From nobody Wed Dec 17 21:27:35 2025 Received: from mail-qv1-f73.google.com (mail-qv1-f73.google.com [209.85.219.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1078753A7 for ; Fri, 6 Dec 2024 15:20:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498442; cv=none; b=gZNUzRkzTRLiAYkKfsJa/AjLZs8OQGrig+lQSjMMkRsvs/ZNR3sktQ8yIOMOOhyQftsu9ALGe1VBfR+QasaZj7zWtzGm0tkUP61aK8VmgaJN5+sKrsnd16HXJkf4RM7z3nVsgIWWA6h78MM9/aHKWSY9lnFA8ozMGQyy0uzrcWE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498442; c=relaxed/simple; bh=v8ZU8R9473XafyQXs0A95lmwgJKLwlPcEXOAahTb4EU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=f8uNjxhI//3HVgAjpNjIk8VDqt4Fp4Rl+5JROuCFGQ/wZ3+/3ve06Yim8N03olVk33qS+Z5BPI3GZts/IkkDldDHqqLK5c7X7kLLOK/cnpl9bj3Y6tZEL0R24zMkJ3dlLNC2YNjY2Ou/fKPptHhHSYTHH0FvqnX7uyWZyKc9GiI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--bgeffon.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=vWcrq0ED; arc=none smtp.client-ip=209.85.219.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--bgeffon.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="vWcrq0ED" Received: by mail-qv1-f73.google.com with SMTP id 6a1803df08f44-6d88cde9cedso39996976d6.2 for ; Fri, 06 Dec 2024 07:20:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1733498440; x=1734103240; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=IwVnOnXdfn92wl4sT1YHXRB8FIHmKCEwkprjF00N97k=; b=vWcrq0EDKdK/Ll8bmDAqelLex90GkvnEJo0nHKYdHYDkC8xTRrS9UfvzVqVe3Kyng5 6PEDn/ggasB6DmGTYnC9LhzfD4mh6uvMDLUx7ME2TmlTM6uHFuPceH7kgXGryPObVFk4 dNJbLBF57Q7CO+OpOP/zX6zUX2nTcni4XPD0SbM1xr0zy9Oi26co+0HxMTzB5r1w+N9J me2vIZ6EzkbBZpRPYvH1C91B0E210q+nknIpB7xgDSUkSgVx7kceUjUKFwuKZaE+QvqO PDMKT2btHaVUL0rX5gFSIJ5Wq7vvLFQ1/YdtSebg2UkoR23a+MUzx6+GyMmRzJ1jhvc/ vP3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733498440; x=1734103240; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=IwVnOnXdfn92wl4sT1YHXRB8FIHmKCEwkprjF00N97k=; b=hbtxCB4eSQCH9WYQJXyy7FDqHVghCUMw/+KS5yXR/IOHU0s7qc1OmlNd66h7dqPXQz pQ6zX0qzPbDgTc7Re8q38//zNilVjbNA9JRUDg6lVvA5hEtawV7QlWDp5Xj6Pk5Ba/Fy 1lys6Quu3kvQPE7ydyaeDQWl+pdWASxCkSNQt6YON/AbUz2grz2NEIjDXZ/JdhTJbKXA IKRUicLsHlhCZMlCeo1mucvTDbbtBtQYyTUBqPC4CfERaM7rTQAhhnwPsniS+3ONgYKJ 4WEmfXNag05TvZH1u7N7ifXQNvKpcge4/0qb7tpP4kj8PwZfTGnyyzpy1oGB1BQma2Ko Komg== X-Forwarded-Encrypted: i=1; AJvYcCW/AKoIyX3PeCqs1B2OBCUQwPdRH91LX3Fr13mCNCrEZ8iiDAuClhdXRkoGJoTgqQsthSCZIjWBxy9TJYM=@vger.kernel.org X-Gm-Message-State: AOJu0YxfY54MRCbIIl+iHGNIToC2pikp1EWRV5XUXhts2gH6/2uG9bUO jhKrz8v/M21KDe0M6aAin1+OzRZTw8kJcAKhxwEoQZuplnCZS7uRx6f64oyTj6sm8u6F9SyiFYN FCxFA5w== X-Google-Smtp-Source: AGHT+IEfH1FXtnHp81uHQNCbhvflcG0KCGwOxAvecsfDiGH/fvZvEhEAXyUWb5dx7T3rn+eUqooSkCPdnl8A X-Received: from qvkj21.prod.google.com ([2002:a0c:e015:0:b0:6d8:a4c0:2078]) (user=bgeffon job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6214:d68:b0:6d8:b3a7:759e with SMTP id 