From nobody Fri Dec 19 07:49:53 2025 Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA8AC1C831A for ; Sat, 7 Jun 2025 06:40:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278418; cv=none; b=uvuHdtwu+hmodag4GAhLbzkWdUmxScpJn7zco2yrXiilY5QVsfqR98T5EuYKFBSk0MoXV0NjbnSfF2AqbRz+C/8cMLd3kzMGEqpN3Ti+Oh9vNJpXv9s/e7ft0B/7cul2fLZTBTIl63d2DLF2Nr8IywMKZC0jM+V+AF470HgkVDE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278418; c=relaxed/simple; bh=n8v8jQPEHBDi3OBta5pBlj9xOrKQ3fNVoKSw2MhnIFs=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=O/K0YfJrq/iLL8+u1Z4rs+xW72HZ4zaaG1nSPUmyxxRDAkPVppZGMbZkPyj29EumpgF5KlV7Ln86SNJuU4veujycjw3KGSSHsTMLSQpuX5qjoBjkfSbQtZJjJMzidsGPm+UKPBFBNEfm9Nbcm9259Y/nDIhIbQTXAPuUCJ72jZc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu; spf=pass smtp.mailfrom=columbia.edu; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b=VoZQaagw; arc=none smtp.client-ip=148.163.139.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=columbia.edu Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b="VoZQaagw" Received: from pps.filterd (m0167074.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 5576QAql031267 for ; Sat, 7 Jun 2025 02:40:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=cc : content-transfer-encoding : content-type : date : from : in-reply-to : message-id : mime-version : references : subject : to; s=pps01; bh=eaF9ZDIYfaNPwqo33y/LzhOGAoT+trG57Ins5sBuVJU=; b=VoZQaagwt5enjptpd1TPl1Zpsx9Lh8tfd1l1+TN2m8NquYeF6qRzFvoPHMwHfKLEW7J/ qVFs1HsUl8OTJ+bwCWlGjyykPPSyFM1hMKLwuYBCeOi1BHqQIoSdi611Ru3eBYn9UEsx yjlPt6UC0QxmRNDcJSuN+yTd9fkOwy9QLn4izW7wtKTSM7TP5OmXoDPdKY05a07ng2DW U4FJ4tkMup1KSVmfZATnGzHOduYxGe0c5fhoxtLNaqk3hXKvnV8tL1AWCYvSEEnOiUU3 UKM4DZp3DNpQecnEVE9YecJeeJoY5yHq91ZG2vtKg6MA8EvOZXZ6d3Ros0/ElAAjdZDf Gg== Received: from mail-qv1-f70.google.com (mail-qv1-f70.google.com [209.85.219.70]) by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 474efj089k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Sat, 07 Jun 2025 02:40:09 -0400 Received: by mail-qv1-f70.google.com with SMTP id 6a1803df08f44-6facd1cc1f8so61066636d6.0 for ; Fri, 06 Jun 2025 23:40:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749278409; x=1749883209; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eaF9ZDIYfaNPwqo33y/LzhOGAoT+trG57Ins5sBuVJU=; b=blP4DfUX6Y44EJC/Ir9yDWeG5dRx/LEiKLXlQoGC3cG8f+YZaxR6R8hVSGbGwkVtiL wLhSDpHIOkXohWj2g2Gh5Ngpkz5Q+dAR8NwPCPIa+LvWRU8qChW67xB3DxdXOaw+USFh 1fLuNPrR77nttl7rS0cOgEn5+KFh4xjOQMY0R4ZtpF3AjaXV75kf/ZKnj1qVQxbJvVtY YJZMn5FBgDVaFB4S5ZSnJyGtebH2vVYghppDfjJJMQMI8lRSMwk1Y72iMtmiBcrmC+2t UkAXNDcPiqU2OPvjv+ImVVJ27pP7EsrK50Tvy8xvH60NDNhZK1ELB3WTVHEeLFLOt2VJ KRXA== X-Forwarded-Encrypted: i=1; AJvYcCWjPgNwtfYVXVcAORZpBT/gP4HBeimLy2jhHcTUyc/u2XRzEXwAkgEaAOuNysdYGAjeZVIQNc2pjAoN4Wo=@vger.kernel.org X-Gm-Message-State: AOJu0Yxgq6rBRXkFfB2FlnfT1o3fv3o/k58/clyFngwuir+Jk2HWNl+m RdbRsdyDlBtnUsfJe34a1H9ypt0BMAGetSrS6XDiPnJd41rsQTfYxfycFv0uDP1NeGHAsyJCIQx QOqIMtqI+crnROB6VoeScXVY5SKiirWi3aJ4teG7JIRfRDZtimCaXo4yv8ufrz3JGvKzByA== X-Gm-Gg: ASbGncsmdrdnZs0yExqRuZ3vu0AStm15Q0MbPhDobD9KUFaOj+GP6aZEuSv/6Iu/m+F lfzR53ML/HwUqH/5fgKE29M0vHOcae+ck+GsGMF+COE7+kASeJ+uupr9KPRz8TLZdwspRIeJgJo aFM+SfduQORJc2sl1O92ZW7QJRVy1yAGG0s7jzvBV5K9gS7nbsOdmqnVK52BJ5NIK4kspdiWswm 3eUs62OtyAcnzV2am/gLVGJXu+0fcZt1Lgn+vwKv35zvvYX/CxHYWYgD9B/1NHMjRpbUynIeaQs KZpTta/iOPfYR7bETZ2pQrmlN8UokS5dg4pfCtYHqzwkd6eZbWlTy9SjcSoNoTkUQJcl X-Received: by 2002:a05:6214:624:b0:6f5:1192:ccdf with SMTP id 6a1803df08f44-6fb0922740cmr85295686d6.6.1749278408745; Fri, 06 Jun 2025 23:40:08 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHcjl9GUbUvEFtWZ3GsQ4g7VepvswlFi7U+0OrNlaG/MUErefc5q5qG7CspnMXy4V+lIvtikQ== X-Received: by 2002:a05:6214:624:b0:6f5:1192:ccdf with SMTP id 6a1803df08f44-6fb0922740cmr85295506d6.6.1749278408385; Fri, 06 Jun 2025 23:40:08 -0700 (PDT) Received: from [127.0.1.1] (dyn-160-39-33-242.dyn.columbia.edu. [160.39.33.242]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6fb09ac95e5sm24461256d6.43.2025.06.06.23.40.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Jun 2025 23:40:07 -0700 (PDT) From: Tal Zussman Date: Sat, 07 Jun 2025 02:40:00 -0400 Subject: [PATCH v2 1/4] userfaultfd: correctly prevent registering VM_DROPPABLE regions Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250607-uffd-fixes-v2-1-339dafe9a2fe@columbia.edu> References: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> In-Reply-To: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> To: Andrew Morton , Peter Xu , "Jason A. Donenfeld" , David Hildenbrand , Alexander Viro , Christian Brauner , Jan Kara , Andrea Arcangeli Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Tal Zussman X-Mailer: b4 0.14.3-dev-d7477 X-Developer-Signature: v=1; a=ed25519-sha256; t=1749278406; l=1224; i=tz2294@columbia.edu; s=20250528; h=from:subject:message-id; bh=n8v8jQPEHBDi3OBta5pBlj9xOrKQ3fNVoKSw2MhnIFs=; b=rLCjnu3AuVjLMRsMouTDVAgFuy+fcnCkD8pTP58asoC4UhRlnYBPIGfGT7fICZTuJrXdQHyrR wFAzlGwgnCNACX8voDZpUDTUa7mpjPed0z1/ibxyJptvF9x6tZPNH0i X-Developer-Key: i=tz2294@columbia.edu; a=ed25519; pk=BIj5KdACscEOyAC0oIkeZqLB3L94fzBnDccEooxeM5Y= X-Proofpoint-ORIG-GUID: ieGrgtJ-RGfXKQeP-0M-n-MgxVQ3mZzi X-Proofpoint-GUID: ieGrgtJ-RGfXKQeP-0M-n-MgxVQ3mZzi X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjA3MDA0NyBTYWx0ZWRfX1na80oSn7CYG XDyOIr6EtDK2ZOa+0w4ouUmMpJYksMo4XTkDNL1ZRzsIPmDetVAxT5kQFOMmipVfgAyQAPabkLX vbRfTrgvpSitt4FDZNQEZMEkDWwQfIGRhlqUljEkR+Rhi6Q4hmgdvUjRAgVdo6m0IP8vj1grhlm VS/B1S3RmbueDHE0wyipHejAl5ntYkdjf53djPeZqeDiuI1WXYrT3tpkLpz1uH3X1KJCor0AHlt Bdq9bGjn321MMMpzjcwV9T9vjt6vTskuRP/Dalv9+mlvlWEJHsy1111fuUdMCU3tUPYwnunrun9 iyUOlZbArQTbDv+g3/15Jl6gS5iSqM9bC3qkcMobWSASraH6q5zCg2Tb6i6pzeMTfcUW2rjC27v QxnEnTIk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-06-07_03,2025-06-05_01,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 suspectscore=0 phishscore=0 impostorscore=0 lowpriorityscore=10 malwarescore=0 adultscore=0 clxscore=1015 spamscore=0 mlxlogscore=902 bulkscore=10 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2505160000 definitions=main-2506070047 vma_can_userfault() masks off non-userfaultfd VM flags from vm_flags. The vm_flags & VM_DROPPABLE test will then always be false, incorrectly allowing VM_DROPPABLE regions to be registered with userfaultfd. Additionally, vm_flags is not guaranteed to correspond to the actual VMA's flags. Fix this test by checking the VMA's flags directly. Link: https://lore.kernel.org/linux-mm/5a875a3a-2243-4eab-856f-bc53ccfec3ea= @redhat.com/ Fixes: 9651fcedf7b9 ("mm: add MAP_DROPPABLE for designating always lazily f= reeable mappings") Acked-by: David Hildenbrand Acked-by: Peter Xu Signed-off-by: Tal Zussman Acked-by: Jason A. Donenfeld --- include/linux/userfaultfd_k.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/userfaultfd_k.h b/include/linux/userfaultfd_k.h index 75342022d144..f3b3d2c9dd5e 100644 --- a/include/linux/userfaultfd_k.h +++ b/include/linux/userfaultfd_k.h @@ -218,7 +218,7 @@ static inline bool vma_can_userfault(struct vm_area_str= uct *vma, { vm_flags &=3D __VM_UFFD_FLAGS; =20 - if (vm_flags & VM_DROPPABLE) + if (vma->vm_flags & VM_DROPPABLE) return false; =20 if ((vm_flags & VM_UFFD_MINOR) && --=20 2.39.5 From nobody Fri Dec 19 07:49:53 2025 Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDD76241698 for ; Sat, 7 Jun 2025 06:40:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278419; cv=none; b=qpfPVRNnA743OTJeqkkt1Jvy2sYKct9GfKXazRovBc9Vc8IUCGnZxlotPtShczR0xqPgNcMdMZ3u8nE/KXFexWUyW049s65cohjAFc/nOdd8nLuGFT8YuAdh+Tf+jzcjUZge7wy0tOQL5ArIvYlf/SOpIy/hNHSwKWy5j0rlFOs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278419; c=relaxed/simple; bh=8xK9cYLtkyMChjhj6zDEoAbzPlavCj2F/8VVwgmH0dc=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=T6gCCSHpe++gQQUJbmroPfdBQDqBkY086BqPszqVvR6jTrMgdjMBdYc0m/785COU56phHufCrgjS1yJPSuynmq8YU9YcVVOYGKpo7ujRxdyq6NppL/QQqC/VVz6/CEw3OCtbTkat45x5qEP5+3rYcTeffyWvZ1GMUa9C7+AdcVE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu; spf=pass smtp.mailfrom=columbia.edu; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b=XlSgTddv; arc=none smtp.client-ip=148.163.139.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=columbia.edu Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b="XlSgTddv" Received: from pps.filterd (m0167073.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 5575d5RI006722 for ; Sat, 7 Jun 2025 02:40:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=cc : content-transfer-encoding : content-type : date : from : in-reply-to : message-id : mime-version : references : subject : to; s=pps01; bh=AsCYG8CkIIPZbMRBimL2n8U8A9q+7pGknJ/irwioCr4=; b=XlSgTddvA0Q4Gv1nwjggTtrLVvK4UOBDaL6hYkxLNrNc2JfxL9xK13KJUOsfdizihaMS hvePSAfJ+DdfkwHZiXPnDvFHEQTJs+RHfSMYXtd34fh7kaUlxZ52WQAxOOfsKFGuNEcP i86YKjNQPklHiIgXAhpTC1R37IAXG7GI0BW5AtfPwlgoHcHaKjJfcbIHvdKH1kmsc07l wYzoeetg2LRvLaMTqf2b9HSay/h04s1Kct6tLAxXRyPkri+/4l/uo1ZUObxOMXkLiXuc vtPP6zvtRvdHTKQiuwiXfq5uIVaHUahA8U0WFFB02PZcdnI9AyBVPhNpTwaZiUF9hLnZ yw== Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com [209.85.222.199]) by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 473ennw0dq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Sat, 07 Jun 2025 02:40:10 -0400 Received: by mail-qk1-f199.google.com with SMTP id af79cd13be357-7c793d573b2so521462785a.1 for ; Fri, 06 Jun 2025 23:40:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749278410; x=1749883210; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AsCYG8CkIIPZbMRBimL2n8U8A9q+7pGknJ/irwioCr4=; b=Lmkdl+kGL2ij5RG1gq9K+ro2ig9aGbIa1FceKne22Uw2MxO+wjO7UweEMMqCWUCGJ9 YlYnVLcTTi5WMZo4HK6gmazAKAsu/AI0TBZw2Z0Y6+RQ03hVNoZ7VEZCekF2eQVbBSeE FzbJO7ICy8k7tuCEvKq+F+TzcymERI/y87SOZC0NgxY80incZvYiqPYDdc1bF6iUVrX+ YUcnEZ4RPAOTKgo4P2rBRVc3XduKnP0lvEGPvH/fgW8FyhAQCsfu+ybBC1W8y37lm7hO f0o4KRzFR7JoOWb0HdC9sN9iPxisBjkc8QWuPcq2FnUvM2Ec6rgXDMLWv44ROL1raA0g fWMg== X-Forwarded-Encrypted: i=1; AJvYcCU+wdNqkRSJ4Pp8hMBo2/XugoEdBcXPcsYvT9scaAVakIifPxg7/RglA0JYd+WfblNlyWEJEayrbCFB5/Q=@vger.kernel.org X-Gm-Message-State: AOJu0YyZHnwn3EB8XMn+gJDcq3N3NMaFgH86QrE4g4OfUXvg1BtpgE6F ciQaBYLT/sxwPTqjrXgVTSMKiRIQpWPh378YoDZj2JcFh6g0pwVbCcI+m9J8z+28rvWY8CID8SM v4hYP0e5s1tlDOvQA47p8mAzw+ETuFuUFPffPAU3od2FvZfh2ggY2yya011CJxcYSPHXxug== X-Gm-Gg: ASbGncuuU3C5z76egDAZhjripkLyysn7AmOFIA8LlH9H3f3SxCviRykmTyl/RxZsoBu dRd+brv4ra/+rL4OkareQ+oOYx5+Q7V6ox4XyJ6wsdy8nekjcCIIQgfROIi9Dv2JozQhsHtsmFb