From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EC33E149C6C for ; Wed, 7 Aug 2024 21:13:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065197; cv=none; b=TPR+PefIGjSUVqPamdB26FC4zKKpaTWlwyxMUdSX+TTWXjEaMzHnNxOiulh+KiJ97Ok1jaHypX+PtAv+2G7gsbMBqWUMYYTS9ytmwO1wQgQmqw4VxEY3dLxkq4O57dcRxTRUGTLN8IB2c735ZbCeu/TWbHX+EYE+W56oV6CdQhs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065197; c=relaxed/simple; bh=VIi/luW+740g41qtqCw+3x4Oo+hIBneAV0ddLEMtIyA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uRB652+ie5xeG0zV34FF8LlKf3dDwbU6dbaKBzvpZMcJPYEzNmpBL/nfFLGF1d+utmlHaEdo7i71Z+Jy0+y/kGAx1yj54gzULKu8uifFoVQ2YjuJJD+ZMmXmIUEv/9sK34ngsgDuoMFcpLm2D5mV0XFy0f2QIpNSHJmBJt+yLYw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=KOtQZCh1; arc=none smtp.client-ip=209.85.128.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="KOtQZCh1" Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-426526d30aaso1918455e9.0 for ; Wed, 07 Aug 2024 14:13:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065194; x=1723669994; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0V+Hy2pcZNl8i2NdiK8iQy154jgjW7kCAAavfYbuDD4=; b=KOtQZCh1mxwUJF9f50MZbTqkvohQ3FinZ4iLsoD2lA4N0pVcaG7Hw7+YeijceugdBZ ycOHNxB2hiKfdRFuutLlIft/xDA6I5h+MxRmmVCDZp5t8a1fX3WozwFnyfkLMUQAAORY /4qCCrwJifPh6xWdhDvmmp/hp+YTPKD4gtHsbdrk5aoZsocz4E3ZjH3cq3u0HSQV2PbJ 3uGbLZVWU0HpjL/UvI7yPYqY/lCnwVPM22McHywbIYAYRywpfPMTSk85NZU+3/5W4Fss /gC+igZ7IUulPJCJRO29i+792Wwdk+zNf8eTn1SaaHu8MawT+m+WQAkPIFmT32YfmniE ps2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065194; x=1723669994; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0V+Hy2pcZNl8i2NdiK8iQy154jgjW7kCAAavfYbuDD4=; b=iScK3timBZnJ/U/usxs3sn6KoZYNT8H+8tX/I9I/TTS5uu+VXOIsE9+PLGls4G62xz opkZNT8MC5vDfBmbPIQvbQEWODJOjSkmTlKJ9UMctSEQrATHt2/Ypq3uXjyFCh4sIPL6 ByG5N0kgDIglzKDluejczWyD7lZUFmewlql51fO8q5mmeO1xZwGJN+oiv+Ol29AOw4eD 1FAhfNaExTBpLdkwRiYEsCFiNWphknBTPs7eLHan3FqmUx2M829mwdAo8X/tB12Gd+lj KR6R/TPPu3AksrSOjh7w8GukoqAgSGb1oDWs/7o4O9d/ZheL4cZ2hcb9RfD8h9aaVqhH sSag== X-Forwarded-Encrypted: i=1; AJvYcCXkeTWdoLXE/OB52g/rqbQf7kc3wIjzkHTHbYZcIsvZzPuoBDFndVjzCQBDaA/AUCHRwR5TAXFZlSieYKQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yy5wOvE8NkZ9Uwa1SjI+bo/pidL+/8HU7RWvCwOEYh/f7ryAguM 2fxxnWJh6M92y59cq7udAr9A2jjaenu3+pWLRDrcoc+lWkKuG2YV X-Google-Smtp-Source: AGHT+IGZXVkwP2NuFsG+OgPnqn7B/IU0ZazKLTjqwmDHjbu0OXQttrn5KJCkW1Fvqzp67cidEsfQug== X-Received: by 2002:a05:600c:4f0d:b0:428:52a:3580 with SMTP id 5b1f17b1804b1-4290aee04b7mr104415e9.3.1723065193882; Wed, 07 Aug 2024 14:13:13 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:13 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 1/6] mm: Move can_modify_vma to mm/internal.h Date: Wed, 7 Aug 2024 22:13:04 +0100 Message-ID: <20240807211309.2729719-2-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move can_modify_vma to internal.h so it can be inlined properly (with the intent to remove can_modify_mm callsites). Signed-off-by: Pedro Falcato --- mm/internal.h | 24 ++++++++++++++++++++++++ mm/mseal.c | 17 ----------------- 2 files changed, 24 insertions(+), 17 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 52f7fc4e8ac..90f50f3c4cf 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1353,6 +1353,24 @@ static inline int can_do_mseal(unsigned long flags) return 0; } =20 +static inline bool vma_is_sealed(struct vm_area_struct *vma) +{ + return (vma->vm_flags & VM_SEALED); +} + +/* + * check if a vma is sealed for modification. + * return true, if modification is allowed. + */ +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + if (unlikely(vma_is_sealed(vma))) + return false; + + return true; +} + + bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end); bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, @@ -1374,6 +1392,12 @@ static inline bool can_modify_mm_madv(struct mm_stru= ct *mm, unsigned long start, { return true; } + +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + return true; +} + #endif =20 #ifdef CONFIG_SHRINKER_DEBUG diff --git a/mm/mseal.c b/mm/mseal.c index bf783bba8ed..4591ae8d29c 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -16,28 +16,11 @@ #include #include "internal.h" =20 -static inline bool vma_is_sealed(struct vm_area_struct *vma) -{ - return (vma->vm_flags & VM_SEALED); -} - static inline void set_vma_sealed(struct vm_area_struct *vma) { vm_flags_set(vma, VM_SEALED); } =20 -/* - * check if a vma is sealed for modification. - * return true, if modification is allowed. - */ -static bool can_modify_vma(struct vm_area_struct *vma) -{ - if (unlikely(vma_is_sealed(vma))) - return false; - - return true; -} - static bool is_madv_discard(int behavior) { return behavior & --=20 2.46.0 From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 331A8149DE4 for ; Wed, 7 Aug 2024 21:13:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065199; cv=none; b=Zt8WK8le0E2RfoILFpqZaYqiyOxcjoffdvNicBu1cM3++8kyxyJjLCnrNvm9qgUwvyIFdjhOVC73JoVYNzqb0KUcohVG5/VhJCFBvxkFHKsh9dNe4XIMDAjWjHrQyDKTpOvk8DPQ+2iZx9VEAYHjoMUij8zUxL8wEXhKPDubRFs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065199; c=relaxed/simple; bh=pSD5olf8arH4asztN/L7oXloRLZzeJzcaShHvOW6MPc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jzyT7614+X6QfiHXJYyM3oTYTwqKg6sRFLPxymfgrYLyKMZVKZuDD6PDuq16z9EBsxh8L8VooV3vvAJDn9kZiFORnP3h9l4EghMmHeJ0aSJx0RYSvJg5x8iXJDny0C8ILtLYn7JZNOrTrq1Luuy9at8ycMWiHsz0MuwwF27SHZo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Z03WeJcs; arc=none smtp.client-ip=209.85.128.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Z03WeJcs" Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-4280bca3960so1990545e9.3 for ; Wed, 07 Aug 2024 14:13:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065195; x=1723669995; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ipxPc3kHJ/aHYONf/RL5CQxJXN3wQhPlYJdaXX0x/8A=; b=Z03WeJcsr57YLumvyiACm4HDnsGvRcPKzOXZARzCv9DNsdB5DbMuDL+NP1FG5Va4GO PUIZJCpvxyAT5cB5zp93FtTLHqJHPgz4bBHS1EY+OwaV/1v9/HwcmPrYGLSKj2UzkuH+ m/450gjKBRiZ+cg1iSyVqdZNJTcYuee/WqPJO80tnlLK98RkKBURJjAYuQKOWbn4FhDv 7FnZyyRDzwOh1hGgfNFQvw+kGs/WzlITkPZs1v3yLNY4S5f/biZQ5u5knrccSDjR/Cvk BFImMM2E8mrwUdewFBIO26jhQZYcwjL8QpKKmzGqlnrSSd30RqOCWBHS4looJK9bpyci uw9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065195; x=1723669995; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ipxPc3kHJ/aHYONf/RL5CQxJXN3wQhPlYJdaXX0x/8A=; b=j0jsde2M7saUBzZHkzf56drj7IZqiVFtnX6KyZjrmGQ9rjkQkQD+Q3Sb/UCjVZ34oS 6q2Ow0LcgYe7p1G4owR06jA2vnkiEN90or9sl/Vz8RWliqfipyPweaevXstWm+3aexeV enbXUYknQesKGDY8l8WifjXXqgofuNMzf/iIjMtJ9JzFYCAJmp/plhkz2us/unnEB5lD JGxX14nvxTm1dZrufZkkU1HZl/JwweW09xdv9NQAtAkgB8CANm0W5Q3nyNGiQV4shse4 gQ3Teomi3g9PeoO7yMauge/g6CVNeUwPM75xT2URclszjimmvOSw4ZmCJbiL8CPb3P3U THNQ== X-Forwarded-Encrypted: i=1; AJvYcCWwTPjZcq4YQnAoS/2wtc3ah4o1x15OewJh1xLyNz9xKLBcN3f8RhOnAlSQrvBIDnlWUeV6KgBQDhqQsJc=@vger.kernel.org X-Gm-Message-State: AOJu0YwViJbtw39UXpVylz6VWOTaRv6qMrS13KnI9Ewf2R4cGdi7of95 sPbbCNYDm4UOwfJsJPkw+UyzjD7dkjsIdygZABvsgQOcSsohcLWXSyFB7rA4 X-Google-Smtp-Source: AGHT+IGUgTLwkyGxx34ziVOHF9gL7CXCZ85fMygqSYe2EG18dKWn9T+3Dab1GPTFV+wfcEilhPcNtA== X-Received: by 2002:a05:600c:19d2:b0:428:14b6:ce32 with SMTP id 5b1f17b1804b1-4290aeee1bbmr80955e9.9.1723065195315; Wed, 07 Aug 2024 14:13:15 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:14 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 2/6] mm/munmap: Replace can_modify_mm with can_modify_vma Date: Wed, 7 Aug 2024 22:13:05 +0100 Message-ID: <20240807211309.2729719-3-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We were doing an extra mmap tree traversal just to check if the entire range is modifiable. This can be done when we iterate through the VMAs instead. Signed-off-by: Pedro Falcato --- mm/mmap.c | 13 +------------ mm/vma.c | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 23 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index 4a9c2329b09..c1c7a7d00f5 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1740,18 +1740,7 @@ int do_vma_munmap(struct vma_iterator *vmi, struct v= m_area_struct *vma, unsigned long start, unsigned long end, struct list_head *uf, bool unlock) { - struct mm_struct *mm =3D vma->vm_mm; - - /* - * Check if memory is sealed before arch_unmap. - * Prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - - arch_unmap(mm, start, end); - return do_vmi_align_munmap(vmi, vma, mm, start, end, uf, unlock); + return do_vmi_align_munmap(vmi, vma, vma->vm_mm, start, end, uf, unlock); } =20 /* diff --git a/mm/vma.c b/mm/vma.c index bf0546fe6ea..7a121bcc907 100644 --- a/mm/vma.c +++ b/mm/vma.c @@ -712,6 +712,12 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct v= m_area_struct *vma, if (end < vma->vm_end && mm->map_count >=3D sysctl_max_map_count) goto map_count_exceeded; =20 + /* Don't bother splitting the VMA if we can't unmap it anyway */ + if (!can_modify_vma(vma)) { + error =3D -EPERM; + goto start_split_failed; + } + error =3D __split_vma(vmi, vma, start, 1); if (error) goto start_split_failed; @@ -723,6 +729,11 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct v= m_area_struct *vma, */ next =3D vma; do { + if (!can_modify_vma(vma)) { + error =3D -EPERM; + goto modify_vma_failed; + } + /* Does it split the end? */ if (next->vm_end > end) { error =3D __split_vma(vmi, next, end, 0); @@ -815,6 +826,7 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm= _area_struct *vma, __mt_destroy(&mt_detach); return 0; =20 +modify_vma_failed: clear_tree_failed: userfaultfd_error: munmap_gather_failed: @@ -860,17 +872,6 @@ int do_vmi_munmap(struct vma_iterator *vmi, struct mm_= struct *mm, if (end =3D=3D start) return -EINVAL; =20 - /* - * Check if memory is sealed before arch_unmap. - * Prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - - /* arch_unmap() might do unmaps itself. */ - arch_unmap(mm, start, end); - /* Find the first overlapping VMA */ vma =3D vma_find(vmi, end); if (!vma) { --=20 2.46.0 From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7398F14A4D9 for ; Wed, 7 Aug 2024 21:13:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065200; cv=none; b=XW4Lf8qNNPcMMnzuW9Faq+L1Ltg20Ea6GjYNvu6iVUrUDOMNAUV4LpZ3SykYZsGzOOSQPVhI0gHdkkJI7sFFx+IRugdDfZdWF4UAFWQrGxjBNempcn0LmVgRoq2D1NIW0BlDiuTCElVoBOR/2GaTA8s/fRGmLuagjg77xXC0Wpw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065200; c=relaxed/simple; bh=adc+1M2MuwO5QW0JpRW5+vcWpcbzMyPH3TjLiKofQAs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VHQj/qnbddxER4+J5R9L6ErFm1lwvkwUezD4WjKntrmsQ3q3qC74TBXQymfiHl4kdHZP0UbgAWu4HwpeuOhEigLoIeu5JOH9ZDB3kaG+UGGTLSGcjqGNlG5H2BLctC3/+YrqLrEKwiiyJjT5yK1SQJOijn5dlPrhtXFJMTCAw4k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Y4kJw9y+; arc=none smtp.client-ip=209.85.128.