6a1803df08f44-6d8e726ed48mr55069936d6.46.1733498439696; Fri, 06 Dec 2024 07:20:39 -0800 (PST) Date: Fri, 6 Dec 2024 10:20:31 -0500 In-Reply-To: <20241206152032.1222067-1-bgeffon@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241206152032.1222067-1-bgeffon@google.com> X-Mailer: git-send-email 2.47.0.338.g60cca15819-goog Message-ID: <20241206152032.1222067-2-bgeffon@google.com> Subject: [PATCH 1/2] mremap: Fix new_addr being used as a hint with MREMAP_DONTUNMAP From: Brian Geffon To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Brian Geffon , Marco Vanotti Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Two non-mutually exclusive paths can land in mremap_to, MREMAP_FIXED and MREMAP_DONTUNMAP which are called from mremap(). In the case of MREMAP_FIXED we must validate the new_addr to ensure that the new address is valid. In the case of MREMAP_DONTUNMAP without MREMAP_FIXED a new address is specified as a hint, just like it would be in the case of mmap. In this second case we don't need to perform any checks because get_unmapped_area() will align new_addr, just like it would in the case of mmap. Signed-off-by: Brian Geffon Reported-by: Marco Vanotti --- mm/mremap.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index 60473413836b..286ffdb883df 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -912,15 +912,27 @@ static unsigned long mremap_to(unsigned long addr, un= signed long old_len, unsigned long ret; unsigned long map_flags =3D 0; =20 - if (offset_in_page(new_addr)) - return -EINVAL; + /* + * Two non-mutually exclusive paths can land in mremap_to, MREMAP_FIXED + * and MREMAP_DONTUNMAP which are called from mremap(). In the case of + * MREMAP_FIXED we must validate the new_addr to ensure that the new + * address is valid. In the case of MREMAP_DONTUNMAP without MREMAP_FIXED + * a new address is specified as a hint, just like it would be in the + * case of mmap. In this second case we don't need to perform any checks + * because get_unmapped_area() will align new_addr, just like it would in + * the case of mmap. + */ + if (flags & MREMAP_FIXED) { + if (offset_in_page(new_addr)) + return -EINVAL; =20 - if (new_len > TASK_SIZE || new_addr > TASK_SIZE - new_len) - return -EINVAL; + if (new_len > TASK_SIZE || new_addr > TASK_SIZE - new_len) + return -EINVAL; =20 - /* Ensure the old/new locations do not overlap */ - if (addr + old_len > new_addr && new_addr + new_len > addr) - return -EINVAL; + /* Ensure the old/new locations do not overlap */ + if (addr + old_len > new_addr && new_addr + new_len > addr) + return -EINVAL; + } =20 /* * move_vma() need us to stay 4 maps below the threshold, otherwise --=20 2.47.0.338.g60cca15819-goog From nobody Wed Dec 17 21:27:35 2025 Received: from mail-qk1-f201.google.com (mail-qk1-f201.google.com [209.85.222.