TQ5k07SOw+x6IOj+lcpn2z7w1CkYD9vIieyciqF0XOjdr4veGXLSLdgKh5qC9/o6b7qptN7+V2v PcwLO5IqCbhH5MW4SNsvBBKhCRELsGwVq5qvfw1At3Alpbl1P2nvoqcqa4IQ7IwNeIHABErIKzS 5dXk89YPbnRIkIpCA2rrvr/v9Faye3JwHXcthadOvIiQ9Lh0gCgqkUqAEw== X-Received: by 2002:a05:620a:4406:b0:7c5:4711:dc56 with SMTP id af79cd13be357-7d2298fb49amr1059098785a.48.1749278409885; Fri, 06 Jun 2025 23:40:09 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF2auxeh6j8sDgORgohwuvlEu1znKeOCk52yB8TwnyaKsXohV1V87jQgHvUs+w5vQE4vIOb1g== X-Received: by 2002:a05:620a:4406:b0:7c5:4711:dc56 with SMTP id af79cd13be357-7d2298fb49amr1059095785a.48.1749278409369; Fri, 06 Jun 2025 23:40:09 -0700 (PDT) Received: from [127.0.1.1] (dyn-160-39-33-242.dyn.columbia.edu. [160.39.33.242]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6fb09ac95e5sm24461256d6.43.2025.06.06.23.40.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Jun 2025 23:40:08 -0700 (PDT) From: Tal Zussman Date: Sat, 07 Jun 2025 02:40:01 -0400 Subject: [PATCH v2 2/4] userfaultfd: remove (VM_)BUG_ON()s Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250607-uffd-fixes-v2-2-339dafe9a2fe@columbia.edu> References: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> In-Reply-To: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> To: Andrew Morton , Peter Xu , "Jason A. Donenfeld" , David Hildenbrand , Alexander Viro , Christian Brauner , Jan Kara , Andrea Arcangeli Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Tal Zussman X-Mailer: b4 0.14.3-dev-d7477 X-Developer-Signature: v=1; a=ed25519-sha256; t=1749278406; l=12862; i=tz2294@columbia.edu; s=20250528; h=from:subject:message-id; bh=8xK9cYLtkyMChjhj6zDEoAbzPlavCj2F/8VVwgmH0dc=; b=S+N7HEkuX1EXoPaYFwQEbrEidF/LHDXVIh0PjyFqrHyCQ7+XyLIIN+W4PRgPVwS7zx5ao/6Nq 2qTTxiB7gZCC0wWB3XOuTAoBcOGOEbzdJ6UnChfrt2PylWcXxKiDuIX X-Developer-Key: i=tz2294@columbia.edu; a=ed25519; pk=BIj5KdACscEOyAC0oIkeZqLB3L94fzBnDccEooxeM5Y= X-Proofpoint-ORIG-GUID: EZkspP3HGUpnLjU2f8bv9c0_o5OmAJgc X-Proofpoint-GUID: EZkspP3HGUpnLjU2f8bv9c0_o5OmAJgc X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjA3MDA0NyBTYWx0ZWRfXyLYkhe6dgNOp svP06X5WVmaOLD0OEhcOGVndAV71t53LQDVM51CEYNHgGoRyz77Bb2+2wDuR0GkdGklpLBrz4L9 gP99cyzY+/aAxXVyhJ+O4lAF6PispcrgPCzpoUbC6jXPQorYTOodkt303GT6DwcJ/lPqam3WDn1 sEqY/TY/U+Ex/nSL8o4qfQ+y3M2FY41VG1OLo/fgHcCl7MivYQ1sfGgR3smcxL01Lx+/Yve5fPc cJ3ZOoqGiWEoo96Tkw/srr6UzVMQNTLtXaHUIK1WryD3GN9cdaVzS9wIi9efkkVpR8x27waHAui Ynwb74Rg35Vdy2hcTNfGHDbsvOWvjwv0E3ILeZ8bYBhwXwCp/9lpLQTH8eRRdDVHmpA3MQHik8X XyWS+0S0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-06-07_03,2025-06-05_01,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 suspectscore=0 bulkscore=10 phishscore=0 priorityscore=1501 mlxscore=0 impostorscore=0 mlxlogscore=999 spamscore=0 clxscore=1015 lowpriorityscore=10 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2505160000 definitions=main-2506070047 BUG_ON() is deprecated [1]. Convert all the BUG_ON()s and VM_BUG_ON()s to use VM_WARN_ON_ONCE(). While at it, also convert the WARN_ON_ONCE()s in move_pages() to use VM_WARN_ON_ONCE(), as the relevant conditions are already checked in validate_range() in move_pages()'s caller. [1] https://www.kernel.org/doc/html/v6.15/process/coding-style.html#use-war= n-rather-than-bug Signed-off-by: Tal Zussman --- fs/userfaultfd.c | 59 +++++++++++++++++++++++++------------------------- mm/userfaultfd.c | 66 +++++++++++++++++++++++++++-------------------------= ---- 2 files changed, 61 insertions(+), 64 deletions(-) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index 22f4bf956ba1..80c95c712266 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -165,14 +165,14 @@ static void userfaultfd_ctx_get(struct userfaultfd_ct= x *ctx) static void userfaultfd_ctx_put(struct userfaultfd_ctx *ctx) { if (refcount_dec_and_test(&ctx->refcount)) { - VM_BUG_ON(spin_is_locked(&ctx->fault_pending_wqh.lock)); - VM_BUG_ON(waitqueue_active(&ctx->fault_pending_wqh)); - VM_BUG_ON(spin_is_locked(&ctx->fault_wqh.lock)); - VM_BUG_ON(waitqueue_active(&ctx->fault_wqh)); - VM_BUG_ON(spin_is_locked(&ctx->event_wqh.lock)); - VM_BUG_ON(waitqueue_active(&ctx->event_wqh)); - VM_BUG_ON(spin_is_locked(&ctx->fd_wqh.lock)); - VM_BUG_ON(waitqueue_active(&ctx->fd_wqh)); + VM_WARN_ON_ONCE(spin_is_locked(&ctx->fault_pending_wqh.lock)); + VM_WARN_ON_ONCE(waitqueue_active(&ctx->fault_pending_wqh)); + VM_WARN_ON_ONCE(spin_is_locked(&ctx->fault_wqh.lock)); + VM_WARN_ON_ONCE(waitqueue_active(&ctx->fault_wqh)); + VM_WARN_ON_ONCE(spin_is_locked(&ctx->event_wqh.lock)); + VM_WARN_ON_ONCE(waitqueue_active(&ctx->event_wqh)); + VM_WARN_ON_ONCE(spin_is_locked(&ctx->fd_wqh.lock)); + VM_WARN_ON_ONCE(waitqueue_active(&ctx->fd_wqh)); mmdrop(ctx->mm); kmem_cache_free(userfaultfd_ctx_cachep, ctx); } @@ -383,12 +383,12 @@ vm_fault_t handle_userfault(struct vm_fault *vmf, uns= igned long reason) if (!ctx) goto out; =20 - BUG_ON(ctx->mm !=3D mm); + VM_WARN_ON_ONCE(ctx->mm !