https://github.com/torvalds/linux
Revision 9e368259ad988356c4c95150fafd1a06af095d98 authored by Andrea Arcangeli on 30 November 2018, 22:09:25 UTC, committed by Linus Torvalds on 30 November 2018, 22:56:14 UTC
Patch series "userfaultfd shmem updates".
Jann found two bugs in the userfaultfd shmem MAP_SHARED backend: the
lack of the VM_MAYWRITE check and the lack of i_size checks.
Then looking into the above we also fixed the MAP_PRIVATE case.
Hugh by source review also found a data loss source if UFFDIO_COPY is
used on shmem MAP_SHARED PROT_READ mappings (the production usages
incidentally run with PROT_READ|PROT_WRITE, so the data loss couldn't
happen in those production usages like with QEMU).
The whole patchset is marked for stable.
We verified QEMU postcopy live migration with guest running on shmem
MAP_PRIVATE run as well as before after the fix of shmem MAP_PRIVATE.
Regardless if it's shmem or hugetlbfs or MAP_PRIVATE or MAP_SHARED, QEMU
unconditionally invokes a punch hole if the guest mapping is filebacked
and a MADV_DONTNEED too (needed to get rid of the MAP_PRIVATE COWs and
for the anon backend).
This patch (of 5):
We internally used EFAULT to communicate with the caller, switch to
ENOENT, so EFAULT can be used as a non internal retval.
Link: http://lkml.kernel.org/r/20181126173452.26955-2-aarcange@redhat.com
Fixes: 4c27fe4c4c84 ("userfaultfd: shmem: add shmem_mcopy_atomic_pte for userfaultfd support")
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Mike Rapoport <rppt@linux.ibm.com>
Reviewed-by: Hugh Dickins <hughd@google.com>
Cc: Mike Kravetz <mike.kravetz@oracle.com>
Cc: Jann Horn <jannh@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: <stable@vger.kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent 5618cf0
Tip revision: 9e368259ad988356c4c95150fafd1a06af095d98 authored by Andrea Arcangeli on 30 November 2018, 22:09:25 UTC
userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
Tip revision: 9e36825
| File | Mode | Size |
|---|---|---|
| 842 | ||
| fonts | ||
| lz4 | ||
| lzo | ||
| mpi | ||
| raid6 | ||
| reed_solomon | ||
| xz | ||
| zlib_deflate | ||
| zlib_inflate | ||
| zstd | ||
| .gitignore | -rw-r--r-- | 98 bytes |
| Kconfig | -rw-r--r-- | 13.7 KB |
| Kconfig.debug | -rw-r--r-- | 68.3 KB |
| Kconfig.kasan | -rw-r--r-- | 2.5 KB |
| Kconfig.kgdb | -rw-r--r-- | 4.1 KB |
| Kconfig.ubsan | -rw-r--r-- | 1.5 KB |
| Makefile | -rw-r--r-- | 8.9 KB |
| argv_split.c | -rw-r--r-- | 2.1 KB |
| ashldi3.c | -rw-r--r-- | 1.1 KB |
| ashrdi3.c | -rw-r--r-- | 1.2 KB |
| asn1_decoder.c | -rw-r--r-- | 13.4 KB |
| assoc_array.c | -rw-r--r-- | 51.9 KB |
| atomic64.c | -rw-r--r-- | 4.8 KB |
| atomic64_test.c | -rw-r--r-- | 6.6 KB |
| audit.c | -rw-r--r-- | 1.8 KB |
| bcd.c | -rw-r--r-- | 297 bytes |
| bch.c | -rw-r--r-- | 36.1 KB |
| bitmap.c | -rw-r--r-- | 35.8 KB |
| bitrev.c | -rw-r--r-- | 1.9 KB |