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Y4kJw9y+" Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-42816ca782dso2034135e9.2 for ; Wed, 07 Aug 2024 14:13:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065197; x=1723669997; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3k8I48Q9YYmd4N347hipHhtPig8PZRgdw+eINOHLWZc=; b=Y4kJw9y+y0n89zX9L4nPtT3PxRtk7u1QwN9KJKH0Ehxb8EBsSgDMuz+BCPhH0Vdv4s 9tM3Iw6rSOHU3kWesNO11ad88wrE7dCL7p/BRX/yG4rccgqV59FBKPOijDY/NnAC4+0b H5o5DE1XgkzypQTNYQ2BQguJNf0oIHS8OoJ0DtpGF9fimN97Caiy8ypRHy4uATC5jaJQ FVfEoR1kbstznMx5YDsdfuzjjSkgB8k7G80Vmz3roVyFLil1gabJKoMFbHyxjQiRBjAD EZBT2dOdct0gzzNi0ldU6BUsDh1utmybQI1S25tRtpaC7ElbyC+HoUpdDi/3HoflQz8f DNyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065197; x=1723669997; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3k8I48Q9YYmd4N347hipHhtPig8PZRgdw+eINOHLWZc=; b=xJr+f1Lgb64ZzjcHq5Oq6yMHkV1EEcEoy8+CibemYVcX3phTdx6y0Na2v6AJ8vSgrB AanBDyz9Vx5iGn9VbC8K2VYMWsrI3/VLBErOBNwqNrbuKAH/kpTSw4C4djR+6+Wbhib8 3tmUZNAiLRmLuNnUGv36yZRTy+97WIvDnh54127Tg2xOQPm5zaetommWcGt2KKZK/AX8 oh3FYGavH4CSQvkTTWgsID8kyb33yOVAMNPNN9N/Qa379r2MBY7Ob5pvSZ3Pv13asYvU DvICrG3NoYx1AKp0twE5e7d1v7oXf5x44gHmhPWpw/fq0nnIfDbJs1Uux4UEdeFzihcY nodA== X-Forwarded-Encrypted: i=1; AJvYcCWKrjDbm0QjcIq4y1od6gLBGLG0pu9xLdjG64nOU/1Hdbpognrgx89GT6Hz8+lNs6bd6WnZxMTDXwSDwAJ5FSli295x3qf1M6We7iZ9 X-Gm-Message-State: AOJu0YwhLKZ6l6HcrIF9b3dB50prB71XpZhZz5n80DBfnFC9KnPLlUYk 32sZ1HvE5uqawJaoB+VvYnIzXYpHUGESNLKTuXjHB5/Ty3oSmy5d X-Google-Smtp-Source: AGHT+IFrulQEOE6yTxkrgAm5+Yjks8+XzbkO2lRTVnCuLyVnQOOuaJYB61OWTGLzsBePku79xWdeTQ== X-Received: by 2002:a05:600c:45d0:b0:426:6ee7:c05a with SMTP id 5b1f17b1804b1-4290aeaf247mr126145e9.15.1723065196743; Wed, 07 Aug 2024 14:13:16 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:15 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 3/6] mm/mprotect: Replace can_modify_mm with can_modify_vma Date: Wed, 7 Aug 2024 22:13:06 +0100 Message-ID: <20240807211309.2729719-4-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Avoid taking an extra trip down the mmap tree by checking the vmas directly. mprotect (per POSIX) tolerates partial failure. Signed-off-by: Pedro Falcato --- mm/mprotect.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/mm/mprotect.c b/mm/mprotect.c index 37cf8d24940..11330131e2b 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -588,6 +588,9 @@ mprotect_fixup(struct vma_iterator *vmi, struct mmu_gat= her *tlb, unsigned long charged =3D 0; int error; =20 + if (!can_modify_vma(vma)) + return -EPERM; + if (newflags =3D=3D oldflags) { *pprev =3D vma; return 0; @@ -746,15 +749,6 @@ static int do_mprotect_pkey(unsigned long start, size_= t len, } } =20 - /* - * checking if memory is sealed. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(current->mm, start, end))) { - error =3D -EPERM; - goto out; - } - prev =3D vma_prev(&vmi); if (start > vma->vm_start) prev =3D vma; --=20 2.46.0 From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C9EA014EC77 for ; Wed, 7 Aug 2024 21:13:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065205; cv=none; b=TLY/o0Qk4yJxI+0oAJRolnq6mtFvltP5i4Tq2IH/a4KgFbr3z5+d3quJ+uPtBcbvsCGqzaaZ1WIxZ2w5JTkrFQlUvfLS+NED6N2wyTc/haiWbpdWP2lKotDZaADAuzZyvEFbJFU5/dIYQKXswywZhn46telDpuG3OdH0/AFypO0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065205; c=relaxed/simple; bh=FDADV2BTEwJ+ON+56YH/gWeFoI36jwwpLMj16QIlsZo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sCq63uTGSGkgWEQGvnemw4W+DGBeY4mMInqa7dZWxHSicW3MLT0l8jrjdZ/va9iis2hznl/x1lch711yvKY7bk93q7nUK3p5x3ER0P2czaBcjEZhTdHwgh0KgALX37Uf02z8JvCRfqXw0K0lxc3vT6BM74WLe0KIAb4w0RhqjCg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=E3Y7WCHF; arc=none smtp.client-ip=209.85.128.