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD550207E1E for ; Fri, 6 Dec 2024 15:20:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498444; cv=none; b=c6vUNHkbRfz8k4uhaNyDqmuGjw83SFns114quWT9qexFC3PEFvdL+R3ksZWf6+2WP2/ajCbP9ex95ecQZcg7cnEadHO0X2kDO24Sikhvjxgh/nT/Bt6O4EBlhhyPLY1K1D42xpO7kM2182lm1gORO54UwuZBNCEAy4P9ARQO6Ps= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498444; c=relaxed/simple; bh=7BtEdFWcYLngsq2PQODOD5BiLZOIKMRwRSUO9nBBYBg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=sIAWPGAIlcLlQwn37jaieRXFedqu7Hq4L6kTD14WJyvuwLEWJLvwQj9RQPlgLrk5maodZ6lJuuj7ULVrND5Ei2lSnYRoLJgoX3DxSCfXL/YSjAalGk6MHlvc6Vgm73GBYOKmAPZAtd0NAzcmpFR39LzO/Cosv+el/Uh2VTQxYks= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--bgeffon.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=TyYk+htD; arc=none smtp.client-ip=209.85.222.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--bgeffon.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="TyYk+htD" Received: by mail-qk1-f201.google.com with SMTP id af79cd13be357-7b67201e64eso292011485a.0 for ; Fri, 06 Dec 2024 07:20:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1733498440; x=1734103240; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=8zF6cyo4V+yV1OddWsDU7llWFhEXM57i4QvxWba9u5g=; b=TyYk+htD7iHan6IKtOI0DpGsr69VAVluSH3QUkGOnkDnZ9HMK9HnP55oIeAKy9ykdX AwwxnYuAzeDujc3cUJgKWw1qYno1ydwdv86DJU/v0cZidf3u96mzqPfLaMHVcBhjddhD BwAz2GljP2wRo9hnoVIq4KYtT2+6iGkgVgCYm1L+lB0hZ2/ILrVebci644OXxFp4SgI4 tlKTOsan7FBTo43No2k05Rr/iDelir54WriTOsRaaD90+dyqPZ3ZLKaM0QExkOo5g52y xYlEqN8lnJQi0HR9CNjVS8QD/hc+qHcpiRhq7Dr8xMteIAGNKdFhJdHkdrRhjynf+CIu Lbhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733498440; x=1734103240; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=8zF6cyo4V+yV1OddWsDU7llWFhEXM57i4QvxWba9u5g=; b=jqNQoYyIQiTC5CpcU+VklpTzX9wi0e8qPPItR07fjVXOYY2c8e+7wKuPHHTzyl70hh UWBLJUik2xenhyHPzjT4eoln+HEliPKG0m494Hc/gZ1F/4S0teW/1mOCk8ANyKpJUvYJ oLGhbg4jriClJoBZqi8mfsMoQNdkx9sFpLezNHwBCIUbQwH/laDZoNTGO79xflVFbdRt b5Kr7yd7+hHhYFFY4wx1+oqUfAMoNpYeuBqfWuttLs3cR7TQkhmVVZlLBNQSIEO74Hh4 uJCHl7ds7tzKmOr7285vbpuSIum0wHAWQ2pLaQy9Qpu6EcRquT2NoTKM+ahGJZ/AVGr5 OYOQ== X-Forwarded-Encrypted: i=1; AJvYcCXTQtNG+ahxRbQvbLpLVXV6Ld/W9srtltJU9Ww8060Y+3X5mUb+tWZxZJAXB4iotyM1NEa9KSQN/+vVU/I=@vger.kernel.org X-Gm-Message-State: AOJu0YxuiSOYDdIc62q17NKY4ovIjzOVcB/Sfy64Z2vLv81IEfy+8918 D7e/NUT6QPFKnTUKF/R2JuivwIZXIvlGbXDIc9Y7IDGkS623SVXcIYuANlBBoSh2xfAEXKdWAHk tgcffOg== X-Google-Smtp-Source: AGHT+IGb3dyB+1mIM9uaJ8shaiN2smOAw7d48MDhvLaY9VwvHL+JlNyqB1itmzCSQbeXEMb+r4xoquxqxwdB X-Received: from qtcw37.prod.google.com ([2002:a05:622a:1925:b0:462:ac63:5263]) (user=bgeffon job=prod-delivery.src-stubby-dispatcher) by 2002:ac8:57cb:0:b0:467:1f3c:4d22 with SMTP id d75a77b69052e-46734e26188mr80292871cf.52.1733498440618; Fri, 06 Dec 2024 07:20:40 -0800 (PST) Date: Fri, 6 Dec 2024 10:20:32 -0500 In-Reply-To: <20241206152032.1222067-1-bgeffon@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241206152032.1222067-1-bgeffon@google.com> X-Mailer: git-send-email 2.47.0.338.g60cca15819-goog Message-ID: <20241206152032.1222067-3-bgeffon@google.com> Subject: [PATCH 2/2] selftests: mm: Add a new MREMAP_DONTUNMAP self test From: Brian Geffon To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Brian Geffon Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a new selftest which validates that a new_addr as a hint behaves in the same way as mmap. Signed-off-by: Brian Geffon --- tools/testing/selftests/mm/mremap_dontunmap.c | 41 ++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/mm/mremap_dontunmap.c b/tools/testing/= selftests/mm/mremap_dontunmap.c index 1d75084b9ca5..ccce97c68019 100644 --- a/tools/testing/selftests/mm/mremap_dontunmap.c +++ b/tools/testing/selftests/mm/mremap_dontunmap.c @@ -224,6 +224,44 @@ static void mremap_dontunmap_simple_fixed() ksft_test_result_pass("%s\n", __func__); } =20 +// This test validates MREMAP_DONTUNMAP using a newaddr hint without +// MREMAP_FIXED. +static void mremap_dontunmap_simple_newaddr_hint() +{ + unsigned long num_pages =3D 5; + + // This dest hint is intentionally not aligned. + void *new_addr_hint =3D (void*)0x999900010; + + void *source_mapping =3D + mmap(NULL, num_pages * page_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + BUG_ON(source_mapping =3D=3D MAP_FAILED, "mmap"); + memset(source_mapping, 'a', num_pages * page_size); + + void *remapped_mapping =3D + mremap(source_mapping, num_pages * page_size, num_pages * page_size, + MREMAP_DONTUNMAP | MREMAP_MAYMOVE, + new_addr_hint); + BUG_ON(remapped_mapping =3D=3D MAP_FAILED, "mremap"); + + // And the source mapping will have had its ptes dropped. + BUG_ON(check_region_contains_byte + (source_mapping, num_pages * page_size, 0) !=3D 0, + "source should have no ptes"); + + // And the remapped area will be filled with 'a's. + BUG_ON(check_region_contains_byte + (remapped_mapping, num_pages * page_size, 'a') !=3D 0, + "dest should have remapped content"); + + BUG_ON(munmap(source_mapping, num_pages * page_size) =3D=3D -1, + "unable to unmap source mapping"); + BUG_ON(munmap(remapped_mapping, num_pages * page_size) =3D=3D -1, + "unable to unmap source mapping"); + ksft_test_result_pass("%s\n", __func__); +} + // This test validates that we can MREMAP_DONTUNMAP for a portion of an // existing mapping. static void mremap_dontunmap_partial_mapping() @@ -348,7 +386,7 @@ int main(void) ksft_finished(); } =20 - ksft_set_plan(5); + ksft_set_plan(6); =20 // Keep a page sized buffer around for when we need it. page_buffer =3D @@ -359,6 +397,7 @@ int main(void) mremap_dontunmap_simple(); mremap_dontunmap_simple_shmem(); mremap_dontunmap_simple_fixed(); + mremap_dontunmap_simple_newaddr_hint(); mremap_dontunmap_partial_mapping(); mremap_dontunmap_partial_mapping_overwrite(); =20 --=20 2.47.0.338.g60cca15819-goog