=3D mm); =20 /* Any unrecognized flag is a bug. */ - VM_BUG_ON(reason & ~__VM_UFFD_FLAGS); + VM_WARN_ON_ONCE(reason & ~__VM_UFFD_FLAGS); /* 0 or > 1 flags set is a bug; we expect exactly 1. */ - VM_BUG_ON(!reason || (reason & (reason - 1))); + VM_WARN_ON_ONCE(!reason || (reason & (reason - 1))); =20 if (ctx->features & UFFD_FEATURE_SIGBUS) goto out; @@ -411,12 +411,11 @@ vm_fault_t handle_userfault(struct vm_fault *vmf, uns= igned long reason) * to be sure not to return SIGBUS erroneously on * nowait invocations. */ - BUG_ON(vmf->flags & FAULT_FLAG_RETRY_NOWAIT); + VM_WARN_ON_ONCE(vmf->flags & FAULT_FLAG_RETRY_NOWAIT); #ifdef CONFIG_DEBUG_VM if (printk_ratelimit()) { - printk(KERN_WARNING - "FAULT_FLAG_ALLOW_RETRY missing %x\n", - vmf->flags); + pr_warn("FAULT_FLAG_ALLOW_RETRY missing %x\n", + vmf->flags); dump_stack(); } #endif @@ -602,7 +601,7 @@ static void userfaultfd_event_wait_completion(struct us= erfaultfd_ctx *ctx, */ out: atomic_dec(&ctx->mmap_changing); - VM_BUG_ON(atomic_read(&ctx->mmap_changing) < 0); + VM_WARN_ON_ONCE(atomic_read(&ctx->mmap_changing) < 0); userfaultfd_ctx_put(ctx); } =20 @@ -710,7 +709,7 @@ void dup_userfaultfd_fail(struct list_head *fcs) struct userfaultfd_ctx *ctx =3D fctx->new; =20 atomic_dec(&octx->mmap_changing); - VM_BUG_ON(atomic_read(&octx->mmap_changing) < 0); + VM_WARN_ON_ONCE(atomic_read(&octx->mmap_changing) < 0); userfaultfd_ctx_put(octx); userfaultfd_ctx_put(ctx); =20 @@ -1317,8 +1316,8 @@ static int userfaultfd_register(struct userfaultfd_ct= x *ctx, do { cond_resched(); =20 - BUG_ON(!!cur->vm_userfaultfd_ctx.ctx ^ - !!(cur->vm_flags & __VM_UFFD_FLAGS)); + VM_WARN_ON_ONCE(!!cur->vm_userfaultfd_ctx.ctx ^ + !!(cur->vm_flags & __VM_UFFD_FLAGS)); =20 /* check not compatible vmas */ ret =3D -EINVAL; @@ -1372,7 +1371,7 @@ static int userfaultfd_register(struct userfaultfd_ct= x *ctx, =20 found =3D true; } for_each_vma_range(vmi, cur, end); - BUG_ON(!found); + VM_WARN_ON_ONCE(!found); =20 ret =3D userfaultfd_register_range(ctx, vma, vm_flags, start, end, wp_async); @@ -1464,8 +1463,8 @@ static int userfaultfd_unregister(struct userfaultfd_= ctx *ctx, do { cond_resched(); =20 - BUG_ON(!!cur->vm_userfaultfd_ctx.ctx ^ - !!(cur->vm_flags & __VM_UFFD_FLAGS)); + VM_WARN_ON_ONCE(!!cur->vm_userfaultfd_ctx.ctx ^ + !!(cur->vm_flags & __VM_UFFD_FLAGS)); =20 /* * Check not compatible vmas, not strictly required @@ -1479,7 +1478,7 @@ static int userfaultfd_unregister(struct userfaultfd_= ctx *ctx, =20 found =3D true; } for_each_vma_range(vmi, cur, end); - BUG_ON(!found); + VM_WARN_ON_ONCE(!found); =20 vma_iter_set(&vmi, start); prev =3D vma_prev(&vmi); @@ -1490,7 +1489,7 @@ static int userfaultfd_unregister(struct userfaultfd_= ctx *ctx, for_each_vma_range(vmi, vma, end) { cond_resched(); =20 - BUG_ON(!vma_can_userfault(vma, vma->vm_flags, wp_async)); + VM_WARN_ON_ONCE(!vma_can_userfault(vma, vma->vm_flags, wp_async)); =20 /* * Nothing to do: this vma is already registered into this @@ -1564,7 +1563,7 @@ static int userfaultfd_wake(struct userfaultfd_ctx *c= tx, * len =3D=3D 0 means wake all and we don't want to wake all here, * so check it again to be sure. */ - VM_BUG_ON(!range.len); + VM_WARN_ON_ONCE(!range.len); =20 wake_userfault(ctx, &range); ret =3D 0; @@ -1621,7 +1620,7 @@ static int userfaultfd_copy(struct userfaultfd_ctx *c= tx, return -EFAULT; if (ret < 0) goto out; - BUG_ON(!ret); + VM_WARN_ON_ONCE(!ret); /* len =3D=3D 0 would wake all */ range.len =3D ret; if (!(uffdio_copy.mode & UFFDIO_COPY_MODE_DONTWAKE)) { @@ -1676,7 +1675,7 @@ static int userfaultfd_zeropage(struct userfaultfd_ct= x *ctx, if (ret < 0) goto out; /* len =3D=3D 0 would wake all */ - BUG_ON(!ret); + VM_WARN_ON_ONCE(!ret); range.len =3D ret; if (!(uffdio_zeropage.mode & UFFDIO_ZEROPAGE_MODE_DONTWAKE)) { range.start =3D uffdio_zeropage.range.start; @@ -1788,7 +1787,7 @@ static int userfaultfd_continue(struct userfaultfd_ct= x *ctx, unsigned long arg) goto out; =20 /* len =3D=3D 0 would wake all */ - BUG_ON(!ret); + VM_WARN_ON_ONCE(!ret); range.len =3D ret; if (!(uffdio_continue.mode & UFFDIO_CONTINUE_MODE_DONTWAKE)) { range.start =3D uffdio_continue.range.start; @@ -1845,7 +1844,7 @@ static inline int userfaultfd_poison(struct userfault= fd_ctx *ctx, unsigned long goto out; =20 /* len =3D=3D 0 would wake all */ - BUG_ON(!ret); + VM_WARN_ON_ONCE(!ret); range.len =3D ret; if (!(uffdio_poison.mode & UFFDIO_POISON_MODE_DONTWAKE)) { range.start =3D uffdio_poison.range.start; @@ -2106,7 +2105,7 @@ static int new_userfaultfd(int flags) struct file *file; int fd; =20 - BUG_ON(!current->mm); + VM_WARN_ON_ONCE(!current->mm); =20 /* Check the UFFD_* constants for consistency. */ BUILD_BUG_ON(UFFD_USER_MODE_ONLY & UFFD_SHARED_FCNTL_FLAGS); diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c index bc473ad21202..41e67ded5a6e 100644 --- a/mm/userfaultfd.c +++ b/mm/userfaultfd.c @@ -561,7 +561,7 @@ static __always_inline ssize_t mfill_atomic_hugetlb( } =20 while (src_addr < src_start + len) { - BUG_ON(dst_addr >=3D dst_start + len); + VM_WARN_ON_ONCE(dst_addr >=3D dst_start + len); =20 /* * Serialize via vma_lock and hugetlb_fault_mutex. @@ -602,7 +602,7 @@ static __always_inline ssize_t mfill_atomic_hugetlb( if (unlikely(err =3D=3D -ENOENT)) { up_read(&ctx->map_changing_lock); uffd_mfill_unlock(dst_vma); - BUG_ON(!folio); + VM_WARN_ON_ONCE(!folio); =20 err =3D copy_folio_from_user(folio, (const void __user *)src_addr, true); @@ -614,7 +614,7 @@ static __always_inline ssize_t mfill_atomic_hugetlb( dst_vma =3D NULL; goto retry; } else - BUG_ON(folio); + VM_WARN_ON_ONCE(folio); =20 if (!err) { dst_addr +=3D vma_hpagesize; @@ -635,9 +635,9 @@ static __always_inline ssize_t mfill_atomic_hugetlb( out: if (folio) folio_put(folio); - BUG_ON(copied < 0); - BUG_ON(err > 0); - BUG_ON(!copied && !err); + VM_WARN_ON_ONCE(copied < 0); + VM_WARN_ON_ONCE(err > 0); + VM_WARN_ON_ONCE(!copied && !err); return copied ? copied : err; } #else /* !CONFIG_HUGETLB_PAGE */ @@ -711,12 +711,12 @@ static __always_inline ssize_t mfill_atomic(struct us= erfaultfd_ctx *ctx, /* * Sanitize the command parameters: */ - BUG_ON(dst_start & ~PAGE_MASK); - BUG_ON(len & ~PAGE_MASK); + VM_WARN_ON_ONCE(dst_start & ~PAGE_MASK); + VM_WARN_ON_ONCE(len & ~PAGE_MASK); =20 /* Does the address range wrap, or is the span zero-sized? */ - BUG_ON(src_start + len <=3D src_start); - BUG_ON(dst_start + len <=3D dst_start); + VM_WARN_ON_ONCE(src_start + len <=3D src_start); + VM_WARN_ON_ONCE(dst_start + len <=3D dst_start); =20 src_addr =3D src_start; dst_addr =3D dst_start; @@ -775,7 +775,7 @@ static __always_inline ssize_t mfill_atomic(struct user= faultfd_ctx *ctx, while (src_addr < src_start + len) { pmd_t dst_pmdval; =20 - BUG_ON(dst_addr >=3D dst_start + len); + VM_WARN_ON_ONCE(dst_addr >=3D dst_start + len); =20 dst_pmd =3D mm_alloc_pmd(dst_mm, dst_addr); if (unlikely(!dst_pmd)) { @@ -818,7 +818,7 @@ static __always_inline ssize_t mfill_atomic(struct user= faultfd_ctx *ctx, =20 up_read(&ctx->map_changing_lock); uffd_mfill_unlock(dst_vma); - BUG_ON(!folio); + VM_WARN_ON_ONCE(!folio); =20 kaddr =3D kmap_local_folio(folio, 0); err =3D copy_from_user(kaddr, @@ -832,7 +832,7 @@ static __always_inline ssize_t mfill_atomic(struct user= faultfd_ctx *ctx, flush_dcache_folio(folio); goto retry; } else - BUG_ON(folio); + VM_WARN_ON_ONCE(folio); =20 if (!err) { dst_addr +=3D PAGE_SIZE; @@ -852,9 +852,9 @@ static __always_inline ssize_t mfill_atomic(struct user= faultfd_ctx *ctx, out: if (folio) folio_put(folio); - BUG_ON(copied < 0); - BUG_ON(err > 0); - BUG_ON(!copied && !err); + VM_WARN_ON_ONCE(copied < 0); + VM_WARN_ON_ONCE(err > 0); + VM_WARN_ON_ONCE(!copied && !err); return copied ? copied : err; } =20 @@ -940,11 +940,11 @@ int mwriteprotect_range(struct userfaultfd_ctx *ctx, = unsigned long start, /* * Sanitize the command parameters: */ - BUG_ON(start & ~PAGE_MASK); - BUG_ON(len & ~PAGE_MASK); + VM_WARN_ON_ONCE(start & ~PAGE_MASK); + VM_WARN_ON_ONCE(len & ~PAGE_MASK); =20 /* Does the address range wrap, or is the span zero-sized? */ - BUG_ON(start + len <=3D start); + VM_WARN_ON_ONCE(start + len <=3D start); =20 mmap_read_lock(dst_mm); =20 @@ -1709,15 +1709,13 @@ ssize_t move_pages(struct userfaultfd_ctx *ctx, uns= igned long dst_start, ssize_t moved =3D 0; =20 /* Sanitize the command parameters. */ - if (WARN_ON_ONCE(src_start & ~PAGE_MASK) || - WARN_ON_ONCE(dst_start & ~PAGE_MASK) || - WARN_ON_ONCE(len & ~PAGE_MASK)) - goto out; + VM_WARN_ON_ONCE(src_start & ~PAGE_MASK); + VM_WARN_ON_ONCE(dst_start & ~PAGE_MASK); + VM_WARN_ON_ONCE(len & ~PAGE_MASK); =20 /* Does the address range wrap, or is the span zero-sized? */ - if (WARN_ON_ONCE(src_start + len <=3D src_start) || - WARN_ON_ONCE(dst_start + len <=3D dst_start)) - goto out; + VM_WARN_ON_ONCE(src_start + len < src_start); + VM_WARN_ON_ONCE(dst_start + len < dst_start); =20 err =3D uffd_move_lock(mm, dst_start, src_start, &dst_vma, &src_vma); if (err) @@ -1867,9 +1865,9 @@ ssize_t move_pages(struct userfaultfd_ctx *ctx, unsig= ned long dst_start, up_read(&ctx->map_changing_lock); uffd_move_unlock(dst_vma, src_vma); out: - VM_WARN_ON(moved < 0); - VM_WARN_ON(err > 0); - VM_WARN_ON(!moved && !err); + VM_WARN_ON_ONCE(moved < 0); + VM_WARN_ON_ONCE(err > 0); + VM_WARN_ON_ONCE(!moved && !err); return moved ? moved : err; } =20 @@ -1956,9 +1954,9 @@ int userfaultfd_register_range(struct userfaultfd_ctx= *ctx, for_each_vma_range(vmi, vma, end) { cond_resched(); =20 - BUG_ON(!vma_can_userfault(vma, vm_flags, wp_async)); - BUG_ON(vma->vm_userfaultfd_ctx.ctx && - vma->vm_userfaultfd_ctx.ctx !=3D ctx); + VM_WARN_ON_ONCE(!vma_can_userfault(vma, vm_flags, wp_async)); + VM_WARN_ON_ONCE(vma->vm_userfaultfd_ctx.ctx && + vma->vm_userfaultfd_ctx.ctx !=3D ctx); WARN_ON(!(vma->vm_flags & VM_MAYWRITE)); =20 /* @@ -2035,8 +2033,8 @@ void userfaultfd_release_all(struct mm_struct *mm, prev =3D NULL; for_each_vma(vmi, vma) { cond_resched(); - BUG_ON(!!vma->vm_userfaultfd_ctx.ctx ^ - !!(vma->vm_flags & __VM_UFFD_FLAGS)); + VM_WARN_ON_ONCE(!!vma->vm_userfaultfd_ctx.ctx ^ + !!(vma->vm_flags & __VM_UFFD_FLAGS)); if (vma->vm_userfaultfd_ctx.ctx !=3D ctx) { prev =3D vma; continue; --=20 2.39.5 From nobody Fri Dec 19 07:49:53 2025 Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A7DC4259C87 for ; Sat, 7 Jun 2025 06:40:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278420; cv=none; b=RfwAfqPV4sIr+kzDlb9UtPbyVhDwirDq0lNp7KrbhUmn+WC4Bx1nb1eHu7k5xXa6lhSD1wft4ms2LcSFapneLSkHkfDUarhCciZ4jwkUCCbTHhbu1sZ0NKt5vUBVSM1N1KpSF9rq4u/P3ilW8YwdD5OEeJ6NQilhH8k14j8+pjY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278420; c=relaxed/simple; bh=ZV6IvBG9rODNxyRdIe9D1A/OZu56meo0GhXdqsXp4+g=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=jFEORtPijgtyB/ZjspTdYKc+Tsv6QA1cbF+31xd1nlsJQJzF+HJskLBikAnxzP+CUMX8YcgJFr0c0uA/1DkvZC5pNyW66CzA8anDFT3gatOiSFMrfAdDZtsV7jCX3hqSTX/tfY85ae+x1r8tz1xVTHhWYV0jgk/sjwLkk157KrE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu; spf=pass smtp.mailfrom=columbia.edu; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b=GeQQw7Dg; arc=none smtp.client-ip=148.163.139.