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="E3Y7WCHF" Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-42817bee9e8so1913395e9.3 for ; Wed, 07 Aug 2024 14:13:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065198; x=1723669998; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YfNB5/9qLPsvFaLP7sHH3GbTU29axJKL+pgsuJpQFBU=; b=E3Y7WCHFOxw18WReMHnHEI+H/qOFp7SSCFZeo5npW748HrnvD2ItToRHJ9hLl6KB0+ oF68Rkpq7KmsitdvL9c30zOBMNGW/Pp7/zGMGXcwfP0OVtdNmXk4UVYjvtNG2QmIuQz3 6hrLkJ0go08F/AaqfVdru5v4ZaEGjbSyDI0zWDSv7+wNBEhbHuO1jaBemdtraE8EtQKG hGgXLu/NddDgiKkhKa7KdIiq704wMeiu/kThRC0oyIOIwTs4K60bphW5lSOK4ILJVTP+ SE+Hm8Sqe9s5cn5DK7nH3qzbVm+rQFxx6rzoVCIhIyH0KmRPEcwE2fXddeXeNdJKpu+M F74g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065198; x=1723669998; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YfNB5/9qLPsvFaLP7sHH3GbTU29axJKL+pgsuJpQFBU=; b=C/nJlDVzjDceKA7zjpUNp223lRdB1gLLD1zfE1RqKlp2Kb6Rhxdgr+ejxqxr0Xwui5 8pJeUUhdawKrViI92ls3QWqNhaEo4bTDc+OoRouYxvdtl7npHA+p6rsF0Ew6uCVGADbN EXw4qyQqAKEanRTEf+8YrTddRsdUzsxjXn/vl3bLF1zzuYQPTKl8kVOXc/plIkh3EHWI 8LxN8rFBy8fWFrqHPh2vmVp70EKo8O44Fqb5XFl3TvRAFmmwub24gg8lZ7dfCtZnTtVG 6gyspshjPxMx1IBpGxDXytghJvMWzUCjDIH0zL+aIeM2oBzVopSyN1WfReq+/4ztjqP6 Nb5A== X-Forwarded-Encrypted: i=1; AJvYcCVW+OHo1EhiApfdOfF+8YEUt/o4/P+kkG4QbUfxGuK2MjHxKJtlnveqGwF7OQHwaTe0EjPmD9gqaSLlaCj7RLiQf9q7T0BV3WdwDNOm X-Gm-Message-State: AOJu0YyfBzGFTCahYJq7k2ygb3ZjR6i5L3KUN1tc19k5ePQSD3Lp3mCJ P9oYA7+z1ykGeXFiSMky1Sh/O4cxJm5zaG6znAGZ4YwlE4BTujWq X-Google-Smtp-Source: AGHT+IG+QqtyoGEr6BZhBo9y73IoJVbdjczi56XnHZ7BCAXUG+64xMxM2z7lHTolrd6PpGlBLESRAg== X-Received: by 2002:a05:600c:350a:b0:426:6ead:5709 with SMTP id 5b1f17b1804b1-4290aeee25emr70945e9.9.1723065197875; Wed, 07 Aug 2024 14:13:17 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:17 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 4/6] mm/mremap: Replace can_modify_mm with can_modify_vma Date: Wed, 7 Aug 2024 22:13:07 +0100 Message-ID: <20240807211309.2729719-5-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Delegate all can_modify checks to the proper places. Unmap checks are done in do_unmap (et al). This patch allows for mremap partial failure in certain cases (for instance, when destination VMAs aren't sealed, but the source VMA is). It shouldn't be too troublesome, as you'd need to go out of your way to do illegal operations on a VMA. Signed-off-by: Pedro Falcato --- v2: - Removed a superfluous check in mremap (Jeff Xu) mm/mremap.c | 30 ++++-------------------------- 1 file changed, 4 insertions(+), 26 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index e7ae140fc64..35afb3e38a8 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -821,6 +821,10 @@ static struct vm_area_struct *vma_to_resize(unsigned l= ong addr, if (!vma) return ERR_PTR(-EFAULT); =20 + /* Don't allow vma expansion when it has already been sealed */ + if (!can_modify_vma(vma)) + return ERR_PTR(-EPERM); + /* * !old_len is a special case where an attempt is made to 'duplicate' * a mapping. This makes no sense for private mappings as it will @@ -902,19 +906,6 @@ static unsigned long mremap_to(unsigned long addr, uns= igned long old_len, if ((mm->map_count + 2) >=3D sysctl_max_map_count - 3) return -ENOMEM; =20 - /* - * In mremap_to(). - * Move a VMA to another location, check if src addr is sealed. - * - * Place can_modify_mm here because mremap_to() - * does its own checking for address range, and we only - * check the sealing after passing those checks. - * - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) - return -EPERM; - if (flags & MREMAP_FIXED) { /* * In mremap_to(). @@ -1079,19 +1070,6 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigne= d long, old_len, goto out; } =20 - /* - * Below is shrink/expand case (not mremap_to()) - * Check if src address is sealed, if so, reject. - * In other words, prevent shrinking or expanding a sealed VMA. - * - * Place can_modify_mm here so we can keep the logic related to - * shrink/expand together. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) { - ret =3D -EPERM; - goto out; - } - /* * Always allow a shrinking remap: that just unmaps * the unnecessary pages.. --=20 2.46.0 From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B18E915350B for ; Wed, 7 Aug 2024 21:13:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065202; cv=none; b=nv755oQ0MiUHb99gl5sy0Tib3ndX9fwTpUzeDN+CfBJgYNrv0E7XEa+aLUCm+ZZLAGcYEDrWgjEMjdzaH6tauwPbB+ktwZcddaHoqF57zyLlzLJ2yp4XJ0SISmy1du6MEWrK3bQic2gEkrZxh7A9Hvm2NDV4nbH25hXvC6orXHE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065202; c=relaxed/simple; bh=/gspaFWJDJLeLetQL90OX237oaMCnuZKq5sjs9BKJm4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NJ14Y64Q32wNicTHCM6xUAFLWD0zfHnVlPFqffc+9vloSbHUYon/JAeu+963Gcj3FI0DooQCZKQoVLgam8PCUx8pcW+z59yBmbyAyztfmTDXCkPrOi6wN+R7hob2ux8kiB3IRItC14f3ZDWRoBpY1X4aVyf0cU8v3TMrSWC0jVg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=b8jA80bW; arc=none smtp.client-ip=209.85.128.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="b8jA80bW" Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-428f5c0833bso7977235e9.0 for ; Wed, 07 Aug 2024 14:13:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065199; x=1723669999; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1qlhSaIRab8Wung5E+rEtGMuSqzg1qoR4sFw2btGeDg=; b=b8jA80bWvcgG4gazRjZWMCNfO42EY0VHkMCaP+uEuC1h4Z2pynDqtjw/k8NR6QOECb yQjuXoCImZhKKNyfTubr100Ty7+apXAEB6FSPvx5Ekrb/lB1zMbHw7YWRR+nuLqN5Y1i 01+ZEsroGgZ2DzzeCs9ZzTO3c6ZdnfdDqErNGghTTGzDFYIkA14fL8iGXMkQkpOazn93 tG4PL8ZD/uwJLclx9TMJoZ/GuOmLGxmW0NDrLP4FJvQQK+crxmGIDZntfrQuro7oN2iy oVtFeIdkRe5Q6L+WtnHCNIujzCjvS4qXJyLzG3qdU1AuU67Hr6GyheUf0D2Qvz0C4RsF uLgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065199; x=1723669999; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1qlhSaIRab8Wung5E+rEtGMuSqzg1qoR4sFw2btGeDg=; b=MRUatxR/+/UapChj+/Iz4G/6PZpWBF5dz2BZXyR+S2cYKspE/WOzE9y5J9ANs+Nj+1 CcYe8Ergon3fjGHX9Et7+WZEwSS/Vyufziq53b5lD+4/jnpJU10weGF8Gfy1cX/V5tz1 n3f9/CqlRG1BL3sVfwUpJz+Vg/zoPgkE0djQweamy2d0ae9rwRTtDibcuy0JvxnTGYkt QNud++pdKmmRhGh9X4Avauji0K/AsCQeC3ogkDOFZuSJJUigMSin3+4qZ9sEKCQNvPRn gGvJB7D0uDoDVmhSA4sP+WkTfLgB0jFcEH6n/loGJ0uj2sihispF8U4GhZyBIo/0Kbzk B+5w== X-Forwarded-Encrypted: i=1; AJvYcCVquYEoFVnPB90Ef6qQNEmH0ZLIk2u0m1Y0lDBhw16k3CZbD/8l1zS4qTqGG2DueQbJZ3x9xzKB80nayXQ=@vger.kernel.org X-Gm-Message-State: AOJu0YzTCULk2l19YGoBjREEI6kCFjEIAa054xlecSD44othHsMnQyBD f+sEhex1fYvR5u13XKZt4Kzdf0x4w9QvpyjvIXZqvQBG1cPEeChG X-Google-Smtp-Source: AGHT+IEFvCk2bGgrTTvk0BjzIOPz08n+ZvmcQ77dBJ4LSBJvkWxUtgROJJ64vDaajtz7dL3+Xzk3EA== X-Received: by 2002:a05:600c:3591:b0:426:5fa7:b495 with SMTP id 5b1f17b1804b1-429052dbdfcmr24752385e9.15.1723065198977; Wed, 07 Aug 2024 14:13:18 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:18 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 5/6] mseal: Replace can_modify_mm_madv with a vma variant Date: Wed, 7 Aug 2024 22:13:08 +0100 Message-ID: <20240807211309.2729719-6-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Replace can_modify_mm_madv() with a single vma variant, and associated checks in madvise. While we're at it, also invert the order of checks in: if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma)) Checking if we can modify the vma itself (through vm_flags) is certainly cheaper than is_ro_anon() due to arch_vma_access_permitted() looking at e.g pkeys registers (with extra branches) in some architectures. Signed-off-by: Pedro Falcato --- mm/internal.h | 6 ++---- mm/madvise.c | 13 +++---------- mm/mseal.c | 17 ++++------------- 3 files changed, 9 insertions(+), 27 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 90f50f3c4cf..3f9a5c17626 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1373,8 +1373,7 @@ static inline bool can_modify_vma(struct vm_area_stru= ct *vma) =20 bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end); -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, - unsigned long end, int behavior); +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior); #else static inline int can_do_mseal(unsigned long flags) { @@ -1387,8 +1386,7 @@ static inline bool can_modify_mm(struct mm_struct *mm= , unsigned long start, return true; } =20 -static inline bool can_modify_mm_madv(struct mm_struct *mm, unsigned long = start, - unsigned long end, int behavior) +static inline bool can_modify_vma_madv(struct vm_area_struct *vma, int beh= avior) { return true; } diff --git a/mm/madvise.c b/mm/madvise.c index 89089d84f8d..4e64770be16 100644 --- a/mm/madvise.c +++ b/mm/madvise.c @@ -1031,6 +1031,9 @@ static int madvise_vma_behavior(struct vm_area_struct= *vma, struct anon_vma_name *anon_name; unsigned long new_flags =3D vma->vm_flags; =20 + if (unlikely(!can_modify_vma_madv(vma, behavior))) + return -EPERM; + switch (behavior) { case MADV_REMOVE: return madvise_remove(vma, prev, start, end); @@ -1448,15 +1451,6 @@ int do_madvise(struct mm_struct *mm, unsigned long s= tart, size_t len_in, int beh start =3D untagged_addr_remote(mm, start); end =3D start + len; =20 - /* - * Check if the address range is sealed for do_madvise(). - * can_modify_mm_madv assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm_madv(mm, start, end, behavior))) { - error =3D -EPERM; - goto out; - } - blk_start_plug(&plug); switch (behavior) { case MADV_POPULATE_READ: @@ -1470,7 +1464,6 @@ int do_madvise(struct mm_struct *mm, unsigned long st= art, size_t len_in, int beh } blk_finish_plug(&plug); =20 -out: if (write) mmap_write_unlock(mm); else diff --git a/mm/mseal.c b/mm/mseal.c index 4591ae8d29c..6559242dd05 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -67,24 +67,15 @@ bool can_modify_mm(struct mm_struct *mm, unsigned long = start, unsigned long end) } =20 /* - * Check if the vmas of a memory range are allowed to be modified by madvi= se. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. + * Check if a vma is allowed to be modified by madvise. */ -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, unsigne= d long end, - int behavior) +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior) { - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - if (!is_madv_discard(behavior)) return true; =20 - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) - if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma))) - return false; + if (unlikely(!can_modify_vma(vma) && is_ro_anon(vma))) + return false; =20 /* Allow by default. */ return true; --=20 2.46.0 From nobody Sun Feb 8 08:47:58 2026 Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DC3CD154454 for ; Wed, 7 Aug 2024 21:13:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065203; cv=none; b=AXIbGM0OFu1jaTlNXczs83nZpASUboDyacX+6ruRSxw3qdd7/c2xkjOUac2LCzWX9WEAXlo1DxWJAKRtpn2WnvlQI82EjGGMv16d0VwzSmza8tuNfDvPRuTF5mbtXu2bVgupWb+Pywn0RIW3bOV0gm+vmo5sjBEvhpDE9qIdBR0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723065203; c=relaxed/simple; bh=pJYSobQgCbGeEJ6K4fKi3SLbD7lY8YwAC6x/neI0MLA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MLXwCWzPIIV7bIdepZPaHMhFWZMeyowIR/e+L7ukeSqZXc8eC7KuGrLhb+bCs3/S2iFCZhUaK87PgSFM1b7XrUskTo4safXVTe6kGaSzhHzqHzJiXjKCS/kv7yiqJNoWKJUOzaFZ5L8GMWB/7fjQVh14SfjX/t4rJHD7RNmpgVM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Z4ljvSC3; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Z4ljvSC3" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-428e3129851so2039935e9.3 for ; Wed, 07 Aug 2024 