From nobody Sat Oct 4 22:34:45 2025 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E8B82E172D for ; Tue, 12 Aug 2025 06:04:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978658; cv=none; b=ZZhm9elWqk8b6rShU6xAYqgjlBUpJ3ImJVIK2EczHp78KfYuayippJpVe/+y8+AF+yiRfJDI37IIdrtwGdC3JNno/Kn7XgnbGFNjUhFGQl7D6hgmBDB+R7+QVVOjGDecp8+NGDGy3hhEevbLA1tfTGNhBsGuCUFeALm8VQdsgqw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978658; c=relaxed/simple; bh=D0IzAfqgShPNK81hQ1qUaUOduUDu0f9dl2cjMrjUGg8=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=lzInQH3fONH+tfugDiE7IIDdlmiKQUcPDqGDJQ3vq5z+SvqujRo1UV27samztIW5KXY9Ex6hHYalaWcW45GhEfh88bQRO8UGzktEXBTTQ1RNbnl0rjFCQblE6lHJhG7UPyQdmFJ8RtYCppoNEAtL8hJn2m4jLuUI/3ApUTpt7UE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=tU0Y4+Md; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=3be0Ykmb; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="tU0Y4+Md"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="3be0Ykmb" From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1754978654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ALJaNJ8540HEYWlpNQvd+ayXDrF9e8M8cKhQ2Rmv6S4=; b=tU0Y4+MdjHGZWtBJArfZUlD7hg3pXwl+sC5Cf9d2ar+llmpzQQYLwpd3HVj4FY/gWiJVOC gRjSo6sPvrPFFu2lz+V8U6+xzwrzw5hRrt+6Nk/7db1oNbIn3EtAnUOImSCYyGRbBFKFuc PbBMXbqkvnFmR1k8bmKERLW7fyFckmbc92WFzEsrxjmXj9CaAJVb0Dn3MFiLwiOaJMq2Aw UkTvTvlypLKB0jrw+7zfEI8Y/X6dLz0a2HOnkq9XlMxJHVcdo3Ejdz77L7SXbzdqHeJ5++ qiogfjoFmHaJeCAGjUYuERW+OG29ue6FsN2ByL9Ya9bgxPdzna8KuMM+d3SvHA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1754978654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ALJaNJ8540HEYWlpNQvd+ayXDrF9e8M8cKhQ2Rmv6S4=; b=3be0YkmbbqT9gNyF5AEvkulG5jybVz21JBx0lvcowrAT9BfHYTu2ty3hmNt9lQabStfE/6 XzIm9SOHnRa6k8Aw== Date: Tue, 12 Aug 2025 08:04:03 +0200 Subject: [PATCH 1/3] vdso/datastore: Explicitly prevent remote access to timens vvar page Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250812-vdso-mlockall-v1-1-2f49ba7cf819@linutronix.de> References: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> In-Reply-To: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> To: Anna-Maria Behnsen , Frederic Weisbecker , Thomas Gleixner , Andy Lutomirski , Vincenzo Frascino Cc: Nam Cao , linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Developer-Signature: v=1; a=ed25519-sha256; t=1754978653; l=2367; i=thomas.weissschuh@linutronix.de; s=20240209; h=from:subject:message-id; bh=D0IzAfqgShPNK81hQ1qUaUOduUDu0f9dl2cjMrjUGg8=; b=u5/9pw939fgynkuKPF9SWlMTiIy5+Rhf7YuluSIgzyyLF1LPFbvbumERddIMfiHrjvUNVFMXt wNLB/B9Nh3IDktiGc7AZHXciZ5RgRojDpHTBzDQuVRjhp6yepUXa46g X-Developer-Key: i=thomas.weissschuh@linutronix.de; a=ed25519; pk=pfvxvpFUDJV2h2nY0FidLUml22uGLSjByFbM6aqQQws= The fault handler for the timens page does not have access to the target task and therefore can not be invoked remotely. Currently the handler relies on the fact that the vvar mapping is marked as VM_IO and VM_PFNMAP for which the mm core always prevents remote access. However the VM_IO and VM_PFNMAP flags are going to be removed. Add an explicit check to prevent remote access to the mapping. Move the call to find_timens_vvar_page() after the check to avoid hitting the WARN() in that