Re: [PATCH v2 09/14] mm/userfaultfd: add RWP fault delivery and expose UFFDIO_REGISTER_MODE_RWP

[Kiryl Shutsemau]

On Tue, May 12, 2026 at 08:29:02PM +0300, Mike Rapoport wrote:
> On Fri, May 08, 2026 at 04:55:21PM +0100, Kiryl Shutsemau (Meta) wrote:
> > Wire the fault side of read-write protection tracking and turn the
> > userspace interface on.
> > 
> > An RWP-protected PTE is PAGE_NONE with the uffd bit set. The
> > PROT_NONE triggers a fault on any access; the uffd bit distinguishes
> > it from plain mprotect(PROT_NONE) or NUMA hinting.
> > 
> > Fault dispatch, per level:
> > 
> >   PTE     handle_pte_fault()    -> do_uffd_rwp()
> >   PMD     __handle_mm_fault()   -> do_huge_pmd_uffd_rwp()
> >   hugetlb hugetlb_fault()       -> hugetlb_handle_userfault()
> > 
> > The RWP branches gate on userfaultfd_pte_rwp() / userfaultfd_huge_pmd_rwp()
> > (VM_UFFD_RWP plus the uffd bit) and fall through to do_numa_page() /
> > do_huge_pmd_numa_page() otherwise. Each delivers a
> > UFFD_PAGEFAULT_FLAG_RWP message through handle_userfault(); the handler
> > resolves it with UFFDIO_RWPROTECT clearing MODE_RWP.
> > 
> > userfaultfd_must_wait() and userfaultfd_huge_must_wait() add matching
> > protnone+uffd waiters so sync-mode fault handlers block correctly.
> > 
> > Expose the UAPI:
> > 
> >   UFFDIO_REGISTER_MODE_RWP   -> UFFD_API_REGISTER_MODES
> >   UFFD_FEATURE_RWP           -> UFFD_API_FEATURES
> >   _UFFDIO_RWPROTECT          -> UFFD_API_RANGE_IOCTLS
> >                                 UFFD_API_RANGE_IOCTLS_BASIC
> > 
> > UFFD_FEATURE_RWP is masked out at UFFDIO_API time when PROT_NONE is
> > not available or VM_UFFD_RWP aliases VM_NONE (32-bit), so userspace
> > never sees an advertised-but-broken feature.
> > 
> > Works on anonymous, shmem, and hugetlb memory.
> > 
> > Signed-off-by: Kiryl Shutsemau <kas@xxxxxxxxxx>
> > Assisted-by: Claude:claude-opus-4-6
> 
> A small nit below, other than that
> 
> Reviewed-by: Mike Rapoport (Microsoft) <rppt@xxxxxxxxxx>

Thanks!

> > @@ -347,6 +359,14 @@ static inline bool userfaultfd_must_wait(struct userfaultfd_ctx *ctx,
> >  	 */
> >  	if (!pte_write(ptent) && (reason & VM_UFFD_WP))
> >  		goto out;
> > +	/*
> > +	 * PTE is still RW-protected (protnone with uffd bit), wait for
> > +	 * userspace to resolve. Plain PROT_NONE without the marker is not
> > +	 * an RWP fault.
> > +	 */
> > +	if (pte_protnone(ptent) && pte_uffd(ptent) &&
> > +	    (reason & VM_UFFD_RWP))
> 
> Nit: this fits even in 80-chars line

Ack.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov