3VHXF2b8YvIBn8yHHjJ8iMBr5h/iOUGEq5FlClL4Rz8s9Kil3mktb5kLWy9id0J4GjKh 4/xgJolHKGk4TD0YRUIWcZwOR2pEhtCdEm6YVEoxXEGCsSkaSVaweygZAq9bm5obqg7k luubQKRDcn9PjkJ8xXFqfM9ZWzwuenyHIADaKy0hXCVI1ZgVuMox8Xnfe3j6JFIXj1Yn hetvkAEfRubRAV06cGCEaBRBWSYrAX4nq4X9Sr+dGHJ5o+CjIJsVrAMayX3UwQxETDpv iV9g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=vQs4ugT2y6J/4IutYdKUBVbhJN3bb9YCkttNLEXXcuk=; fh=IJPRS1OXzWE43mp9u2nLaaERMPH7FcBsd5EGnzscpvM=; b=GFY2Pt+ZjuB5ZCtzN9HsKct5Cw/R6WI2xpMkCL6amvvs7Vacoe6BJ60O1IWl+qmFYv EGn4YWR4fMQo1Dr2mSmILea8KqyNsBw/e4sOfoOJOdmXXvqG+PVEsBAjzTdgSYl3StAj 8IR3drsXrwcqOn1+AaHYo+B6GrjTxTwJPcPXvhOTCNRFY5O5eoVbDEu2RQWsMjHKpioa R+RwBtEYzA/U7364+7wrevTMCraRk9+jy5JPhEANc0UnVX44TFA3HApPlc3ahQJdbkZv Vwe7e0BI/luj16eKOs5PkW83EGmpKiA0cHSJeH0RZtafNF4GxhJ6HQ+6AGAzq/iNM9jm KAlA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=StCRRAdM; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-145492-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-145492-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id dq2-20020a056a020f8200b005e842927967si8019357pgb.672.2024.04.15.08.59.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Apr 2024 08:59:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-145492-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=StCRRAdM; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-145492-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-145492-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 78A04B2249E for ; Mon, 15 Apr 2024 15:58:51 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id EDFF47F46B; Mon, 15 Apr 2024 15:58:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="StCRRAdM" Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D51F2837D for ; Mon, 15 Apr 2024 15:58:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.176 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713196724; cv=none; b=nKuRpQAQpbKojjIft399lTNfhVE4NhlY4Anas3AwjZ1Fm6/GiNECvABKfFlQWW+5/ygyFooMv8H4PAyOIJlUtBeKwS196aCOrkmqAaAfJfhEjRV42lO1qFXkDDMOiLyf5245V1rBdP3eM4iU5XM9IfY5l88sGu+xlfKU46cIsUA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713196724; c=relaxed/simple; bh=f8hTPpbMuE/W1bIMmiDJLYhkAj9bpOkgXFYOfTRZHjM=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Q92slyMXQvWFHLpYIBuIeCROTXENiMrLI5J6CxelRPRtNd7xGb85XRpjnWedusKfOWKKkAuN3zov+19JCjzJcDUOs2bcnA5ixgTNlTDpkv+mngTqu3+zDTZKnpV6QxiHTWP3y6bqmYb/8qulwrX4Yz4/NL/EeGuvbF3Gb5ja0ZQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=StCRRAdM; arc=none smtp.client-ip=209.85.219.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-dcc7cdb3a98so3141421276.2 for ; Mon, 15 Apr 2024 08:58:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713196721; x=1713801521; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=vQs4ugT2y6J/4IutYdKUBVbhJN3bb9YCkttNLEXXcuk=; b=StCRRAdMeJL+zc+txTslEv3fzwsXEb9ABWrL9EWskGSoxVE2FJ4obe8m33XOHZY7OA vKP2dYANxN9XBul6nDeZj1WL9l2BjmXM4oXAZ1CQMra/NCUDyF9JgZ5Y9ACW5C5Y0yVW H0dKw8Upz2JpdVSDpCgJfGhEsoZQ+3sjajFhsFcM9MNk8tSbhB7RKIlXR5tk3cBLlHag +r7nkCoPWv0g3SR3Tb5boFqDW+MCFQNfCQc0yexZ9TmNWuTJRZTbgXOOYJvhx8CH2dOi Tr0c6jCXhnr/o9kaQD64y5zc5ngxuayzfMWEJ1WRJaJpwTOL44uRsgDbOY0Yzm9Qhg2e 0nIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713196721; x=1713801521; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vQs4ugT2y6J/4IutYdKUBVbhJN3bb9YCkttNLEXXcuk=; b=cauPsJSlcOOdzfYDOywfrp2WTkQY25DUDihZ+Sois7jgXuvxEGj1S+Jvy0lZLICAR6 4J2lCOD03skOFsrl/Yf/DrN2wRUWiuhIlHOqW+tknfwvwceDtEVzhZMxMjgpoDWopxx7 28CSfDNHjm2w3EbJ/E423F5WHzI90hStDLNb+9lDiTadnpP3/mQS9SVJ2ApvQ0LTsHtV Ovv2QsjJWCTTYhu3VKNgEkjgb9XY4BWiZx9waVnkBuKNhbhbGx5+nrtVf3FdZIibQ3MJ zMnfgSL3K3ehHnG+wIqea9WS0TbTyuNMGGY5rHyYMHj11aNY+TtrNZogWukgAWzLsZtL fyQA== X-Forwarded-Encrypted: i=1; AJvYcCWGh3rgcUaI9ujXPVCZri48vNO19IJWgYQ/SsSIOOlUweeI2AF8SbHV4EgtsbIFv++i8pQrsf1y4HcXKeTc5YhIEtyodaKlDRDwAZbB X-Gm-Message-State: AOJu0YyApXP1mbmbI3t8Q+/GKEeLp1jaS1XrPWmCcwQz+66uWcnQedSN icxTjfZRiziytoBrFsq29F1b3RObKwsBeqG3Qa/Hmcn40i8FzZeYtdcH2G87rExy+01+UB3Sqpn u/YrYsjr5wslPMSO83Hl3pY9OBRvF6EGTaHrf X-Received: by 2002:a25:9e05:0:b0:dcc:99b6:830b with SMTP id m5-20020a259e05000000b00dcc99b6830bmr9897702ybq.19.1713196721063; Mon, 15 Apr 2024 08:58:41 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240411171319.almhz23xulg4f7op@revolver> In-Reply-To: From: Suren Baghdasaryan Date: Mon, 15 Apr 2024 08:58:28 -0700 Message-ID: Subject: Re: [PATCH] mm: Always sanity check anon_vma first for per-vma locks To: Matthew Wilcox Cc: Peter Xu , "Liam R. Howlett" , LKML , linux-mm@kvack.org, Andrew Morton , Lokesh Gidra , Alistair Popple Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Apr 12, 2024 at 8:19=E2=80=AFAM Matthew Wilcox wrote: > > On Fri, Apr 12, 2024 at 09:53:29AM -0500, Suren Baghdasaryan wrote: > > Unless vmf_anon_prepare() already explains why vma->anon_vma poses a > > problem for per-vma locks, we should have an explanation there. This > > comment would serve that purpose IMO. > > I'll do you one better; here's some nice kernel-doc for > vmd_anon_prepare(): I was looking at the find_tcp_vma(), which seems to be the only other place where lock_vma_under_rcu() is currently used. I think it's used there only for file-backed pages, so I don't think your change affects that usecase but this makes me think that we should have some kind of a warning for lock_vma_under_rcu() future users... Maybe your addition of mmap_assert_locked() inside __anon_vma_prepare() is enough. Please don't forget to include that assertion into your final patch. > > commit f89a1cd17f13 > Author: Matthew Wilcox (Oracle) > Date: Fri Apr 12 10:41:02 2024 -0400 > > mm: Delay the check for a NULL anon_vma > > Instead of checking the anon_vma early in the fault path where all pa= ge > faults pay the cost, delay it until we know we're going to need the > anon_vma to be filled in. This will have a slight negative effect on= the > first fault in an anonymous VMA, but it shortens every other page fau= lt. > It also makes the code slightly cleaner as the anon and file backed > fault handling look more similar. > > Signed-off-by: Matthew Wilcox (Oracle) > > diff --git a/mm/huge_memory.c b/mm/huge_memory.c > index d8d2ed80b0bf..718f91f74a48 100644 > --- a/mm/huge_memory.c > +++ b/mm/huge_memory.c > @@ -1057,11 +1057,13 @@ vm_fault_t do_huge_pmd_anonymous_page(struct vm_f= ault *vmf) > gfp_t gfp; > struct folio *folio; > unsigned long haddr =3D vmf->address & HPAGE_PMD_MASK; > + vm_fault_t ret; > > if (!thp_vma_suitable_order(vma, haddr, PMD_ORDER)) > return VM_FAULT_FALLBACK; > - if (unlikely(anon_vma_prepare(vma))) > - return VM_FAULT_OOM; > + ret =3D vmf_anon_prepare(vmf); > + if (ret) > + return ret; > khugepaged_enter_vma(vma, vma->vm_flags); > > if (!(vmf->flags & FAULT_FLAG_WRITE) && > diff --git a/mm/memory.c b/mm/memory.c > index 6e2fe960473d..46b509c3bbc1 100644 > --- a/mm/memory.c > +++ b/mm/memory.c > @@ -3213,6 +3213,21 @@ static inline vm_fault_t vmf_can_call_fault(const = struct vm_fault *vmf) > return VM_FAULT_RETRY; > } > > +/** > + * vmf_anon_prepare - Prepare to handle an anonymous fault. > + * @vmf: The vm_fault descriptor passed from the fault handler. > + * > + * When preparing to insert an anonymous page into a VMA from a > + * fault handler, call this function rather than anon_vma_prepare(). > + * If this vma does not already have an associated anon_vma and we are > + * only protected by the per-VMA lock, the caller must retry with the > + * mmap_lock held. __anon_vma_prepare() will look at adjacent VMAs to > + * determine if this VMA can share its anon_vma, and that's not safe to > + * do with only the per-VMA lock held for this VMA. > + * > + * Return: 0 if fault handling can proceed. Any other value should be > + * returned to the caller. > + */ > vm_fault_t vmf_anon_prepare(struct vm_fault *vmf) > { > struct vm_area_struct *vma =3D vmf->vma; > @@ -4437,8 +4452,9 @@ static vm_fault_t do_anonymous_page(struct vm_fault= *vmf) > } > > /* Allocate our own private page. */ > - if (unlikely(anon_vma_prepare(vma))) > - goto oom; > + ret =3D vmf_anon_prepare(vmf); > + if (ret) > + return ret; > /* Returns NULL on OOM or ERR_PTR(-EAGAIN) if we must retry the f= ault */ > folio =3D alloc_anon_folio(vmf); > if (IS_ERR(folio)) > @@ -5821,15 +5837,6 @@ struct vm_area_struct *lock_vma_under_rcu(struct m= m_struct *mm, > if (!vma_start_read(vma)) > goto inval; > > - /* > - * find_mergeable_anon_vma uses adjacent vmas which are not locke= d. > - * This check must happen after vma_start_read(); otherwise, a > - * concurrent mremap() with MREMAP_DONTUNMAP could dissociate the= VMA > - * from its anon_vma. > - */ > - if (unlikely(vma_is_anonymous(vma) && !vma->anon_vma)) > - goto inval_end_read; > - > /* Check since vm_start/vm_end might change before we lock the VM= A */ > if (unlikely(address < vma->vm_start || address >=3D vma->vm_end)= ) > goto inval_end_read;