function. Signed-off-by: Thomas Wei=C3=9Fschuh --- kernel/time/namespace.c | 7 ++----- lib/vdso/datastore.c | 7 ++++++- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index 667452768ed3b50e48e3cfb70f8ef68e4bed9e0b..e225547021b73230e3c820cd916= 35e0483821c49 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -198,11 +198,8 @@ struct page *find_timens_vvar_page(struct vm_area_stru= ct *vma) return current->nsproxy->time_ns->vvar_page; =20 /* - * VM_PFNMAP | VM_IO protect .fault() handler from being called - * through interfaces like /proc/$pid/mem or - * process_vm_{readv,writev}() as long as there's no .access() - * in special_mapping_vmops(). - * For more details check_vma_flags() and __access_remote_vm() + * vvar_fault() protects this from being called through remote interfaces= like + * /proc/$pid/mem or process_vm_{readv,writev}(). */ =20 WARN(1, "vvar_page accessed remotely"); diff --git a/lib/vdso/datastore.c b/lib/vdso/datastore.c index 3693c6caf2c4d41a526613d5fb746cb3a981ea2e..ed1aa3e27b13f8b48d18dad9488= e0798f49cb338 100644 --- a/lib/vdso/datastore.c +++ b/lib/vdso/datastore.c @@ -40,10 +40,15 @@ struct vdso_arch_data *vdso_k_arch_data =3D &vdso_arch_= data_store.data; static vm_fault_t vvar_fault(const struct vm_special_mapping *sm, struct vm_area_struct *vma, struct vm_fault *vmf) { - struct page *timens_page =3D find_timens_vvar_page(vma); + struct page *timens_page; unsigned long addr, pfn; vm_fault_t err; =20 + if (unlikely(vmf->flags & FAULT_FLAG_REMOTE)) + return VM_FAULT_SIGBUS; + + timens_page =3D find_timens_vvar_page(vma); + switch (vmf->pgoff) { case VDSO_TIME_PAGE_OFFSET: if (!IS_ENABLED(CONFIG_HAVE_GENERIC_VDSO)) --=20 2.50.1 From nobody Sat Oct 4 22:34:45 2025 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E8442E11BF for ; Tue, 12 Aug 2025 06:04:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978657; cv=none; b=p2dM6zWc1f/I2Tw8mrbsJxCslKuH2AF+0ND8S63sa0gYIBzpAtXFX8uCpmsaoSDT75rYpjOmXEQPLgZVtOVp6kgihVErsSa1ZtS7CXZavT3vqRfI2J/yPKWSPjzmtje1W730+l/1Uc/v+ZtRly8E9XngSR+kdwXU7+AB4JtoOAE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978657; c=relaxed/simple; bh=F4c2RtrLgfxY8WVt3OaY1o0yZJL+GJ7wPZPEm2SM7ws=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=YyRBhlIEMfqQjdn75OVsRzmg5YLrijV7gd79hllxoeF39uOD4R5+xZYpNZb88pl6LYrYPfSN0ocJgEZ0NYghFMZyjEPY7mFf011JVot4wWTfDVlMT9oNNUvOQORQlhlEs5B8PRsa51X6EPISWcjsAMBYEKGRNZHGfYHpWvysiR8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=aHvFf4Yl; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=6FzP3Bck; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="aHvFf4Yl"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="6FzP3Bck" From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1754978654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2BoFYp3/nAMH+ixxD2t0VNLuyUFKS/Uzah6o0Jl1bck=; b=aHvFf4Ylm1RNilOxUVR6vG04ZVR2tc12wymkTjPgPQESodt32vnXjpGeDkzIEvqaQOnNGI Zb/HlxglYluJWdupCHJwhoDfucTLj0muhfwrDQpZU+Id0ZYTfIRqxK4qNpRNeUQvgz/ibp NhZXaQr49H2O6gcrD2Y3bqB+SCWdm/3RhrVwnSyRecaiLZ6adLl5GBO+IhNvKq47F2Toc5 nlmujIINfmMfxRPBB/DQwo1q3ArcRVjk7yz64I9rXjPM0ucZ/YjdHW6rzHxVb7w52WYcY2 