Re: [PATCHv2 1/2] mm/memory: Do not populate page table entries beyond i_size

From: Hugh Dickins
Date: Mon Oct 27 2025 - 04:21:10 EST

Next message: Leon Romanovsky: "Re: [PATCH v3 2/2] block-dma: properly take MMIO path"
Previous message: Andy Shevchenko: "Re: [PATCH] crypto: qat - use strscpy_pad to simplify buffer initialization"
In reply to: David Hildenbrand: "Re: [PATCHv2 1/2] mm/memory: Do not populate page table entries beyond i_size"
Next in thread: Kiryl Shutsemau: "Re: [PATCHv2 1/2] mm/memory: Do not populate page table entries beyond i_size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 23 Oct 2025, Kiryl Shutsemau wrote:

> From: Kiryl Shutsemau <kas@xxxxxxxxxx>
>
> Accesses within VMA, but beyond i_size rounded up to PAGE_SIZE are
> supposed to generate SIGBUS.
>
> Recent changes attempted to fault in full folio where possible. They did
> not respect i_size, which led to populating PTEs beyond i_size and
> breaking SIGBUS semantics.
>
> Darrick reported generic/749 breakage because of this.
>
> However, the problem existed before the recent changes. With huge=always
> tmpfs, any write to a file leads to PMD-size allocation. Following the
> fault-in of the folio will install PMD mapping regardless of i_size.
>
> Fix filemap_map_pages() and finish_fault() to not install:
> - PTEs beyond i_size;
> - PMD mappings across i_size;

Sorry for coming in late as usual, and complicating matters.

>
> Signed-off-by: Kiryl Shutsemau <kas@xxxxxxxxxx>
> Fixes: 19773df031bc ("mm/fault: try to map the entire file folio in finish_fault()")
> Fixes: 357b92761d94 ("mm/filemap: map entire large folio faultaround")

ACK to restoring the correct POSIX behaviour to those filesystems
which are being given large folios beyond EOF transparently,
without any huge= mount option to permit it.

> Fixes: 800d8c63b2e9 ("shmem: add huge pages support")

But NAK to regressing the intentional behaviour of huge=always
on shmem/tmpfs: the page size, whenever possible, is PMD-sized. In
6.18-rc huge=always is currently (thanks to Baolin) behaving correctly
again, as it had done for nine years: I insist we do not re-break it.

Andrew, please drop this version (and no need to worry about backports).

I'm guessing that yet another ugly shmem_file() or shmem_mapping()
exception should be good enough - I doubt you need to consider the
huge= option, just go by whether there is a huge folio already there -
though that would have an implication for the following patch.

(But what do I mean by "huge folio" above? Do I mean large or do
I mean pmd_mappable? It's the huge=always pmd_mappable folios I
care not to break, the mTHPy ones can be argued either way.)

Hugh

Next message: Leon Romanovsky: "Re: [PATCH v3 2/2] block-dma: properly take MMIO path"
Previous message: Andy Shevchenko: "Re: [PATCH] crypto: qat - use strscpy_pad to simplify buffer initialization"
In reply to: David Hildenbrand: "Re: [PATCHv2 1/2] mm/memory: Do not populate page table entries beyond i_size"
Next in thread: Kiryl Shutsemau: "Re: [PATCHv2 1/2] mm/memory: Do not populate page table entries beyond i_size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]