Re: [PATCH v4 1/2] mm/userfaultfd: Support WP on multiple VMAs

From: Peter Xu
Date: Thu Feb 16 2023 - 15:26:47 EST


On Thu, Feb 16, 2023 at 10:37:36AM +0100, David Hildenbrand wrote:
> On 16.02.23 10:16, Muhammad Usama Anjum wrote:
> > mwriteprotect_range() errors out if [start, end) doesn't fall in one
> > VMA. We are facing a use case where multiple VMAs are present in one
> > range of interest. For example, the following pseudocode reproduces the
> > error which we are trying to fix:
> > - Allocate memory of size 16 pages with PROT_NONE with mmap
> > - Register userfaultfd
> > - Change protection of the first half (1 to 8 pages) of memory to
> > PROT_READ | PROT_WRITE. This breaks the memory area in two VMAs.
> > - Now UFFDIO_WRITEPROTECT_MODE_WP on the whole memory of 16 pages errors
> > out.
>
> I think, in QEMU, with partial madvise()/mmap(MAP_FIXED) while handling
> memory remapping during reboot to discard pages with memory errors, it would
> be possible that we get multiple VMAs and could not enable uffd-wp for
> background snapshots anymore. So this change makes sense to me.

Any pointer for this one?

>
> Especially, because userfaultfd_register() seems to already properly handle
> multi-VMA ranges correctly. It traverses the VMA list twice ... but also
> holds the mmap lock in write mode.
>
> >
> > This is a simple use case where user may or may not know if the memory
> > area has been divided into multiple VMAs.
> >
> > We need an implementation which doesn't disrupt the already present
> > users. So keeping things simple, stop going over all the VMAs if any one
> > of the VMA hasn't been registered in WP mode. While at it, remove the
> > un-needed error check as well.
> >
> > Reported-by: Paul Gofman <pgofman@xxxxxxxxxxxxxxx>
> > Signed-off-by: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
> > ---
>
>
> Acked-by: David Hildenbrand <david@xxxxxxxxxx>

Acked-by: Peter Xu <peterx@xxxxxxxxxx>

Thanks,

--
Peter Xu