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=columbia.edu Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b="GeQQw7Dg" Received: from pps.filterd (m0167076.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 5576IqlE006880 for ; Sat, 7 Jun 2025 02:40:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=cc : content-transfer-encoding : content-type : date : from : in-reply-to : message-id : mime-version : references : subject : to; s=pps01; bh=O3hRpBEKykTos0eYdysg7Qljwq5u2yLqFXW9AcwF/YQ=; b=GeQQw7DgwSo8C5AIrIb3odSN5wUmysiIVlawRTjxm4i0/HUJAiZfKx+wIGq0ludDH0ji KR01EwmQf3b/m4cTxErPkmml76GEY1TexpZNZAOzvwvOuI10phmbD2jon2fGe7j22rYN nyyQfou7Gae9i3pcaRgVV3NJ/KeLCFuiP9ctIDIZx1RtagnFeHeqstmgh+aMZ1UJ+F6O PyT8M8nBxEZAiFgCaw/fD/lp/6IHt7TCGisCkMQGdbsWyycw96+k4vMOzJJCaFLvqglb 4nWiw24sKQfJAA0HvHhJog71aodH0h/YtQVEtmTTH7cDj3Zs7TdlQP+Rlj5VBJyn8lBG uw== Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 474ehw088e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Sat, 07 Jun 2025 02:40:12 -0400 Received: by mail-qv1-f69.google.com with SMTP id 6a1803df08f44-6fae0df0b35so42718716d6.3 for ; Fri, 06 Jun 2025 23:40:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749278411; x=1749883211; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O3hRpBEKykTos0eYdysg7Qljwq5u2yLqFXW9AcwF/YQ=; b=ZSj+ACuYag/kRombvueofifQHhyXQd5uDhKlacAbcr4lkPWvpI5y65Lrduv6OGSBX2 BW366JGIYeC4cymPbPqmtZ98K42dNcD9aC9bNFVsJQlDBmwGSmGwhuF0bREvg2cSwCvj lQB2HCaALO9ydhreygzgokPaMlLGBNeE7VFlVDdFwzwHhiONXoStHVNlDL30tMIDniDT nvN8fK2a5HiCIEgXQZtvQy3ml05T11Wnt6O/Tk1trXIvgEYhFqqTuyJtRGWLoQWUyzoA B8KGfjYQr69goepmn7zZL2/Y01CUURp0t7tW9FToFqr73cNhkLEpu53N9/W1SOS7mNQT yflw== X-Forwarded-Encrypted: i=1; AJvYcCWDf/OF50wfUGD96YZp68wOOUwIpliat4c9iz/DC8k8yEaeJNkxs43PCkbhemVDGg4ZW1T8e7CAjrTaAZw=@vger.kernel.org X-Gm-Message-State: AOJu0YyTPlpC6r89j24fRRz06BQH6QfXcyF73y2Yk1NqOrh5naglBFnY wCQp4Nd1NfWMLaLLCOheZmU660sQdEkl/iyvTGnpE7C4KU3PVDoCaSVwQTnk/x3dAMs0vJLFMpA 92tPk/lQlOUWoHwfi+zt8TRLxDcw0YLfFJp/09pW8NJ9Og8djAWDVplNa42zNyw5Y7CNzlw== X-Gm-Gg: ASbGnctU/Zs3lyJJgswtrzFl53rR3BGpkoxQfhV/2r0UtxyK2Xke0eU9tZHZKcIOGFj iZ38gJsdTTD1Q79gRRIah9Q481/jCGrIZZLkV85n9oNl7qfX+hyASHS9wERiCtzHUJnLEQRSKzP qusyVopLkhPNIReRM/rooQbUHWN5oxQEG1VhMZTROkAyEe80ZL8/MSdbqsQLsfxQ13yzWafDu6u xjFkNT8FTVmOoMLEl0ynykuRmXZN+L9z62vuTEUmvTmU1QdhM3EgExXgD9gGVNpMEwddwkFaypC fwXW8iVjwwEsxiw56fQlQHC+jNPMm0zPE7uYBvr8O8cT04lyMrjvIXGiMPsCpP0V9i6y X-Received: by 2002:a05:6214:c29:b0:6f5:3a79:a4b2 with SMTP id 6a1803df08f44-6fb08f5a53bmr101411516d6.14.1749278411226; Fri, 06 Jun 2025 23:40:11 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEmVrk/VdZ4ByYAP6ObydcI2V+4WHKHTrNByFsQ6SroU2GDeGkFxy7AqxcuptII4nzRfd/vNg== X-Received: by 2002:a05:6214:c29:b0:6f5:3a79:a4b2 with SMTP id 6a1803df08f44-6fb08f5a53bmr101411316d6.14.1749278410836; Fri, 06 Jun 2025 23:40:10 -0700 (PDT) Received: from [127.0.1.1] (dyn-160-39-33-242.dyn.columbia.edu. [160.39.33.242]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6fb09ac95e5sm24461256d6.43.2025.06.06.23.40.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Jun 2025 23:40:09 -0700 (PDT) From: Tal Zussman Date: Sat, 07 Jun 2025 02:40:02 -0400 Subject: [PATCH v2 3/4] userfaultfd: prevent unregistering VMAs through a different userfaultfd Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250607-uffd-fixes-v2-3-339dafe9a2fe@columbia.edu> References: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> In-Reply-To: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> To: Andrew Morton , Peter Xu , "Jason A. Donenfeld" , David Hildenbrand , Alexander Viro , Christian Brauner , Jan Kara , Andrea Arcangeli Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Tal Zussman X-Mailer: b4 0.14.3-dev-d7477 X-Developer-Signature: v=1; a=ed25519-sha256; t=1749278406; l=2794; i=tz2294@columbia.edu; s=20250528; h=from:subject:message-id; bh=ZV6IvBG9rODNxyRdIe9D1A/OZu56meo0GhXdqsXp4+g=; b=cbRiuPYOlDNC85xvdOnlaqM/TKAJAmMIkwYerXoRYFE+4o6gzxXLjI8Dj43tZLoBroYGTs5dk 1vFeBnd/qJIBrk2shfUuxz4u8JfXfa2uUChkESjNV74hDtToHHfWXG+ X-Developer-Key: i=tz2294@columbia.edu; a=ed25519; pk=BIj5KdACscEOyAC0oIkeZqLB3L94fzBnDccEooxeM5Y= X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjA3MDA0NyBTYWx0ZWRfX7duaGzo3vcx/ uMKgzkstHz2xcCL4J1TBrSkYo6D9TNwN5wRAmE3vDQJNM8ZpJ2tbUZ2sPIH/Uth9Vp27Xi2CLjE 6t3sUUpcMp68L3YoWF/uHBSLkAFpdObOwIv6pDar8dx+Wq9MoyDU9IO41e43G4e2cdRZPNdq0dS 9lth6PkwN02ZqcUz+DU5rrHqgNnCUMJK1a1bWajBDpCW+lMw5MO9b6Len5aLYGjB6azmHhlRDK9 7jkEoL5MtE3ciy4Q82xWL7XqNXqi32IoludmVuRjPt2L6kxUNj15ozu+YSN0FCEpHJb6HxR8WLZ xDieYJCN0i0F0Z2RzVqIEVw2uHSU85Hi0SkavTDzq66u63uFSFQvvuO0SO4PAN0kvkckRyvYpEU +TvTeOcU X-Proofpoint-GUID: 4lHr5YqS79hi3RxwXvAiCUqC90WT6dNW X-Proofpoint-ORIG-GUID: 4lHr5YqS79hi3RxwXvAiCUqC90WT6dNW X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-06-07_03,2025-06-05_01,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 