From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C86A115ECF1 for ; Tue, 6 Aug 2024 21:28:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979735; cv=none; b=HZo8mfeQp2zhhW9K5rc+uC9yqbfK0NjJJKKPDhvJOHJpc6I5Ez2euVGnK4AJK8zX2QGJrs4672+z+gxyzyvwI45+Mx8fd2e8ILpfdmUjdkmaiQFixvoTjk4Kycb6Go0QPRPhh2yyYaOfMYH2HsylgR5dZGgTwMzTNjmbonBdvdI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979735; c=relaxed/simple; bh=2kirhTVWWLqlAI3lvuPfg0Feo6DhPI52QGhLkxgRIEw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Oc8M2JY7m9Cw1SEQTwLFA8EmSweXCj7s54PUOYLbFb0vXrialExqTLmTZqQPLmI8/7q+LlGTdr/lMRXtDOd1+rOOEA7jzvI12kwlEBfuc6scsnyDrDsgZG+TpyhXjY43pDgj71H5OLoGRQeCoqq81L3NcBpXQqpomgbeGmNs+Vw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=dZwjIj+p; arc=none smtp.client-ip=209.85.221.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="dZwjIj+p" Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-36bcc168cdaso726938f8f.0 for ; Tue, 06 Aug 2024 14:28:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979732; x=1723584532; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VDYcnh60WLoSK67nH2jZrndTdBIH1a9KEd2iZeOMQIo=; b=dZwjIj+pUeZihwtTJ/9CBovCcJS9VhFxGOAzQxRfzzgg+bxCx5DYufQeE5B4YXmcJs adxWaAEXFk5G3nwzUnulVc45Euyor7pRiOjJc79Djb9YqL3CqF73kp0DoMMx0Pdsi4pr aPv2pOVWXxG4wmgT+Bx4Nn1sqBVIBb02o12Er3phhctRxRgQ2H0fApVG1G5DxE84aRlj vVUkseO+j0HQq+MteN47Q1eKP1f/9iiiOv+Fccd6wNIw0J5i62mtu+sWyWqzhzWlHwmH szmN3/WjcXnty+1poGF+MdPj+gWvEdfW8R6KMaoHssn/zBOMBYTFVn+6KR9iXhI9zbkz WqeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979732; x=1723584532; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VDYcnh60WLoSK67nH2jZrndTdBIH1a9KEd2iZeOMQIo=; b=hLdyHOwSE95y5uVCZt66i/Y0DUAcu0+GZ2nhgXqSRdu00q339Uq8oBDZIY3lLix5wM N9gKc0grb4AwZHsQzvhxiXaAze5UL1JhKKTBgUefqWznj5ZHEo0MR7n1CvXzZxFezeoS pXaMYYhjXlgxAeroBJVu5y8qlAVO39WWuB8ZAko/lJpDFaZktBjunWE/SBeSYuxN45gB xVj2rHkyAxOhUar71Jw2z48dK/4RswQXzBrUDzi+SD4Tj2SKPNxWj0EUvtQSfS9zQBu6 lXX6+Dtr7+Qy+AwlH77DVLPrsFAo0K/bK2XR0MFaDhKYGcKq/b2DOf6AZnHbpZUP+T0I wRZA== X-Forwarded-Encrypted: i=1; AJvYcCW6k0YyAUrweQBj9PLYde++fFBnXVzBkLizQe323/7/goSiZa6L0+yj+XAvUGBhOrmYnDqlNadO8ZyT4aX1jppRyCsdzNcuIivwVLJ5 X-Gm-Message-State: AOJu0YwsLr66qbyQomAI/CIbY0YO07cc+uwaIzyuq0O5G/onQFWNduRX 0MPIOniyVZ+bM9tKpcHBTycHjETGnRA5UPu8zet+q8HqMG57sXJM X-Google-Smtp-Source: AGHT+IECpd6uu3mztQTqtGvaZiXG0ELcfquameBpR13yoTcX46i5hVhlohITc7cPF5b9qvvv15HFCA== X-Received: by 2002:adf:a11a:0:b0:367:9c46:198 with SMTP id ffacd0b85a97d-36bbc0e0cfdmr13298361f8f.1.1722979731922; Tue, 06 Aug 2024 14:28:51 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:51 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 1/7] mm: Move can_modify_vma to mm/internal.h Date: Tue, 6 Aug 2024 22:28:02 +0100 Message-ID: <20240806212808.1885309-2-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move can_modify_vma to internal.h so it can be inlined properly (with the intent to remove can_modify_mm callsites). Signed-off-by: Pedro Falcato --- mm/internal.h | 24 ++++++++++++++++++++++++ mm/mseal.c | 17 ----------------- 2 files changed, 24 insertions(+), 17 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index b4d86436565..09ea930540f 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1497,6 +1497,24 @@ static inline int can_do_mseal(unsigned long flags) return 0; } =20 +static inline bool vma_is_sealed(struct vm_area_struct *vma) +{ + return (vma->vm_flags & VM_SEALED); +} + +/* + * check if a vma is sealed for modification. + * return true, if modification is allowed. + */ +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + if (unlikely(vma_is_sealed(vma))) + return false; + + return true; +} + + bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end); bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, @@ -1518,6 +1536,12 @@ static inline bool can_modify_mm_madv(struct mm_stru= ct *mm, unsigned long start, { return true; } + +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + return true; +} + #endif =20 #ifdef CONFIG_SHRINKER_DEBUG diff --git a/mm/mseal.c b/mm/mseal.c index bf783bba8ed..4591ae8d29c 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -16,28 +16,11 @@ #include #include "internal.h" =20 -static inline bool vma_is_sealed(struct vm_area_struct *vma) -{ - return (vma->vm_flags & VM_SEALED); -} - static inline void set_vma_sealed(struct vm_area_struct *vma) { vm_flags_set(vma, VM_SEALED); } =20 -/* - * check if a vma is sealed for modification. - * return true, if modification is allowed. - */ -static bool can_modify_vma(struct vm_area_struct *vma) -{ - if (unlikely(vma_is_sealed(vma))) - return false; - - return true; -} - static bool is_madv_discard(int behavior) { return behavior & --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E41DD16A94B for ; Tue, 6 Aug 2024 21:28:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979736; cv=none; b=Of6zSCj0qWqSZV89EyV+sXcwcxJWzUBV6uRagNOIA6D1WgQqvLdRYTxy8122lCSL0i5600M0chUNJ4foALzyMQt75vGD7cINSImgu2h4DkGb4DvCj8luvran4HatviD0sMaa8oV96V55Py/CBiXbg0QvFPQF+wPrOoORXBb5zbk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979736; c=relaxed/simple; bh=Au4AopVMNHLrw4VI4OdEf3KzGyMoyLBWiOWQCmMfxuo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QcF75zvXZ3aKDvi5Vzjzi16NUUOtvX8K9jaX6bw7kK71SjTR7THSEHaEIuA/818uYzcgjqxKX3AP5yayFqpOghMi597gswMAUPX/vUotIOYfAExpIG/4tFIh1mxATmEYHZ6gsO2wRxbLvvTa0pMDss9xq3lLGiv4i3aTOFMIjRY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=SK7uEJnB; arc=none smtp.client-ip=209.85.128.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="SK7uEJnB" Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-428e1915e18so7530845e9.1 for ; Tue, 06 Aug 2024 14:28:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979733; x=1723584533; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=domfBmFrCeEd8AJ/SLIoCSKrKiJu9/5c5x0kHSbw/Dg=; b=SK7uEJnBcOXxSEq8itadqcHmlhp+mXjTcnyApDyDRS5Vy2C3XqgJ4mhTPC3D83DIvC YuyTgTGaSUXwRUmxR+ZYwEvEJu+ryIax5BWiIi16YPOZb0IJMmhPTYjE83NmvMwUANIH /Y046I5o3p9TFig8gy4EGedji25d5ZCMgcPJUeTvHo2/q943bbvK3dkbLIDwkd0pIXNP U1SNnX8LPfXc7lb3dSmVCjQF2W29pRCDs0BPt1DIZqXYxaeVf5NIM8KWD2a5LWBaDaLB Lxr0VK6DxOkx+ytPxT4zElYwTzxEzWRzhQWB9gvbi85qnvxSaeQLCtWxlRFaI9Fj2/LW +34w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979733; x=1723584533; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=domfBmFrCeEd8AJ/SLIoCSKrKiJu9/5c5x0kHSbw/Dg=; b=dGIln6z0UKgxqZRShWqAgBQy+q06bpOt9/hKVcsOGjR6R3turQTHLn23ym1yTfzdBF 7r1pcmf60ivYSllJFJDAonYVeGR8DgxWPF/VhKOMc+Y2JhzQGoz69w3U5ziqCrVYxu1m g91DK+oZYAFL9SYg1cy2GJUz8GZUhMyE3SlgzRpjIC/mX2VRgiFG3e6eQpJL2zU2GRQL rgT2XJeedhDBnHaPpwitMLSdmXLHkgj8Aa+V5lVb+2ST4fE0vHhZNO2r0qpA3xgsiRRc HUcfw1H27TgDuoKdoKrXGDOYwYZheugBzAOkBezYztLln240gBAjzmL7b9b3QQ5LCCRL Bo7Q== X-Forwarded-Encrypted: i=1; AJvYcCX6nzVY15X/MOpcV1PCVDsPtJXobLYaNuTwgI4jp8xoK8T8/r+ow0R4VXN7EgHFd2LXwjJ+01RQCMaqkOTl1F2/g7wnR1pXwsdRtFWe X-Gm-Message-State: AOJu0Yzr4rY/ghogNbz5u0OG//+p/OZHkA4UnBFapTom4pGR/4ZKVst3 9a75k933DXbmiVoUxAxqbimivvsaTLFMAgg1w/DdyDInaNr+9/Y/ X-Google-Smtp-Source: AGHT+IFGyTIIlnKMg0jWiAX9WgQb0wH2svLBOpI0XEtPEz84np7Wxf3BbmF57jPnSkG1elyRKS+FXA== X-Received: by 2002:a05:600c:4447:b0:426:5dca:50a with SMTP id 5b1f17b1804b1-428e6b31274mr104812875e9.21.1722979733038; Tue, 06 Aug 2024 14:28:53 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:52 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 2/7] mm/munmap: Replace can_modify_mm with can_modify_vma Date: Tue, 6 Aug 2024 22:28:03 +0100 Message-ID: <20240806212808.1885309-3-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We were doing an extra mmap tree traversal just to check if the entire range is modifiable. This can be done when we iterate through the VMAs instead. Note that this removes the arch_unmap() callsites and therefore isn't quite ready for Proper(tm) upstreaming. Signed-off-by: Pedro Falcato --- mm/mmap.c | 36 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index d0dfc85b209..b88666f618b 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -2660,6 +2660,12 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct= vm_area_struct *vma, if (end < vma->vm_end && mm->map_count >=3D sysctl_max_map_count) goto map_count_exceeded; =20 + /* Don't bother splitting the VMA if we can't unmap it anyway */ + if (!can_modify_vma(vma)) { + error =3D -EPERM; + goto start_split_failed; + } + error =3D __split_vma(vmi, vma, start, 1); if (error) goto start_split_failed; @@ -2671,6 +2677,11 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct= vm_area_struct *vma, */ next =3D vma; do { + if (!can_modify_vma(vma)) { + error =3D -EPERM; + goto modify_vma_failed; + } + /* Does it split the end? */ if (next->vm_end > end) { error =3D __split_vma(vmi, next, end, 0); @@ -2763,6 +2774,7 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct = vm_area_struct *vma, __mt_destroy(&mt_detach); return 0; =20 +modify_vma_failed: clear_tree_failed: userfaultfd_error: munmap_gather_failed: @@ -2808,17 +2820,6 @@ int do_vmi_munmap(struct vma_iterator *vmi, struct m= m_struct *mm, if (end =3D=3D start) return -EINVAL; =20 - /* - * Check if memory is sealed before arch_unmap. - * Prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - - /* arch_unmap() might do unmaps itself. */ - arch_unmap(mm, start, end); - /* Find the first overlapping VMA */ vma =3D vma_find(vmi, end); if (!vma) { @@ -3229,18 +3230,7 @@ int do_vma_munmap(struct vma_iterator *vmi, struct v= m_area_struct *vma, unsigned long start, unsigned long end, struct list_head *uf, bool unlock) { - struct mm_struct *mm =3D vma->vm_mm; - - /* - * Check if memory is sealed before arch_unmap. - * Prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - - arch_unmap(mm, start, end); - return do_vmi_align_munmap(vmi, vma, mm, start, end, uf, unlock); + return do_vmi_align_munmap(vmi, vma, vma->vm_mm, start, end, uf, unlock); } =20 /* --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 067F516CD3A for ; Tue, 6 Aug 2024 21:28:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979737; cv=none; b=cuUOHYVyEkr1HTszcrne4m6jMrVUzVImpa5LPdiEWSrNDc0xUrPMgWbB3aQvS45c93M2YJOf2m/UUKDOn1eWKa8xlIoMDAC7pipRtp6PfbLhKBf6JhDOu0AcayCGOAcj2/PRPv99/KhDWiG3qiKQlZwzfS6bPfvjqy/EuuBMFRk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979737; c=relaxed/simple; bh=J3RsfOXy0wMCd4CO+SuDFXD7Ne6CHmH7bPS7wuF1LZg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=AzqwLPBkywLvAk8iKiFJnOqYAoVpqnQohhnOlQPCKGsw1hhwS29R+qA6/XX5ZLt8wBVGxyGO8t/ywoMO3t4VsWGCvrLOuhxT6AQzKAm2sARAqUiyj17ejDOkzb0CE/LdcVmMdltXfbfEOQNo2xz7fLi2dj1OFVn631ivjtP45SM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=PRPnC2oO; arc=none smtp.client-ip=209.85.128.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PRPnC2oO" Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-4280c55e488so1595285e9.0 for ; Tue, 06 Aug 2024 14:28:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979734; x=1723584534; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=u2+YFPOHRh49qf0SxMlXaqe1DReRnNNIKrNBJS++4hY=; b=PRPnC2oOyDocR16LTY6Vko8s9V9wVgwQqNk/S9gT+bWBfXSvs/nWmELfu5GtNGCtrb ebYsNBSACQ07k6cu4atM7fLUc3HxOZvhRMYwQX4Use8dLFqg4/IR/U1TkQ/7Xx7kFirW SnF2hEYSeKlraMBUHcLxfuyWfPrVMEIyOs7B3FgvhXl/JvglP/N7DXXdBbab6KKmvm9l DBN1THCyeHCn1Hmtd8Hcyj8ywrfCb5SmBCeajDD5Egg/CFu64fZ6XcMja0YVsk+c68wC 6O1OCMaP9dMNDvjrtQw8NGD8H8B3kpQuwHZXyz1ktGvay+J3KH3XVli6RorsfwYyubqv ei0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979734; x=1723584534; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=u2+YFPOHRh49qf0SxMlXaqe1DReRnNNIKrNBJS++4hY=; b=XPWXQTs2Nhe6FbUPPxfnRmu72OTi7Q8cbC9JpfG4ZFjuyAntys7+8gBh/tszZ8/PPd /Elqu+uDbV7L/plshArsbkcZ7s3uCX082Vt+FUhuCY9E0rOfIct9SNNu+IQ4MGTj918l uc62o9uCB8UKPE77TTrPx0wH74AtLlHG3YkKdh2XOvzvRGGFjAuwxe+oDOhTdX7VIE/e f49ZJ53nXJ82xB5PtjrsubvzYbBIew/qdZhoR2KiWBU4fpefKoP56QHmHjKyGy79o0Sa LEI2KHxGkHTagx8fVsF14zzqxBHHt7so7raaJsQ8dQwS4FG8SzOvTTnS1nxkcBb5/r2r BVgQ== X-Forwarded-Encrypted: i=1; AJvYcCUszieDbqemjdn/cIRMYTyjClqeAuzoDCutggYxBPTKoHmyBx+ANIDSUgKZtyhSlM1BRDhyM8OoC8OEmdaJBd0u8vd7i5Fj5/TRIajw X-Gm-Message-State: AOJu0YxpIh14FSV6kSAXdRAvHWfb1VCol4zidBa8hnRf82y8D4iqP9QW z4bGCGI3Vz1h2GdqR78p2Hi15xE8nFwKW/HWWmH85Yeni7+yYUY4 X-Google-Smtp-Source: AGHT+IH6Xr9SYyBvEv8fSy53cCmNf9TVkU4nZGyjvO57KE0CLwbkZFyi/Yg4WH8MbnlrA53Ir0lSgw== X-Received: by 2002:a05:600c:19c7:b0:426:6fb1:6b64 with SMTP id 5b1f17b1804b1-429050c2b96mr821895e9.7.1722979734120; Tue, 06 Aug 2024 14:28:54 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:53 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 3/7] mm/mprotect: Replace can_modify_mm with can_modify_vma Date: Tue, 6 Aug 2024 22:28:04 +0100 Message-ID: <20240806212808.1885309-4-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Avoid taking an extra trip down the mmap tree by checking the vmas directly. mprotect (per POSIX) tolerates partial failure. Signed-off-by: Pedro Falcato --- mm/mprotect.