0+uHMlpHVcajfHVtA7oG92GUQqtrF2d9MdeCV/Qk4VMG8AuVIg8EeyJvRXGSww== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1754978654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2BoFYp3/nAMH+ixxD2t0VNLuyUFKS/Uzah6o0Jl1bck=; b=6FzP3BckI+GcO+EKU6ejSg9XooL5Q8QwUzw3N5MfAmwQLg3NN8qGSweUyJtJVHTCk01b/S 0E76NLdgVFUk2rBQ== Date: Tue, 12 Aug 2025 08:04:04 +0200 Subject: [PATCH 2/3] vdso/datastore: Allow prefaulting by mlockall() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250812-vdso-mlockall-v1-2-2f49ba7cf819@linutronix.de> References: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> In-Reply-To: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> To: Anna-Maria Behnsen , Frederic Weisbecker , Thomas Gleixner , Andy Lutomirski , Vincenzo Frascino Cc: Nam Cao , linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Developer-Signature: v=1; a=ed25519-sha256; t=1754978653; l=4076; i=thomas.weissschuh@linutronix.de; s=20240209; h=from:subject:message-id; bh=F4c2RtrLgfxY8WVt3OaY1o0yZJL+GJ7wPZPEm2SM7ws=; b=VKuUFSsfBhEGjYbfGFRXla2fgYp6pnaviA1WyEgaAl9QqiKNOMI8JQSAf7UmSSMqCHCxML5C9 NzABalqx3FyCYDh7iqQ21ifcpAC6Q1HSB9rDKwKLzhKJEVG7JnxIX0S X-Developer-Key: i=thomas.weissschuh@linutronix.de; a=ed25519; pk=pfvxvpFUDJV2h2nY0FidLUml22uGLSjByFbM6aqQQws= Latency-sensitive applications expect not to experience any pagefaults after calling mlockall(). However mlockall() ignores VM_PFNMAP and VM_IO mappings, both of which are used by the generic vDSO datastore. While the fault handler itself is very fast, going through the full pagefault exception handling is much slower, on the order of 20us in a test machine. Since the memory behind the datastore mappings is always present and accessible it is not necessary to use VM_IO for them. VM_PFNMAP can be removed by mapping the pages through 'struct page' instead of PFNs. VM_MIXEDMAP is necessary to call vmf_insert_page() in the timens optimization path. The data page mapping is now also aligned with the architecture-specific code pages. Some architecture-specific data pages, like the x86 VCLOCK pages, continue to use VM_IO as they are not always mappable. Regular mlock() would also work, but userspace does not know the boundaries of the vDSO. Signed-off-by: Thomas Wei=C3=9Fschuh Tested-by: Nam Cao --- lib/vdso/datastore.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/vdso/datastore.c b/lib/vdso/datastore.c index ed1aa3e27b13f8b48d18dad9488e0798f49cb338..9a1af01f1c4db95255dd67b5912= 9791cc39d37c0 100644 --- a/lib/vdso/datastore.c +++ b/lib/vdso/datastore.c @@ -40,8 +40,8 @@ struct vdso_arch_data *vdso_k_arch_data =3D &vdso_arch_da= ta_store.data; static vm_fault_t vvar_fault(const struct vm_special_mapping *sm, struct vm_area_struct *vma, struct vm_fault *vmf) { - struct page *timens_page; - unsigned long addr, pfn; + struct page *page, *timens_page; + unsigned long addr; vm_fault_t err; =20 if (unlikely(vmf->flags & FAULT_FLAG_REMOTE)) @@ -53,17 +53,17 @@ static vm_fault_t vvar_fault(const struct vm_special_ma= pping *sm, case VDSO_TIME_PAGE_OFFSET: if (!IS_ENABLED(CONFIG_HAVE_GENERIC_VDSO)) return VM_FAULT_SIGBUS; - pfn =3D __phys_to_pfn(__pa_symbol(vdso_k_time_data)); + page =3D virt_to_page(vdso_k_time_data); if (timens_page) { /* * Fault in VVAR page too, since it will be accessed * to get clock data