Re: [PATCH 0/3] RISC-V: mm: correct mmap behavior in sv48 address space

From: Yangyu Chen
Date: Fri Jan 19 2024 - 11:42:48 EST

Next message: Conor Dooley: "Re: [PATCH v3 1/3] dt-bindings: mailbox: Add mediatek,gce-props.yaml"
Previous message: syzbot: "Re: [syzbot] [kvm?] KMSAN: uninit-value in em_ret_far"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Friendly ping. There are already 5 days since this patch was submitted but there are no comments now. The previous buggy patch has already been in the mainline kernel since the v6.6 release and breaks some userspace software that relies on mmap to create mapping on the hint address without MAP_FIXED set. I think this fix should go to the kernel ASAP.

Thanks,
Yangyu Chen

On 1/15/24 03:55, Yangyu Chen wrote:

Previous patch series [1] violates the principle of mmap syscall as it uses
hint address as the largest address space to use rather than where to
create the mapping, thus broke the possibility to mmap in sv48, sv57
address space without a MAP_FIXED flag. This patchset corrects the behavior
of mmap syscall and use the behavior of x86 5-stage-paging as a reference.

I first noticed this issue when I was trying to run box64 on a sv48 system
with commit previous than [2]. Then I reported this through private
communication, then a box64 contributor did some investigation and found
that trying to mmap in sv48 address space without MAP_FIXED flag will
always return a random address in sv39. I review the changelog with some
tests on qemu and found this issue was introduced from [1]. After reviewing
the code, tests and docs, I think the original author might misunderstand
the meaning of hint address in mmap syscall. Then I did some investigation
on other ISAs like x86 which has 5-stage-paging and found that it has
addressed the same issue if some userspace software assumes the pointer
size should smaller than 47 bits and also solved in kernel by limiting the
mmap in maximum 47 bits address space by default.

Finally I correct the behavior of mmap syscall as x86 5-stage-paging does,
and migreate the documentation from x86-64 kernel to riscv kernel.

[1]. https://lore.kernel.org/linux-riscv/20230809232218.849726-1-charlie@xxxxxxxxxxxx/
[2]. https://github.com/ptitSeb/box64/commit/5b700cb6e6f397d2074c49659f7f9915f4a33c5f

Yangyu Chen (3):
RISC-V: mm: fix mmap behavior in sv48 address space
RISC-V: mm: only test mmap without hint
Documentation: riscv: correct sv57 kernel behavior

Documentation/arch/riscv/vm-layout.rst | 48 +++++++++++--------
arch/riscv/include/asm/processor.h | 39 ++++-----------
.../selftests/riscv/mm/mmap_bottomup.c | 12 -----
.../testing/selftests/riscv/mm/mmap_default.c | 12 -----
tools/testing/selftests/riscv/mm/mmap_test.h | 30 ------------
5 files changed, 36 insertions(+), 105 deletions(-)

Next message: Conor Dooley: "Re: [PATCH v3 1/3] dt-bindings: mailbox: Add mediatek,gce-props.yaml"
Previous message: syzbot: "Re: [syzbot] [kvm?] KMSAN: uninit-value in em_ret_far"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]