14:13:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723065200; x=1723670000; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TABaTPorFTuyc7X865Uymhaob0hV8HMM8m0h9GmtpBc=; b=Z4ljvSC3CRbsQ99InLrqhPDGF/ts7RSZGg81LMMMii0TeI7AhE0U0T1iLwgs01l4O1 tv35p4O8H0Kzgw5ZV8qmvdsbkk9NWLUV1w3HIwqDx2VwH5oTkeWycxBULSprSi3rgStg 2o7z2Y4hRdaYlwYcYvsmUes1zitBA8KcB8O5xWn5kMUiMjQVL3vCy+xSNBK1K6FcJ8fg mz4syhLVrywYIs12B0FxBkYZUsqA5Hi69IuppHXpiF4J6GATPSphpHL1Y2dx/YZI4Z1m RemLLaoJ0PsOEwXMY4eqhB9WMj+qtJ9TnD7U02h2ZZgTDbgCp5Gse0GGacC8DJiRGgyo bajA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723065200; x=1723670000; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TABaTPorFTuyc7X865Uymhaob0hV8HMM8m0h9GmtpBc=; b=s4UwDvp9OKPVakNpGfxhqS/eUfkbYM9wiNLHzmWQXW4m+u7fS1iS5lCc62n990SMe1 aBurdFnaPe/rc9daSXggA6yj0vj/rtGnsAtCGISuLNyvidEzBBpPAIO5CLKJvX7PSm42 w87GA3gfdaLi0nRMXekZlnAwhDs574qJugk0EoKaXUKokFFgYRe6A1ObveIiif1C4kpV NNKokmJPFPFBGAoP50tGogTvLSTQde9fXG6CA1EjOcv3Nuts9LOuzQpRScvo0ciIBAWo OZKkpetbBbvf7ZyDCMtiElohln52ACW2KrPLDI0bvczz4lkrmumavZ76rk2Wyx7cxEdX Iz7w== X-Forwarded-Encrypted: i=1; AJvYcCWhoguzn+oK+IsFYjFXInswg00HOyZyXg7IakEXTbMrbP1xTse65Nf7F9VoYDFnQqFo+abljVpr7IaxaTXtooZwdFlbKxO02j3mTHWb X-Gm-Message-State: AOJu0YwPV+JH6U0BR1xQbKeDoX/gwVEgOr4uZcUceIF46itC/Kdlfmkp pBbeKMSkYDdZA6D+4zWKuBJnWueAGAdQPRY9S7pXPs/YBxSZEecN+jlfcgEc X-Google-Smtp-Source: AGHT+IFwpdVWkcLwHGj5wvenjiZWg1uZyL3/Xq+7WmNiTsKHLsk0L9Hfuyl66r/yDQAjPrUMLYNMRg== X-Received: by 2002:a05:600c:1914:b0:427:9a8f:9717 with SMTP id 5b1f17b1804b1-4290ae03407mr303875e9.0.1723065200112; Wed, 07 Aug 2024 14:13:20 -0700 (PDT) Received: from PC-PEDRO-ARCH.lan ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429057a92c8sm45869525e9.23.2024.08.07.14.13.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 14:13:19 -0700 (PDT) From: Pedro Falcato To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, jeffxu@google.com, Michael Ellerman , Pedro Falcato Subject: [PATCH v2 6/6] mm: Remove can_modify_mm() Date: Wed, 7 Aug 2024 22:13:09 +0100 Message-ID: <20240807211309.2729719-7-pedro.falcato@gmail.com> X-Mailer: git-send-email 2.46.0 In-Reply-To: <20240807211309.2729719-1-pedro.falcato@gmail.com> References: <20240807211309.2729719-1-pedro.falcato@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With no more users in the tree, we can finally remove can_modify_mm(). Signed-off-by: Pedro Falcato --- mm/internal.h | 8 -------- mm/mseal.c | 21 --------------------- 2 files changed, 29 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 3f9a5c17626..980b613b98c 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1371,8 +1371,6 @@ static inline bool can_modify_vma(struct vm_area_stru= ct *vma) } =20 =20 -bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end); bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior); #else static inline int can_do_mseal(unsigned long flags) @@ -1380,12 +1378,6 @@ static inline int can_do_mseal(unsigned long flags) return -EPERM; } =20 -static inline bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end) -{ - return true; -} - static inline bool can_modify_vma_madv(struct vm_area_struct *vma, int beh= avior) { return true; diff --git a/mm/mseal.c b/mm/mseal.c index 6559242dd05..ef4b8a556f7 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -45,27 +45,6 @@ static bool is_ro_anon(struct vm_area_struct *vma) return false; } =20 -/* - * Check if the vmas of a memory range are allowed to be modified. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. - */ -bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned lon= g end) -{ - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) { - if (unlikely(!can_modify_vma(vma))) - return false; - } - - /* Allow by default. */ - return true; -} - /* * Check if a vma is allowed to be modified by madvise. */ --=20 2.46.0