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/mm/mprotect.c b/mm/mprotect.c index 222ab434da5..b1980ea1cc3 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -589,6 +589,9 @@ mprotect_fixup(struct vma_iterator *vmi, struct mmu_gat= her *tlb, unsigned long charged =3D 0; int error; =20 + if (!can_modify_vma(vma)) + return -EPERM; + if (newflags =3D=3D oldflags) { *pprev =3D vma; return 0; @@ -747,15 +750,6 @@ static int do_mprotect_pkey(unsigned long start, size_= t len, } } =20 - /* - * checking if memory is sealed. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(current->mm, start, end))) { - error =3D -EPERM; - goto out; - } - prev =3D vma_prev(&vmi); if (start > vma->vm_start) prev =3D vma; --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6643316F84A for ; Tue, 6 Aug 2024 21:28:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.46 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979739; cv=none; b=NK3ZQ1h5x10HofBP/vcyUx8nKMWJssUVo8qv0CI8hvvoG693dBtZg9fokuCtklU6kGfoqHu3SyUqnIsV+n6DbenQWSvmqZjEtVfilwQxe73L756n3NkSn9eQNmDeb36mrhP/PjTuW5V/GCkp7FwsxR8YZefhOf9Rk9ck5EqU6O8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979739; c=relaxed/simple; bh=v4B/SCbHPpbPlEcxgqBZ7deqT9TH2TdBcorYleNkT6g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FT1WtvshZLKVAdUO/aTmM3p93a2BAMK1T6AiiFPxtFuXfKPaaP2ykG1ZSnuyiV7y0aub+u2dxwIexmOpFrSWCEZfJhn0CMItLrdwp8GkwP7zLx56A8jGYKHbbVetb1wD3gSGDsgH4RPeYfZDkQeW4Qj8GZUNN7METz9kFxPuKRo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=CGxK3eUj; arc=none smtp.client-ip=209.85.128.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="CGxK3eUj" Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-4281ca54fd3so7421955e9.2 for ; Tue, 06 Aug 2024 14:28:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979736; x=1723584536; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7yM1YbCcZNsiuGnwCjfcKYS7TLfeIBdj72FSrCE3wH8=; b=CGxK3eUjr2iAMU39BiW5jUblPce6s6fHrtD/wpq2bk30Dcztu09uc7U5WD/1QYZ4U7 9TZYhh8HHHrIS25Q53YB8vgoro/nxFhzxHV5bUDt4pMkeK+KHerpSinQ6KnXhPCx9WU0 Ub0OuACorIBECxQOOGScK+TosLlZybXZzsPvfvK7/VuWUrbmoooXrww2NftvWgWUTKLy JsmcRQZDwDeRy3uiVdNDBeHkeon6GYVCYbNuJ7Hf2og2rEqk1BNxXyh7KYeBz1EpEzSz ipd4dii32Yyj7lyhTYIkslqQyAb9Bi3wxgqXZL5Erpj4YkdFoPVxccyp+qXWsoddzAhN Afhg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979736; x=1723584536; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7yM1YbCcZNsiuGnwCjfcKYS7TLfeIBdj72FSrCE3wH8=; b=GqIo9Ltnltl2+oFjYTbiXExCEat6yIGvkAnUBFCc0OEISJt0GW0lAmJR7uNOiAb0Wr zB2tN2pnnOY/g6oitmtL4Ni+822h6QcraFPFERuj8stysbOJC9e0fVLUEcY8KQmrOW9W 7uJI/5yp7lDr1UMTxordAK6zB5xcRW8OA4ZEnRE3VHPLa/BRl2x/Bh4ZOFTuQ+EiXNme 1sx8yE+jrI0V9EAVWwSGXsWvWAwp1vUz1SeCnhxs8sRfH2a2d3YQjxKvvgU4wybkcF9D 1xHQP5WID3XE+871YrMfdiUotxwpIh2KS2QDgpEnq8cuhFagIfzaM/5QIapJLHqCEMJc ra8A== X-Forwarded-Encrypted: i=1; AJvYcCW44tHPlvJ+o1LOR+e15xu4aDV5KQayx9ilCbro2u5CH/qNByto/UBbW4tWrFdXzGet8dwarFCGmlEf6k1vQa+uHz+8MR00VvX1C0OF X-Gm-Message-State: AOJu0YySVpHVj7UnWcz+ezkcQkXK005OcaKebWlbOcSUoWCsg7g2jvQn UlHcF/bPwcni2v3NbjrnIcnDu5xH3lPSL5hBz4/lielR8HfKc0No X-Google-Smtp-Source: AGHT+IFKF4Keu7U+7RmhvWeb9infuYn+flZVMPxZCRs2pmlb0q/OoQxxO6a7MebGMm65QOQXTqWjeA== X-Received: by 2002:a05:600c:468b:b0:427:ff3b:7a20 with SMTP id 5b1f17b1804b1-428e6b7cb7bmr115877715e9.27.1722979735307; Tue, 06 Aug 2024 14:28:55 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:54 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 4/7] mm/mremap: Replace can_modify_mm with can_modify_vma Date: Tue, 6 Aug 2024 22:28:05 +0100 Message-ID: <20240806212808.1885309-5-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Delegate all can_modify checks to the proper places. Unmap checks are done in do_unmap (et al). This patch allows for mremap partial failure in certain cases (for instance, when destination VMAs aren't sealed, but the source VMA is). It shouldn't be too troublesome, as you'd need to go out of your way to do illegal operations on a VMA. Signed-off-by: Pedro Falcato --- mm/mremap.c | 33 +++++++-------------------------- 1 file changed, 7 insertions(+), 26 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index e7ae140fc64..8af877d7bb0 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -676,6 +676,9 @@ static unsigned long move_vma(struct vm_area_struct *vm= a, if (unlikely(flags & MREMAP_DONTUNMAP)) to_account =3D new_len; =20 + if (!can_modify_vma(vma)) + return -EPERM; + if (vma->vm_ops && vma->vm_ops->may_split) { if (vma->vm_start !