anyway. */ addr =3D vmf->address + VDSO_TIMENS_PAGE_OFFSET * PAGE_SIZE; - err =3D vmf_insert_pfn(vma, addr, pfn); + err =3D vmf_insert_page(vma, addr, page); if (unlikely(err & VM_FAULT_ERROR)) return err; - pfn =3D page_to_pfn(timens_page); + page =3D timens_page; } break; case VDSO_TIMENS_PAGE_OFFSET: @@ -76,24 +76,25 @@ static vm_fault_t vvar_fault(const struct vm_special_ma= pping *sm, */ if (!IS_ENABLED(CONFIG_TIME_NS) || !timens_page) return VM_FAULT_SIGBUS; - pfn =3D __phys_to_pfn(__pa_symbol(vdso_k_time_data)); + page =3D virt_to_page(vdso_k_time_data); break; case VDSO_RNG_PAGE_OFFSET: if (!IS_ENABLED(CONFIG_VDSO_GETRANDOM)) return VM_FAULT_SIGBUS; - pfn =3D __phys_to_pfn(__pa_symbol(vdso_k_rng_data)); + page =3D virt_to_page(vdso_k_rng_data); break; case VDSO_ARCH_PAGES_START ... VDSO_ARCH_PAGES_END: if (!IS_ENABLED(CONFIG_ARCH_HAS_VDSO_ARCH_DATA)) return VM_FAULT_SIGBUS; - pfn =3D __phys_to_pfn(__pa_symbol(vdso_k_arch_data)) + - vmf->pgoff - VDSO_ARCH_PAGES_START; + page =3D nth_page(virt_to_page(vdso_k_arch_data), vmf->pgoff - VDSO_ARCH= _PAGES_START); break; default: return VM_FAULT_SIGBUS; } =20 - return vmf_insert_pfn(vma, vmf->address, pfn); + get_page(page); + vmf->page =3D page; + return 0; } =20 const struct vm_special_mapping vdso_vvar_mapping =3D { @@ -104,8 +105,8 @@ const struct vm_special_mapping vdso_vvar_mapping =3D { struct vm_area_struct *vdso_install_vvar_mapping(struct mm_struct *mm, uns= igned long addr) { return _install_special_mapping(mm, addr, VDSO_NR_PAGES * PAGE_SIZE, - VM_READ | VM_MAYREAD | VM_IO | VM_DONTDUMP | - VM_PFNMAP | VM_SEALED_SYSMAP, + VM_READ | VM_MAYREAD | VM_DONTDUMP | + VM_MIXEDMAP | VM_SEALED_SYSMAP, &vdso_vvar_mapping); } =20 --=20 2.50.1 From nobody Sat Oct 4 22:34:45 2025 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1D2942E2DC0 for ; Tue, 12 Aug 2025 06:04:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978659; cv=none; b=q+LwtGqIXgKRgLKu6gaxy2JZo1G7UKWYw69/rgibp/oBH2XM4z30TjYrwQmUYqZT7gfR72rQd9xbtXdZIxizkBFmPRVwpo3PWIamFiELYyTU7KCjYRt7a5XHqnrTYV8yQSO6pKFE/lao5KS+vUos8lM6kK1N5X4H0zLDF9HUsG8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1754978659; c=relaxed/simple; bh=YhAVmLob2r3m/TDgX7akXdJLfhPN9FU8OJsenYX+ClQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=IPz4HHJjvGJlrCC/xSbIEzjd7bijrOt4qVzxcviDH91kLpTPf80YJkli9w/A4SyZYE4XsgaRQjkdo+VuWSLk1wWeUrG8b2fGnYkeWYpXxCnAtq37zG8FLORep+bvYboAnpjK+1y6vNuD9SjGAd6YroePqCcNImUEa0dulvkgfyA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=ozkuieXa; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=BEdvmHZO; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="ozkuieXa"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="BEdvmHZO" From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1754978655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ISIgftNVyNNITbUXGBMLzJvMM4NMCZDrcphSDhcrtiE=; b=ozkuieXaFtkLvkgCWcvwRbeMQV3oupsNJpWAl7NV+A5BccvhvHMjUyrldR2VhD1tui12yF XTaYLCgiaQJzHREODw7577nOMlyOiOnWc9CU59Ra0pB9f/Gf89aCBKu3Mf5uCFdL5tMeQY 4EG6uNurXo+ovlBWLPrIuOUbkhqOdAssbHArZwIW7+Cw7y0E1/bZDIO6TPkBI8MF83zSHe mj3Tsa8KAQ29BWwgb2IPLphPNS8VErucWzDk8jqWyapWSDFDZ4yg/eTAJkartLeNKvM9dB