clxscore=1015 mlxscore=0 suspectscore=0 phishscore=0 priorityscore=1501 lowpriorityscore=10 impostorscore=0 mlxlogscore=830 bulkscore=10 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2505160000 definitions=main-2506070047 Currently, a VMA registered with a uffd can be unregistered through a different uffd associated with the same mm_struct. The existing behavior is slightly broken and may incorrectly reject unregistering some VMAs due to the following check: if (!vma_can_userfault(cur, cur->vm_flags, wp_async)) goto out_unlock; where wp_async is derived from ctx, not from cur. For example, a file-backed VMA registered with wp_async enabled and UFFD_WP mode cannot be unregistered through a uffd that does not have wp_async enabled. Rather than fix this and maintain this odd behavior, make unregistration stricter by requiring VMAs to be unregistered through the same uffd they were registered with. Additionally, reorder the WARN() checks to avoid the aforementioned wp_async issue in the WARN()s. This change slightly modifies the ABI. It should not be backported to -stable. While at it, correct the comment for the no userfaultfd case. This seems to be a copy-paste artifact from the analogous userfaultfd_register() check. Fixes: 86039bd3b4e6 ("userfaultfd: add new syscall to provide memory extern= alization") Signed-off-by: Tal Zussman Acked-by: David Hildenbrand --- fs/userfaultfd.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index 80c95c712266..10e8037f5216 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -1466,6 +1466,16 @@ static int userfaultfd_unregister(struct userfaultfd= _ctx *ctx, VM_WARN_ON_ONCE(!!cur->vm_userfaultfd_ctx.ctx ^ !!(cur->vm_flags & __VM_UFFD_FLAGS)); =20 + /* + * Check that this VMA isn't already owned by a different + * userfaultfd. This provides for more strict behavior by + * preventing a VMA registered with a userfaultfd from being + * unregistered through a different userfaultfd. + */ + if (cur->vm_userfaultfd_ctx.ctx && + cur->vm_userfaultfd_ctx.ctx !=3D ctx) + goto out_unlock; + /* * Check not compatible vmas, not strictly required * here as not compatible vmas cannot have an @@ -1489,15 +1499,14 @@ static int userfaultfd_unregister(struct userfaultf= d_ctx *ctx, for_each_vma_range(vmi, vma, end) { cond_resched(); =20 - VM_WARN_ON_ONCE(!vma_can_userfault(vma, vma->vm_flags, wp_async)); - /* - * Nothing to do: this vma is already registered into this - * userfaultfd and with the right tracking mode too. + * Nothing to do: this vma is not registered with userfaultfd. */ if (!vma->vm_userfaultfd_ctx.ctx) goto skip; =20 + VM_WARN_ON_ONCE(vma->vm_userfaultfd_ctx.ctx !=3D ctx); + VM_WARN_ON_ONCE(!vma_can_userfault(vma, vma->vm_flags, wp_async)); WARN_ON(!(vma->vm_flags & VM_MAYWRITE)); =20 if (vma->vm_start > start) --=20 2.39.5 From nobody Fri Dec 19 07:49:53 2025 Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABC4C241CB0 for ; Sat, 7 Jun 2025 06:40:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278427; cv=none; b=N8luixYRJmmVxIvqvZF1vZuv1HngLocGjP8l9q/duQHHHCJHyNuzvOATpw8ReTKPmnl9mpDzQKvN+MrJWM28iduqhaBv2x8TSyiiiJghW+DWVj6Q4Fm149YUeZzAlxsjFLrMjVh6JrDwiEISptGfQQ6oQE2XB3PSIusr42nyRhI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1749278427; c=relaxed/simple; bh=BCiqmyiBck+kr/OASD2ROBkgeX+5AW3Pps9lr6jrizo=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=rjQtsU6qRet3Y/S3LEEWEjlFUai9ltmWgyVSQyiEiXyNlLM4fCpROmEVEYhyVkJzyWfPgZUOJPCk3NrZdxbWmIJTYgpqSb6/EBWTAIG275XU1MqlqkLTrbAVecTaCzh15EkWPX/smk+KB7ul/VQ/qZg9uvUaxlkfiByX5Mok1Q0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu; spf=pass smtp.mailfrom=columbia.edu; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b=UJ23Ly3P; arc=none smtp.client-ip=148.163.139.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=columbia.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=columbia.edu Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=columbia.edu header.i=@columbia.edu header.b="UJ23Ly3P" Received: from pps.filterd (m0167074.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 5576FwxC008428 for ; Sat, 7 Jun 2025 02:40:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=cc : content-transfer-encoding : content-type : date : from : in-reply-to : message-id : mime-version : references : subject : to; s=pps01; bh=NCb2N0Fk92a1P9JTghKE8MY8Out64G9+V7YULXAPf30=; b=UJ23Ly3PeQAsrR9GxRQF+LR37pMg61M2pNRwZFHWN2ngpt1OnwDq+m0fnF1OXyjanmOq h1MaijbAfqApYu09GD66kyIxBrhGJ9/oFh9b/kExIpb5sHJua9hJAdMrYhQwIyp+gANG mTns6/G3b+UGWuGsKmprp2PGpIsWro8+gySO/Oy/Ec1VWVMy5/NfnO+vqi+GD6kEfbbM o+WUot4Bd8ArzATXdFsSqn8mwtie2Hk17V5Gr/Up/CVEnrzP1sGIhNPvz4f6+JRZQS/8 3aw7a7cW68SLJ9jWBpeBOcZ5rb+677ic/l3sT1GnnI2Z96FJW2sRaDVJiGa2NVmHzG4M 3g== Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) by mx0b-00364e01.pphosted.com (PPS) with ESMTPS id 474efj08a3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Sat, 07 Jun 2025 02:40:24 -0400 Received: by mail-pf1-f199.google.com with SMTP id d2e1a72fcca58-747a9ef52a4so3702050b3a.2 for ; Fri, 06 Jun 2025 23:40:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749278423; x=1749883223; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NCb2N0Fk92a1P9JTghKE8MY8Out64G9+V7YULXAPf30=; b=vSyTkh6E/2lNbewdk1aPEd2ZjPncbuG74GEWbXshB9ImP8BPM8cUgzLeNcYEOZqELQ iEGpN+7CXmw1JLczDK5syVxM9kO8uXFHg6wEQ2PLcpTE9sGsbPVFWbSWNwDUxf2eQgYv bErx4nVEZ1I2VEYZJqIy4NLyR1Mh96+o5sjpCtwDL4jd/BpanfNm4ouZF2r3S8T0+PmF EpE3bpVryPDQxCZKyLMSCi6gIfeUKDI+lSx3OPuJ81ek7aOffJNcxzCL1EqO2slgJ0TU j/7bFKXGBUWQnW5KmIKG6Q8znGG9iDio7DudeoGsqoABYI8fWlsPv1VNDtmJNarbGvaw IA9g== X-Forwarded-Encrypted: i=1; AJvYcCVLPad84v9wDHOpfJ7XcLCu364ZiYRQ63dpqv306sfdgZsW7aboBgWIiyF8VJw2hRcMBRjGBEedaBx+37Q=@vger.kernel.org X-Gm-Message-State: AOJu0YyTwCYd+Bvbx9tQyMQMmvdXDBwQDElUkW9ZaF0+Vgzh9uHhLY3v 5icl00MG1J7laVNEXDL+LNksv3TpcuEzi2GOge1Sc57qoHhmBzC04re+oz7MyrESKvXy0FyQcTy 7Cj2oiqsQGBsTD9+2+CKYtzvcO+TfD/mDiCAIlbA9WbniHW9gzXhI1PCg+7y1SF8sf68OUg== X-Gm-Gg: ASbGncvMlwXZ/mdJY53weSBtjTki9usQPxlXb9gOm8kWLWigFqJV39+Wmg66VfjxXu6 UTAJhAzogQvxw/3faPljCQk+jOXGO2heiRhJFB4ezW2Y7QvdJIIWIVQPMy1If6qqhN824c+ipAm mjOyNA6GKeGaOT46YIB77hNif24AWjkoIQEjAk1iVYgmTw8nMAoQmF2MaWPrN7yzNrUw2Gn3MTZ JXrruQ+9Gv6qSVqufUeNeepkFpEdihChG3qSzzwOHGEqiZm79SjPPmxATzRS64+L2Jr26rKEIHj wveX0+A/A5bLuJYdZYUZb2Qc2axT6maH1EKGSOPW2127HvY0m+MSPVPkOFT8fsLZfXlt X-Received: by 2002:a05:6a00:1885:b0:746:3200:620 with SMTP id d2e1a72fcca58-74827e82607mr7274021b3a.9.1749278423047; Fri, 06 Jun 2025 23:40:23 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFY98CY2YVyggGLeAbDV8ar/PXW0sOfH78h7Uor9zXD3xjSJRiEh9rmijJ2dx5XASHXOijwJw== X-Received: by 2002:a05:620a:1921:b0:7d0:98a1:7aba with SMTP id af79cd13be357-7d22987fa6emr771839185a.17.1749278411587; Fri, 06 Jun 2025 23:40:11 -0700 (PDT) Received: from [127.0.1.1] (dyn-160-39-33-242.dyn.columbia.edu. [160.39.33.242]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6fb09ac95e5sm24461256d6.43.2025.06.06.23.40.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Jun 2025 23:40:11 -0700 (PDT) From: Tal Zussman Date: Sat, 07 Jun 2025 02:40:03 -0400 Subject: [PATCH v2 4/4] userfaultfd: remove UFFD_CLOEXEC, UFFD_NONBLOCK, and UFFD_FLAGS_SET Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250607-uffd-fixes-v2-4-339dafe9a2fe@columbia.edu> References: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> In-Reply-To: <20250607-uffd-fixes-v2-0-339dafe9a2fe@columbia.edu> To: Andrew Morton , Peter Xu , "Jason A. Donenfeld" , David Hildenbrand , Alexander Viro , Christian Brauner , Jan Kara , Andrea Arcangeli Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Tal Zussman X-Mailer: b4 0.14.3-dev-d7477 X-Developer-Signature: v=1; a=ed25519-sha256; t=1749278406; l=1546; i=tz2294@columbia.edu; s=20250528; h=from:subject:message-id; bh=BCiqmyiBck+kr/OASD2ROBkgeX+5AW3Pps9lr6jrizo=; b=ejkjZoE1iwXmZVjGzc4EEQx+Dppi+NjcO9zdi6poqefulL2rmdjseAjaKNWamrHSbTvuzD+FU fLY2ZocKMooBdDYNZGuFJ7IfSw+VD6eiII8yG3hEK03A2qopBgdanbr X-Developer-Key: i=tz2294@columbia.edu; a=ed25519; pk=BIj5KdACscEOyAC0oIkeZqLB3L94fzBnDccEooxeM5Y= X-Proofpoint-ORIG-GUID: tqVIK7IBCsQnnDrDB-DwaFE4mp-fomvT X-Proofpoint-GUID: tqVIK7IBCsQnnDrDB-DwaFE4mp-fomvT X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjA3MDA0NyBTYWx0ZWRfXz+6uoHchrR2P WvRGNs+ho65IdcHjqTUO2qC96SawnHwh2P8o+2XNjpVpR/cB6TDEFw4rI+FPBKULT8sDQbfgP1C KALNZ4ldI/DpW2tRqTJf1VTuZcR66Hyk1lihf6zyhmrCtNCAm6JrVhGMjl8HE26JCxyLH8j/Xj3 U+f56HoFTsi5VeqS0/2KpADT7zHwjxu3nheQz4LLV6iQBg21tbgUIES8puvE+SIiPXLpkSr1SDY hxZhWil3Gwu8IsLmPO5TD/cEZUDrVeiak+yRO/ga5gNsXqGFEopCN/m1xafKqdr65u6q1d77Uzu Hen0oso8k8CIUprSwTjQTe/gVKo6lFfaw7cHz8U1WOmprDX+1MlcxJWhEo0xiE+Q36XoKJfZN3O A1GwRJc6 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-06-07_03,2025-06-05_01,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 suspectscore=0 phishscore=0 impostorscore=0 lowpriorityscore=10 malwarescore=0 adultscore=0 clxscore=1015 spamscore=0 mlxlogscore=508 bulkscore=10 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2505160000 definitions=main-2506070047 UFFD_CLOEXEC, UFFD_NONBLOCK, and UFFD_FLAGS_SET have been unused since they were added in commit 932b18e0aec6 ("userfaultfd: linux/userfaultfd_k.h"). Remove them and the associated BUILD_BUG_ON() checks. Acked-by: David Hildenbrand Acked-by: Peter Xu Signed-off-by: Tal Zussman --- fs/userfaultfd.c | 2 -- include/linux/userfaultfd_k.h | 4 ---- 2 files changed, 6 deletions(-) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index 10e8037f5216..ef054b3154b2 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -2118,8 +2118,6 @@ static int new_userfaultfd(int flags) =20 /* Check the UFFD_* constants for consistency. */ BUILD_BUG_ON(UFFD_USER_MODE_ONLY & UFFD_SHARED_FCNTL_FLAGS); - BUILD_BUG_ON(UFFD_CLOEXEC !=3D O_CLOEXEC); - BUILD_BUG_ON(UFFD_NONBLOCK !=3D O_NONBLOCK); =20 if (flags & ~(UFFD_SHARED_FCNTL_FLAGS | UFFD_USER_MODE_ONLY)) return -EINVAL; diff --git a/include/linux/userfaultfd_k.h b/include/linux/userfaultfd_k.h index f3b3d2c9dd5e..ccad58602846 100644 --- a/include/linux/userfaultfd_k.h +++ b/include/linux/userfaultfd_k.h @@ -30,11 +30,7 @@ * from userfaultfd, in order to leave a free define-space for * shared O_* flags. */ -#define UFFD_CLOEXEC O_CLOEXEC -#define UFFD_NONBLOCK O_NONBLOCK - #define UFFD_SHARED_FCNTL_FLAGS (O_CLOEXEC | O_NONBLOCK) -#define UFFD_FLAGS_SET (EFD_SHARED_FCNTL_FLAGS) =20 /* * Start with fault_pending_wqh and fault_wqh so they're more likely --=20 2.39.5