=3D old_addr) err =3D vma->vm_ops->may_split(vma, old_addr); @@ -821,6 +824,10 @@ static struct vm_area_struct *vma_to_resize(unsigned l= ong addr, if (!vma) return ERR_PTR(-EFAULT); =20 + /* Don't allow vma expansion when it has already been sealed */ + if (!can_modify_vma(vma)) + return ERR_PTR(-EPERM); + /* * !old_len is a special case where an attempt is made to 'duplicate' * a mapping. This makes no sense for private mappings as it will @@ -902,19 +909,6 @@ static unsigned long mremap_to(unsigned long addr, uns= igned long old_len, if ((mm->map_count + 2) >=3D sysctl_max_map_count - 3) return -ENOMEM; =20 - /* - * In mremap_to(). - * Move a VMA to another location, check if src addr is sealed. - * - * Place can_modify_mm here because mremap_to() - * does its own checking for address range, and we only - * check the sealing after passing those checks. - * - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) - return -EPERM; - if (flags & MREMAP_FIXED) { /* * In mremap_to(). @@ -1079,19 +1073,6 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigne= d long, old_len, goto out; } =20 - /* - * Below is shrink/expand case (not mremap_to()) - * Check if src address is sealed, if so, reject. - * In other words, prevent shrinking or expanding a sealed VMA. - * - * Place can_modify_mm here so we can keep the logic related to - * shrink/expand together. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) { - ret =3D -EPERM; - goto out; - } - /* * Always allow a shrinking remap: that just unmaps * the unnecessary pages.. --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1D153171079 for ; Tue, 6 Aug 2024 21:28:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979739; cv=none; b=nAnjQJK3j4GgVSiJSxODYitBWJeX0gXv4822LbnBba7G82XF3ysk85xNlPwwGI6rajNQRII5GjAmYRfdrstYd28liAoCB7ueiDoLkOBw7gasmN0oz+B7+7Uw2YR8bQGFItJHa1H/fRPwXnYw42PpZWX/Kfo4w076Ph5Oe+4n+O8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979739; c=relaxed/simple; bh=NbOvkFUQVBBahWt/DJiJRCzZdNMiMtEwOXOBbIuIPh4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=D1YK1ScfZULdmH/v4cn07EIAiuu7hioKRwLopwqB/P/zd6AGvJyfvXL8k7g/b5rSPOQ9tPXRfUsKJ4GpGJTTmYT5ry6PS1Fe1CW9SjJ9ysr69UzvtLRe9Q/zpEYmAoavo3ei2rZDbtvsw12MJKLO1iuRjy/ZQP0rjDWH1viv9x0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=nCTbrazH; arc=none smtp.client-ip=209.85.221.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="nCTbrazH" Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-368526b1333so156719f8f.1 for ; Tue, 06 Aug 2024 14:28:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979737; x=1723584537; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=udsLDmPzjgpkWsx7RYjGnyjlum6MBZ044D+jLhSjl94=; b=nCTbrazHItJuHBhJL9tSCbcg2bZceaFhJaEKROnv0i+IwWVv8ZuK9Oy2zbV+ls5WEX QYkYgBAcfowHiAarqPuJcEeYSIE5vnjGaSINQYDU13aJxBWhuIyNqJL7YuCt+clalL8J N78lzeSuhwpQyQQRDfk+Xd9fJZUnOinzOowzfTgxfcEk05dQd0fCpmQxhcdw807TJsFT LbS6P1YbAt2KUOSVi8LgNwgyEIthssZ26fCA9ccWEJdW/yh7wxw9V0PfmBZubCFLQgVo NRRCrTTZSKdwRd2M3B/GwidshjQhKp6BkAgsyCkOsmG8M1TGvkJUMwH3eqVq9q4Nqj5p q/mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979737; x=1723584537; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=udsLDmPzjgpkWsx7RYjGnyjlum6MBZ044D+jLhSjl94=; b=TEYYpq7T6sOmtzCu3UMjd2KqquaCSsyKS5SnFx7Ycba/y73oMBy0bx+Qcp5b8cpVaN XLxeeMyH0Eyw4N+vN0cvl4deRbByxXbr11/5S9iCRsTTIyFv3N1vV609dxKYQXSd0ayz My2lyKBuJQeWiUeb+KW2tO1qbrvEfOIoFVr9oF6s1HLaU3TDA3k26lpMXL5RTpTWFP6G xp7GQUz1qwbWGMbEQsu7aCGIm+h4valarU8tGqOiQqFVbxzIcAKl3+JS4L0qHiqyu1Hm o/iDro/HnClzbRwq3jNNEf2p7GvjoWsPJnDDBMxcg7XK5ypjNEDJ4T4s/vo2ygikaMaK ZqqQ== X-Forwarded-Encrypted: i=1; AJvYcCUgjAAiRCllI7a6uT6wkueO3OvkMxJVU9AU9JkKwKtgZfPHIE7yroYHCeNrsu+KiGWjtfUrZX/XeKZ1ZNRw+PaIaPNyvPVi3e2m+Q4O X-Gm-Message-State: AOJu0Yy6mvSfnktcs5xxu1/Q1o5iiDcb/LxzF6bsfvuuGpvn6m8uo0RD COd21aJBW/Kpy4sYv4jCkgrFeVcdbS6qdfNhAd+EHoIFBf/BAnWM X-Google-Smtp-Source: AGHT+IH55gHkDsQZoE6Cj0KH26OcQ4V5BoqgtaVjG59s6McB8ZiD52DbwBs2HllTYh2L9dYrKwKDHQ== X-Received: by 2002:a05:6000:1785:b0:366:eadc:573f with SMTP id ffacd0b85a97d-36bf0f6dfeamr78734f8f.27.1722979736421; Tue, 06 Aug 2024 14:28:56 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:56 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 5/7] mseal: Fix is_madv_discard() Date: Tue, 6 Aug 2024 22:28:06 +0100 Message-ID: <20240806212808.1885309-6-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" is_madv_discard did its check wrong. MADV_ flags are not bitwise, they're normal sequential numbers. So, for instance: behavior & (/* ... */ | MADV_REMOVE) tagged both MADV_REMOVE and MADV_RANDOM (bit 0 set) as discard operations. This is obviously incorrect, so use a switch statement instead. Signed-off-by: Pedro Falcato --- mm/mseal.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/mm/mseal.c b/mm/mseal.c index 4591ae8d29c..2170e2139ca 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -23,9 +23,17 @@ static inline void set_vma_sealed(struct vm_area_struct = *vma) =20 static bool is_madv_discard(int behavior) { - return behavior & - (MADV_FREE | MADV_DONTNEED | MADV_DONTNEED_LOCKED | - MADV_REMOVE | MADV_DONTFORK | MADV_WIPEONFORK); + switch (behavior) { + case MADV_FREE: + case MADV_DONTNEED: + case MADV_DONTNEED_LOCKED: + case MADV_REMOVE: + case MADV_DONTFORK: + case MADV_WIPEONFORK: + return true; + } + + return false; } =20 static bool is_ro_anon(struct vm_area_struct *vma) --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 59DBD15ECF1 for ; Tue, 6 Aug 2024 21:28:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979741; cv=none; b=IgJIBvAkkdWMXOV9Q/YRqvQjIVHw0sHLs01Yl6iRftS8lT7CANZzJcQzEM3lhBF3SHY7clmkYzOZp9109Ye3fq9Ng0UfQL5EvCV2ZP5q+gC1xJy8APPUKANvtbkTHeuhaWkZ+ZWk/b5D5/3h5qx4udEx/E5ZnWh6jHBCscdUEL8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979741; c=relaxed/simple; bh=dOp7lOrcLzKiQHMFRW++fqwZuN7KM4NLeFtEqGv9G20=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BFvbzRI0v14tmux+nj+xAN4N3i+9HECr/4nfI5vR5Z9izhktUjzSAovVFrd8qfJgGKpYLnvNDSzw3qSaGHVNdrFFrDgfMxfMTzzzBlSCS1Yuc4LLOUl4KY6tHahb6DNmZnt6l33evm2v1LTgaHc5exR2gmjZCC+LeaTi/Ll/vtQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=iOAHmeYx; arc=none smtp.client-ip=209.85.128.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="iOAHmeYx" Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-4280ca0791bso7520245e9.1 for ; Tue, 06 Aug 2024 14:28:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979738; x=1723584538; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=etcXdj3Gafh+NAZ3OdhB7G7qgWQmpViAnZzXkT07D14=; b=iOAHmeYxoPgn1zIbD8z2RinWNK8t1whGU3yFoGoEuFLl6489qK+ZDwAGnemtBBQBps wnMJpVYmf79MSLqg+E4FZK6B3Zi7KbEsyaH58Vdo3ikEaJkuEw5BrLqpwMEK7A6pjmsa sWbFyhFL8ta0Y6HR8V10LqjLAqZ37D7FVuYw+xZP9lCj6v2BPxaFhlsRZeAUk/Eod+YE oVdQsX2N7aefZcUtQf6w+IEm1nUm8NdvNhlfnrJI4Kw2MQzAY+bFCuLF9nB64dXW6uii Se6a1hZwLEXNAbLoggPIshbTC22HVn6Pgy2VUIZHf2axnE9xYbI0YecY6uMhASvoXrPh mbhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979738; x=1723584538; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=etcXdj3Gafh+NAZ3OdhB7G7qgWQmpViAnZzXkT07D14=; b=K9jF824V++UGKIbQccHak9hMAtl0wmHf9shFtZSAeLWkkzrYUfxGdb1t13LGD3QWoY b3tdk6DdS5tT6/5kTmABfrrPUnAGchqNzvt6irnCAfOugH/BxaOT3iU66d+OeduDrdsk 4JUxoTwSYj6jsdnFQbnICUnwnuIar4OMESXTT7CnXineOg+E7Z+xRuFkF4PzWeX8sKBP Pv0ccdVUbFg+xDvoMreCULiIo9phlQqdk45l0paxuFgXJEifkF2u1nLSf1yhrCVcyR2d ioZwXe8+ZKyEnOsayKvu2f1qPDZ0ur9+QSqX3J+khOgs2dbE0ecQvfmGdaIfXTPpIxx6 riOQ== X-Forwarded-Encrypted: i=1; AJvYcCUJAqnTArGwgK/4MQKV9PdWR9BrwDF9RNVzU8wZQsO7bsoh7D0vyoFE4gqSjRo2x+x6AJxysCl9vYedHvvSYWMoahhsyZM8zryFUNKc X-Gm-Message-State: AOJu0YznYLta9hkGW09Gz3ez2nsTvOV4pzi/GwtQAcm4JidchxzynslE Y1ztWvZ0a+ya0btWYycbxTvgDcC2z4NZ8Ljg8gI6+04tuiRaTKM6 X-Google-Smtp-Source: AGHT+IGRFPCSRqOADFcs6F880K74zKy/fyjtmt+7DweFI9MMFLoc37XUfF/Mh7Mb+xtZ0Bt5/QWsCQ== X-Received: by 2002:a05:600c:46d0:b0:428:29d:4b59 with SMTP id 5b1f17b1804b1-428e6b09a2emr126203285e9.20.1722979737534; Tue, 06 Aug 2024 14:28:57 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:57 