| bsearch.c | -rw-r--r-- | 1.5 KB |
| btree.c | -rw-r--r-- | 19.3 KB |
| bucket_locks.c | -rw-r--r-- | 1.4 KB |
| bug.c | -rw-r--r-- | 5.5 KB |
| build_OID_registry | -rwxr-xr-x | 4.7 KB |
| bust_spinlocks.c | -rw-r--r-- | 696 bytes |
| chacha20.c | -rw-r--r-- | 2.5 KB |
| check_signature.c | -rw-r--r-- | 635 bytes |
| checksum.c | -rw-r--r-- | 5.0 KB |
| clz_ctz.c | -rw-r--r-- | 1.3 KB |
| clz_tab.c | -rw-r--r-- | 891 bytes |
| cmdline.c | -rw-r--r-- | 5.1 KB |
| cmpdi2.c | -rw-r--r-- | 1.1 KB |
| compat_audit.c | -rw-r--r-- | 832 bytes |
| cordic.c | -rw-r--r-- | 2.5 KB |
| cpu_rmap.c | -rw-r--r-- | 7.8 KB |
| cpumask.c | -rw-r--r-- | 5.8 KB |
| crc-ccitt.c | -rw-r--r-- | 5.7 KB |
| crc-itu-t.c | -rw-r--r-- | 2.8 KB |
| crc-t10dif.c | -rw-r--r-- | 3.0 KB |
| crc16.c | -rw-r--r-- | 2.8 KB |
| crc32.c | -rw-r--r-- | 9.3 KB |
| crc32defs.h | -rw-r--r-- | 1.6 KB |
| crc32test.c | -rw-r--r-- | 37.5 KB |
| crc4.c | -rw-r--r-- | 1.1 KB |
| crc64.c | -rw-r--r-- | 1.7 KB |
| crc7.c | -rw-r--r-- | 2.6 KB |
| crc8.c | -rw-r--r-- | 2.4 KB |
| ctype.c | -rw-r--r-- | 1.4 KB |
| debug_info.c | -rw-r--r-- | 777 bytes |
| debug_locks.c | -rw-r--r-- | 1.2 KB |
| debugobjects.c | -rw-r--r-- | 29.5 KB |
| dec_and_lock.c | -rw-r--r-- | 1.2 KB |
| decompress.c | -rw-r--r-- | 1.7 KB |
| decompress_bunzip2.c | -rw-r--r-- | 23.5 KB |
| decompress_inflate.c | -rw-r--r-- | 4.5 KB |
| decompress_unlz4.c | -rw-r--r-- | 4.2 KB |
| decompress_unlzma.c | -rw-r--r-- | 15.8 KB |
| decompress_unlzo.c | -rw-r--r-- | 7.1 KB |
| decompress_unxz.c | -rw-r--r-- | 10.9 KB |
| devres.c | -rw-r--r-- | 11.2 KB |
| digsig.c | -rw-r--r-- | 5.7 KB |
| div64.c | -rw-r--r-- | 4.3 KB |
| dump_stack.c | -rw-r--r-- | 3.0 KB |
| dynamic_debug.c | -rw-r--r-- | 25.5 KB |
| dynamic_queue_limits.c | -rw-r--r-- | 4.3 KB |
| earlycpio.c | -rw-r--r-- | 4.0 KB |
| error-inject.c | -rw-r--r-- | 5.4 KB |
| errseq.c | -rw-r--r-- | 6.6 KB |
| extable.c | -rw-r--r-- | 3.2 KB |
| fault-inject.c | -rw-r--r-- | 6.2 KB |
| fdt.c | -rw-r--r-- | 69 bytes |
| fdt_empty_tree.c | -rw-r--r-- | 80 bytes |
| fdt_ro.c | -rw-r--r-- | 72 bytes |
| fdt_rw.c | -rw-r--r-- | 72 bytes |
| fdt_strerror.c | -rw-r--r-- | 78 bytes |
| fdt_sw.c | -rw-r--r-- | 72 bytes |
| fdt_wip.c | -rw-r--r-- | 73 bytes |
| find_bit.c | -rw-r--r-- | 5.3 KB |
| find_bit_benchmark.c | -rw-r--r-- | 4.3 KB |
| flex_array.c | -rw-r--r-- | 11.0 KB |
| flex_proportions.c | -rw-r--r-- | 6.9 KB |
| gcd.c | -rw-r--r-- | 1.4 KB |
| gen_crc32table.c | -rw-r--r-- | 3.3 KB |
| gen_crc64table.c | -rw-r--r-- | 1.5 KB |
| genalloc.c | -rw-r--r-- | 21.6 KB |
| glob.c | -rw-r--r-- | 3.5 KB |
| globtest.c | -rw-r--r-- | 4.2 KB |
| hexdump.c | -rw-r--r-- | 8.3 KB |
| hweight.c | -rw-r--r-- | 2.0 KB |
| idr.c | -rw-r--r-- | 17.3 KB |
| inflate.c | -rw-r--r-- | 38.7 KB |
| int_sqrt.c | -rw-r--r-- | 1.1 KB |
| interval_tree.c | -rw-r--r-- | 499 bytes |
| interval_tree_test.c | -rw-r--r-- | 3.4 KB |
| iomap.c | -rw-r--r-- | 6.5 KB |
| iomap_copy.c | -rw-r--r-- | 2.8 KB |
| iommu-helper.c | -rw-r--r-- | 755 bytes |
| ioremap.c | -rw-r--r-- | 4.2 KB |
| iov_iter.c | -rw-r--r-- | 40.1 KB |
| irq_poll.c | -rw-r--r-- | 5.4 KB |
| irq_regs.c | -rw-r--r-- | 604 bytes |
| is_single_threaded.c | -rw-r--r-- | 1.4 KB |
| jedec_ddr_data.c | -rw-r--r-- | 3.0 KB |
| kasprintf.c | -rw-r--r-- | 1.4 KB |
| kfifo.c | -rw-r--r-- | 12.7 KB |
| klist.c | -rw-r--r-- | 10.4 KB |
| kobject.c | -rw-r--r-- | 26.8 KB |
| kobject_uevent.c | -rw-r--r-- | 18.7 KB |
| kstrtox.c | -rw-r--r-- | 10.5 KB |
| kstrtox.h | -rw-r--r-- | 293 bytes |
| lcm.c | -rw-r--r-- | 441 bytes |
| libcrc32c.c | -rw-r--r-- | 2.2 KB |
| list_debug.c | -rw-r--r-- | 1.8 KB |
| list_sort.c | -rw-r--r-- | 3.6 KB |
| llist.c | -rw-r--r-- | 3.1 KB |
| locking-selftest-hardirq.h | -rw-r--r-- | 246 bytes |
| locking-selftest-mutex.h | -rw-r--r-- | 159 bytes |
| locking-selftest-rlock-hardirq.h | -rw-r--r-- | 74 bytes |
| locking-selftest-rlock-softirq.h | -rw-r--r-- | 74 bytes |
| locking-selftest-rlock.h | -rw-r--r-- | 197 bytes |
| locking-selftest-rsem.h | -rw-r--r-- | 202 bytes |
| locking-selftest-rtmutex.h | -rw-r--r-- | 162 bytes |
| locking-selftest-softirq.h | -rw-r--r-- | 246 bytes |
| locking-selftest-spin-hardirq.h | -rw-r--r-- | 73 bytes |
| locking-selftest-spin-softirq.h | -rw-r--r-- | 73 bytes |
| locking-selftest-spin.h | -rw-r--r-- | 157 bytes |
| locking-selftest-wlock-hardirq.h | -rw-r--r-- | 74 bytes |
| locking-selftest-wlock-softirq.h | -rw-r--r-- | 74 bytes |
| locking-selftest-wlock.h | -rw-r--r-- | 197 bytes |
| locking-selftest-wsem.h | -rw-r--r-- | 202 bytes |
| locking-selftest.c | -rw-r--r-- | 43.7 KB |
| lockref.c | -rw-r--r-- | 4.4 KB |
| logic_pio.c | -rw-r--r-- | 7.7 KB |
| lru_cache.c | -rw-r--r-- | 19.4 KB |
| lshrdi3.c | -rw-r--r-- | 1.2 KB |
| memcat_p.c | -rw-r--r-- | 753 bytes |
| memory-notifier-error-inject.c | -rw-r--r-- | 1.1 KB |
| memweight.c | -rw-r--r-- | 1.0 KB |
| muldi3.c | -rw-r--r-- | 2.3 KB |
| net_utils.c | -rw-r--r-- | 640 bytes |
| netdev-notifier-error-inject.c | -rw-r--r-- | 1.5 KB |
| nlattr.c | -rw-r--r-- | 21.7 KB |
| nmi_backtrace.c | -rw-r--r-- | 3.0 KB |
| nodemask.c | -rw-r--r-- | 653 bytes |
| notifier-error-inject.c | -rw-r--r-- | 2.7 KB |
| notifier-error-inject.h | -rw-r--r-- | 653 bytes |
| of-reconfig-notifier-error-inject.c | -rw-r--r-- | 1.3 KB |
| oid_registry.c | -rw-r--r-- | 3.9 KB |
| once.c | -rw-r--r-- | 1.4 KB |
| parman.c | -rw-r--r-- | 10.6 KB |
| parser.c | -rw-r--r-- | 8.1 KB |
| pci_iomap.c | -rw-r--r-- | 4.2 KB |
| percpu-refcount.c | -rw-r--r-- | 13.3 KB |
| percpu_counter.c | -rw-r--r-- | 5.8 KB |
| percpu_test.c | -rw-r--r-- | 3.2 KB |
| plist.c | -rw-r--r-- | 5.9 KB |
| pm-notifier-error-inject.c | -rw-r--r-- | 1.1 KB |
| prime_numbers.c | -rw-r--r-- | 6.5 KB |
| radix-tree.c | -rw-r--r-- | 43.9 KB |
| random32.c | -rw-r--r-- | 12.8 KB |
| ratelimit.c | -rw-r--r-- | 1.6 KB |
| rational.c | -rw-r--r-- | 1.6 KB |
| rbtree.c | -rw-r--r-- | 18.7 KB |
| rbtree_test.c | -rw-r--r-- | 9.4 KB |
| reciprocal_div.c | -rw-r--r-- | 1.4 KB |
| refcount.c | -rw-r--r-- | 11.2 KB |
| rhashtable.c | -rw-r--r-- | 29.4 KB |
| sbitmap.c | -rw-r--r-- | 13.8 KB |
| scatterlist.c | -rw-r--r-- | 24.1 KB |
| seq_buf.c | -rw-r--r-- | 7.9 KB |
| sg_pool.c | -rw-r--r-- | 3.6 KB |
| sg_split.c | -rw-r--r-- | 5.1 KB |
| sha1.c | -rw-r--r-- | 6.1 KB |
| sha256.c | -rw-r--r-- | 10.1 KB |
| show_mem.c | -rw-r--r-- | 1.3 KB |
| siphash.c | -rw-r--r-- | 11.7 KB |
| smp_processor_id.c | -rw-r--r-- | 1.3 KB |
| sort.c | -rw-r--r-- | 2.5 KB |
| stackdepot.c | -rw-r--r-- | 8.8 KB |
| stmp_device.c | -rw-r--r-- | 2.1 KB |
| string.c | -rw-r--r-- | 22.4 KB |
| string_helpers.c | -rw-r--r-- | 13.5 KB |
| strncpy_from_user.c | -rw-r--r-- | 3.1 KB |
| strnlen_user.c | -rw-r--r-- | 3.4 KB |
| syscall.c | -rw-r--r-- | 2.7 KB |
| test-kstrtox.c | -rw-r--r-- | 17.3 KB |
| test-string_helpers.c | -rw-r--r-- | 10.3 KB |
| test_bitfield.c | -rw-r--r-- | 4.3 KB |
| test_bitmap.c | -rw-r--r-- | 9.6 KB |
| test_bpf.c | -rw-r--r-- | 159.2 KB |
| test_debug_virtual.c | -rw-r--r-- | 918 bytes |
| test_firmware.c | -rw-r--r-- | 21.6 KB |
| test_hash.c | -rw-r--r-- | 6.3 KB |
| test_hexdump.c | -rw-r--r-- | 6.3 KB |
| test_ida.c | -rw-r--r-- | 4.3 KB |
| test_kasan.c | -rw-r--r-- | 13.6 KB |
| test_kmod.c | -rw-r--r-- | 30.0 KB |
| test_list_sort.c | -rw-r--r-- | 3.3 KB |
| test_memcat_p.c | -rw-r--r-- | 2.2 KB |
| test_module.c | -rw-r--r-- | 753 bytes |
| test_overflow.c | -rw-r--r-- | 22.3 KB |
| test_parman.c | -rw-r--r-- | 11.2 KB |
| test_printf.c | -rw-r--r-- | 13.0 KB |
| test_rhashtable.c | -rw-r--r-- | 19.9 KB |
| test_siphash.c | -rw-r--r-- | 7.5 KB |
| test_sort.c | -rw-r--r-- | 829 bytes |
| test_static_key_base.c | -rw-r--r-- | 2.0 KB |
| test_static_keys.c | -rw-r--r-- | 6.0 KB |
| test_string.c | -rw-r--r-- | 2.4 KB |
| test_sysctl.c | -rw-r--r-- | 3.3 KB |
| test_ubsan.c | -rw-r--r-- | 2.5 KB |
| test_user_copy.c | -rw-r--r-- | 5.5 KB |
| test_uuid.c | -rw-r--r-- | 3.4 KB |
| test_xarray.c | -rw-r--r-- | 33.5 KB |
| textsearch.c | -rw-r--r-- | 9.5 KB |
| timerqueue.c | -rw-r--r-- | 3.3 KB |
| ts_bm.c | -rw-r--r-- | 5.3 KB |
| ts_fsm.c | -rw-r--r-- | 10.6 KB |
| ts_kmp.c | -rw-r--r-- | 4.3 KB |
| ubsan.c | -rw-r--r-- | 11.1 KB |
| ubsan.h | -rw-r--r-- | 1.7 KB |
| ucmpdi2.c | -rw-r--r-- | 1.2 KB |
| ucs2_string.c | -rw-r--r-- | 2.5 KB |
| usercopy.c | -rw-r--r-- | 764 bytes |
| uuid.c | -rw-r--r-- | 3.0 KB |
| vsprintf.c | -rw-r--r-- | 74.6 KB |
| win_minmax.c | -rw-r--r-- | 3.4 KB |
| xarray.c | -rw-r--r-- | 51.4 KB |
| xxhash.c | -rw-r--r-- | 12.7 KB |
Computing file changes ...