jZHER3UwYO5oeDjblFcat/3OOmFUOzXM9blPdH+a7E2gy6tcqRAWgyI/X5nYMQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1754978655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ISIgftNVyNNITbUXGBMLzJvMM4NMCZDrcphSDhcrtiE=; b=BEdvmHZODcLauUH+kPEH5DjjMAsdVAW1wibdiUegBCDDW7NZWIinCy59bF9QQT9XlqDgbz G0xdKQk3quLrcFCQ== Date: Tue, 12 Aug 2025 08:04:05 +0200 Subject: [PATCH 3/3] vdso/datastore: Map zero page for unavailable data Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250812-vdso-mlockall-v1-3-2f49ba7cf819@linutronix.de> References: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> In-Reply-To: <20250812-vdso-mlockall-v1-0-2f49ba7cf819@linutronix.de> To: Anna-Maria Behnsen , Frederic Weisbecker , Thomas Gleixner , Andy Lutomirski , Vincenzo Frascino Cc: Nam Cao , linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Developer-Signature: v=1; a=ed25519-sha256; t=1754978653; l=2181; i=thomas.weissschuh@linutronix.de; s=20240209; h=from:subject:message-id; bh=YhAVmLob2r3m/TDgX7akXdJLfhPN9FU8OJsenYX+ClQ=; b=rYdb7of0OTPKDWQlwKW5dp17mN0QwqK5uqg+82l0W+jrGor5s5s806iigihsokQYmRdFXPJEG PqzQxyqWouRCXa0yPmQOwRHdA38xDUXa0+lIevIDQAoioC1aAw7Dhdl X-Developer-Key: i=thomas.weissschuh@linutronix.de; a=ed25519; pk=pfvxvpFUDJV2h2nY0FidLUml22uGLSjByFbM6aqQQws= mlockall() stops if a page in a VMA is unmappable. As the datastore VMA can contain holes, mlockall() does not process all data pages correctly. Replace the mapping error VM_FAULT_SIGBUS with a mapping of the zero page. The vDSO will not access these pages in any case and for other userspace these pages have undefined contents. This will allow mlockall() to process all pages within the VMA. Signed-off-by: Thomas Wei=C3=9Fschuh --- lib/vdso/datastore.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/vdso/datastore.c b/lib/vdso/datastore.c index 9a1af01f1c4db95255dd67b59129791cc39d37c0..32b65b407b985d98b40374d8af6= ebd3cbe2ef4fa 100644 --- a/lib/vdso/datastore.c +++ b/lib/vdso/datastore.c @@ -40,7 +40,7 @@ struct vdso_arch_data *vdso_k_arch_data =3D &vdso_arch_da= ta_store.data; static vm_fault_t vvar_fault(const struct vm_special_mapping *sm, struct vm_area_struct *vma, struct vm_fault *vmf) { - struct page *page, *timens_page; + struct page *page =3D ZERO_PAGE(0), *timens_page; unsigned long addr; vm_fault_t err; =20 @@ -52,7 +52,7 @@ static vm_fault_t vvar_fault(const struct vm_special_mapp= ing *sm, switch (vmf->pgoff) { case VDSO_TIME_PAGE_OFFSET: if (!IS_ENABLED(CONFIG_HAVE_GENERIC_VDSO)) - return VM_FAULT_SIGBUS; + break; page =3D virt_to_page(vdso_k_time_data); if (timens_page) { /* @@ -75,17 +75,17 @@ static vm_fault_t vvar_fault(const struct vm_special_ma= pping *sm, * See also the comment near timens_setup_vdso_data(). */ if (!IS_ENABLED(CONFIG_TIME_NS) || !timens_page) - return VM_FAULT_SIGBUS; + break; page =3D virt_to_page(vdso_k_time_data); break; case VDSO_RNG_PAGE_OFFSET: if (!IS_ENABLED(CONFIG_VDSO_GETRANDOM)) - return VM_FAULT_SIGBUS; + break; page =3D virt_to_page(vdso_k_rng_data); break; case VDSO_ARCH_PAGES_START ... VDSO_ARCH_PAGES_END: if (!IS_ENABLED(CONFIG_ARCH_HAS_VDSO_ARCH_DATA)) - return VM_FAULT_SIGBUS; + break; page =3D nth_page(virt_to_page(vdso_k_arch_data), vmf->pgoff - VDSO_ARCH= _PAGES_START); break; default: --=20 2.50.1