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 6/7] mseal: Replace can_modify_mm_madv with a vma variant Date: Tue, 6 Aug 2024 22:28:07 +0100 Message-ID: <20240806212808.1885309-7-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Replace can_modify_mm_madv() with a single vma variant, and associated checks in madvise. While we're at it, also invert the order of checks in: if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma)) Checking if we can modify the vma itself (through vm_flags) is certainly cheaper than is_ro_anon() due to arch_vma_access_permitted() looking at e.g pkeys registers (with extra branches) in some architectures. Signed-off-by: Pedro Falcato --- mm/internal.h | 6 ++---- mm/madvise.c | 13 +++---------- mm/mseal.c | 17 ++++------------- 3 files changed, 9 insertions(+), 27 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 09ea930540f..4b516618389 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1517,8 +1517,7 @@ static inline bool can_modify_vma(struct vm_area_stru= ct *vma) =20 bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end); -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, - unsigned long end, int behavior); +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior); #else static inline int can_do_mseal(unsigned long flags) { @@ -1531,8 +1530,7 @@ static inline bool can_modify_mm(struct mm_struct *mm= , unsigned long start, return true; } =20 -static inline bool can_modify_mm_madv(struct mm_struct *mm, unsigned long = start, - unsigned long end, int behavior) +static inline bool can_modify_vma_madv(struct vm_area_struct *vma, int beh= avior) { return true; } diff --git a/mm/madvise.c b/mm/madvise.c index 89089d84f8d..4e64770be16 100644 --- a/mm/madvise.c +++ b/mm/madvise.c @@ -1031,6 +1031,9 @@ static int madvise_vma_behavior(struct vm_area_struct= *vma, struct anon_vma_name *anon_name; unsigned long new_flags =3D vma->vm_flags; =20 + if (unlikely(!can_modify_vma_madv(vma, behavior))) + return -EPERM; + switch (behavior) { case MADV_REMOVE: return madvise_remove(vma, prev, start, end); @@ -1448,15 +1451,6 @@ int do_madvise(struct mm_struct *mm, unsigned long s= tart, size_t len_in, int beh start =3D untagged_addr_remote(mm, start); end =3D start + len; =20 - /* - * Check if the address range is sealed for do_madvise(). - * can_modify_mm_madv assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm_madv(mm, start, end, behavior))) { - error =3D -EPERM; - goto out; - } - blk_start_plug(&plug); switch (behavior) { case MADV_POPULATE_READ: @@ -1470,7 +1464,6 @@ int do_madvise(struct mm_struct *mm, unsigned long st= art, size_t len_in, int beh } blk_finish_plug(&plug); =20 -out: if (write) mmap_write_unlock(mm); else diff --git a/mm/mseal.c b/mm/mseal.c index 2170e2139ca..fdd1666344f 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -75,24 +75,15 @@ bool can_modify_mm(struct mm_struct *mm, unsigned long = start, unsigned long end) } =20 /* - * Check if the vmas of a memory range are allowed to be modified by madvi= se. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. + * Check if a vma is allowed to be modified by madvise. */ -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, unsigne= d long end, - int behavior) +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior) { - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - if (!is_madv_discard(behavior)) return true; =20 - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) - if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma))) - return false; + if (unlikely(!can_modify_vma(vma) && is_ro_anon(vma))) + return false; =20 /* Allow by default. */ return true; --=20 2.46.0 From nobody Sun Feb 8 03:10:33 2026 Received: from mail-wr1-f42.google.com (mail-wr1-f42.google.com [209.85.221.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8921D1741FB for ; Tue, 6 Aug 2024 21:29:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979742; cv=none; b=dnQufy99PmskUZ+YNc4Sp37tpu1EWyNw6hs2C8sgr1RGN2Xw2sGd1eEiWmT8X4j3FoV07Hm9XfADshKgM2iOyEla+5QyY94JXKIAIiQBXF/z/blzB/vrdEYGnMdZJ97IqvSQ3KQNKKI8FZVNORGAP55YbDVUETtf2NYUFNNFRkU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722979742; c=relaxed/simple; bh=L8FVdgmpHj6v4+7sau/HBf2TW5wo44A8IhxBSHeWcxk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JvPsnrEbzCbxw2fr1RGCYIpVZybkAq3pJ3+y0uRJNoD30GVzWJcQLtQRrKVy/zAG9Y4Kyo9NXd0Ml/9UugZwUIqIvsddWCMFkq3HUVpA6reVgTCbdjdVfsJDcrjZ+mIdGjoowKqmjCsbRF+g1TMzw/kUo1WWdIeJWp1IFB7QbZk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=i0Fso4eR; arc=none smtp.client-ip=209.85.221.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="i0Fso4eR" Received: by mail-wr1-f42.google.com with SMTP id ffacd0b85a97d-367963ea053so728247f8f.2 for ; Tue, 06 Aug 2024 14:29:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722979739; x=1723584539; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=P8jkam3zkvOuQdb/UsojC3i3iLSf3z8ynwn24gT0otg=; b=i0Fso4eRw+J3JCxEKk+6Gdq8bEvMxCE+tf3pzeGQF0MAJe4wRLW3SiMJukfDB3yL4k eU3Y7AytCHVQPxgWoXNI1Qg/0GYr513U+eBifOJgLmRhRqjK/kcjB8ZV9nWfDkTrc1ql ahF6dV9yTAOtjpg1AzQ8zpsofbPPg+h3/ILDp/PkwFAmaSHBPmA0AN1H35FCcKOvLhF9 R/QPaUsSsmc+zsxZggHI6dSzpvPQEJX+yFP8jsTugiF3gHsZZV+HCUBWjkarFymHf0JW 38zRTIv6EMDhPPmmd4VInJJ6qHdKzXx0+eaTlZaqUdBHeVTpHJTCB/OiGQloL4j9Hyzo mkOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722979739; x=1723584539; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=P8jkam3zkvOuQdb/UsojC3i3iLSf3z8ynwn24gT0otg=; b=HEDfe1QCWP9BwoeulUpyE6TLs7XUBjsrR19AkfqZzox4/rRQxFHLpAi1mnMYjbUYhw EpIpo9+H3K7j5cfHiVRrD7QufTE0DsRPfzi9PIwVqf3xNh9+fJ1yhKoWhkXrN/WQonrY 2s4yUQrpOmXnPkOoRyen2H0VCWppf+N1nU78LVXOQCodLTFAq4+rt1R5jFyC2ZX9OD6x J82Cizd3krOL9fi+f8SW0Noa1O8u9nLMsmcBaeRwamU6fb9IaBZNBF+AHjcZiFjwZJeX xvzeFNZfthGuIDVXpMj4DKtRYL54rMdPWE7l9xG6PhrivsMhb2xSJFzsH/qV2m4W09El GMEA== X-Forwarded-Encrypted: i=1; AJvYcCV5VLS37EKTHSYJHCequX/Qic8a3c63iNhziN1z5YqSpT0gca5eZhPPPBmVFzovH5GGmK+goMIFVWNEMXRi5y4VPtJMV/Y7lbIyKiC5 X-Gm-Message-State: AOJu0YzlBKUK3D6+adA3OwDSc75nc+nCbTmNzxALCzBsQD1lgiPYVo1s 33U7UybEFKqT+aMfsXoWXhe/gZRuo0nUgpEogWXlMtFpijhJ9twf X-Google-Smtp-Source: AGHT+IFVhNcJL1XwxIj73p08P6Puvj7uc+dGQgCKNGuIkxBKPnC+MtSj/wcc/Gg8PVOg+3Ww7u7Q+w== X-Received: by 2002:a5d:63c9:0:b0:368:4e35:76f9 with SMTP id ffacd0b85a97d-36bbc136ddfmr11556658f8f.37.1722979738730; Tue, 06 Aug 2024 14:28:58 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4290501f0d5sm1858545e9.31.2024.08.06.14.28.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Aug 2024 14:28:58 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH 7/7] mm: Remove can_modify_mm() Date: Tue, 6 Aug 2024 22:28:08 +0100 Message-ID: <20240806212808.1885309-8-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240806212808.1885309-1-pedro.falcato@gmail.com> References: <20240806212808.1885309-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With no more users in the tree, we can finally remove can_modify_mm(). Signed-off-by: Pedro Falcato --- mm/internal.h | 8 -------- mm/mseal.c | 21 --------------------- 2 files changed, 29 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 4b516618389..e4416f5da2f 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1515,8 +1515,6 @@ static inline bool can_modify_vma(struct vm_area_stru= ct *vma) } =20 =20 -bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end); bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior); #else static inline int can_do_mseal(unsigned long flags) @@ -1524,12 +1522,6 @@ static inline int can_do_mseal(unsigned long flags) return -EPERM; } =20 -static inline bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end) -{ - return true; -} - static inline bool can_modify_vma_madv(struct vm_area_struct *vma, int beh= avior) { return true; diff --git a/mm/mseal.c b/mm/mseal.c index fdd1666344f..28cd17d7aaf 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -53,27 +53,6 @@ static bool is_ro_anon(struct vm_area_struct *vma) return false; } =20 -/* - * Check if the vmas of a memory range are allowed to be modified. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. - */ -bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned lon= g end) -{ - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) { - if (unlikely(!can_modify_vma(vma))) - return false; - } - - /* Allow by default. */ - return true; -} - /* * Check if a vma is allowed to be modified by madvise. */ --=20 2.46.0