[08/10] ioctl_userfaultfd.2: clarify the state of the uffdio_api structure on error
| Message ID | 20230919190206.388896-9-axelrasmussen@google.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp3830825vqi;
Tue, 19 Sep 2023 19:45:14 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IHij290v+vm+f7azBQZYYofFyMon+CuYmwSis9HVAM2C1YWh0qdeoyP2CJpYVQQq85wKUax
X-Received: by 2002:a05:6358:5915:b0:142:ecad:c6e with SMTP id
g21-20020a056358591500b00142ecad0c6emr1679675rwf.2.1695177914736;
Tue, 19 Sep 2023 19:45:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695177914; cv=none;
d=google.com; s=arc-20160816;
b=0thwgVcYt3Okry3m7nfPduof8GIBk+EmNFDZnODYcDksfzyAy/HKkuMH3BSQtXSoXa
T/huRaf1HxqeLEusFyTgKFW1pJ76aN+p2G7iJ8Hz9hj2TqTL9iFRtGuPfcvdfU0IebKf
J34Vn3YQF8SuBGUKE/coZ0yZspzX3b0R7LS1nA/ZinRdMbbwHxzoIqGMzleMSFOzqCYx
hglEL4AD9Iix/4Ifzwx0DRLpjsaxH90T9i0KOlWSaG48C4uzlQ0ESHICrscAFlxNNS1T
v7DHUO0ewvxslca9pQfUf2EPq8vEgG+bSfImo+dlugaJ8UO517wGL7EOaCu6ICm9oogG
Tr6g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:cc:to:from:subject:message-id:references
:mime-version:in-reply-to:date:dkim-signature;
bh=5/ZA4nlbby3TSOXQeGLhY3RgtFATqmihyuOhsYNku5o=;
fh=SqwPTGdhTS3wVH9FltNQ4n/lDM1p3ApEDnroT8zra0U=;
b=cn1WfYvSO7bWQiRbdbz1aBdvY52SKtVFMQEtwYzP999XqgdGLO9uOYkxJ14o3XwP/l
ltLWtQQoDkAr4mRg1xH4jcqiC0CuXnyrZ+NJDA9iSNw7TakLp0fLsttm7GxR0lcwNxEi
GjnGlkY0DQ7m7LTbZZbebI0yGmzunfB9qwAUsa6cNlwUZUuGs1TmIwccoNUV8Zye4LNc
CYAcfjDveyN0j6x7frJifyJeGVE4jKmWeLWk2HAmuxmbDwuX+BXn5fxfz3Uogm5tjECC
gS7cAfGnY+e7lzAHF6zGsyaMJVGRjpf3MHhdtpD2n1bcAWuricYHN3yYlPM9CSboRJ+o
xi4A==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@google.com header.s=20230601 header.b=ILqI7TNm;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:5 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5])
by mx.google.com with ESMTPS id
22-20020a631756000000b00578b379922bsi2281072pgx.511.2023.09.19.19.45.14
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 19 Sep 2023 19:45:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:5 as permitted sender)
client-ip=2620:137:e000::3:5;
Authentication-Results: mx.google.com;
dkim=pass header.i=@google.com header.s=20230601 header.b=ILqI7TNm;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:5 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by groat.vger.email (Postfix) with ESMTP id 4E633830148A;
Tue, 19 Sep 2023 12:03:07 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232838AbjISTC6 (ORCPT <rfc822;toshivichauhan@gmail.com>
+ 26 others); Tue, 19 Sep 2023 15:02:58 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56268 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S232714AbjISTCm (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 19 Sep 2023 15:02:42 -0400
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
[IPv6:2607:f8b0:4864:20::b49])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6B959F9
for <linux-kernel@vger.kernel.org>;
Tue, 19 Sep 2023 12:02:30 -0700 (PDT)
Received: by mail-yb1-xb49.google.com with SMTP id
3f1490d57ef6-d81841ef79bso6655200276.1
for <linux-kernel@vger.kernel.org>;
Tue, 19 Sep 2023 12:02:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20230601; t=1695150149; x=1695754949;
darn=vger.kernel.org;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:from:to:cc:subject:date:message-id:reply-to;
bh=5/ZA4nlbby3TSOXQeGLhY3RgtFATqmihyuOhsYNku5o=;
b=ILqI7TNmSI3xoxz6Gb20TjikkOWe6V6TnyOB+d+IrFUhwShOf/Y+3+hjouGb4yRK6a
9uau1Ssjg3ISDR5w7vf2UkokaTzpPODfmFKHPeYF0NPSSqZFAqrZabPA/kRmi8surMqj
0jMTJ25dmpM4S+KzZqtwpGU3denfpfu0lG2ZVWROcE/HLPxQz8i80/z/UJFDCu0BydfH
u1cey1gNaV6ZxysgKb+nOL0WbVLlzFjuYmIxuZm0/pVc1Sfz9t8x28sckj8bhB7MBTBP
cZp0NIs+Gt1WzZzgW/67hGlFY8Xyju94ZXUcI5nExbLWXALfmArb8rESdhaSgGTSDYrR
IFXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1695150149; x=1695754949;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=5/ZA4nlbby3TSOXQeGLhY3RgtFATqmihyuOhsYNku5o=;
b=hOTLvx4YlfuTw4jMo8yi2Z0jiu5EwBV5kZYq6KF8i+g7uqTfY7AeLp0eW9PcxywVQv
e3e1s73kdKx5te6/Lex/wnWILtXN8YjIyMDZr2cIxshlQYjxov4YPtP7A4cDlSnsunsH
c0GN4sPu70yfWlT1HdXP7mKKR/2kyD8Ou50b5wfDGoCf0wzK2Kqx6EAngXj2jWNAKDBl
W9Os5vW+wni2PJN+ejU1hQJKnsVCZZD8KnvpcuyaL2kg8dOEDlVXn9m/2z1luQyvGxBX
z8Ukx+V1uIcNgtZSHFtOZOxxHX4KnxbvGrwT5Jvv+d/wV1YMVgIy+Uz/bna4GwHNf5SJ
HVkA==
X-Gm-Message-State: AOJu0Ywdqe8d46wjiguzYAIQWxZZlkzs9qf6sy9JYt3FdHQxw+Ss76HA
2ytO1GLPrQp1fYLhaKZr0o90oaMnijZwhg2FXD6o
X-Received: from axel.svl.corp.google.com
([2620:15c:2a3:200:8f5a:6a6a:cafc:a3ad])
(user=axelrasmussen job=sendgmr) by 2002:a05:6902:1805:b0:d77:f7c3:37db with
SMTP id cf5-20020a056902180500b00d77f7c337dbmr7876ybb.8.1695150149582; Tue,
19 Sep 2023 12:02:29 -0700 (PDT)
Date: Tue, 19 Sep 2023 12:02:04 -0700
In-Reply-To: <20230919190206.388896-1-axelrasmussen@google.com>
Mime-Version: 1.0
References: <20230919190206.388896-1-axelrasmussen@google.com>
X-Mailer: git-send-email 2.42.0.459.ge4e396fd5e-goog
Message-ID: <20230919190206.388896-9-axelrasmussen@google.com>
Subject: [PATCH 08/10] ioctl_userfaultfd.2: clarify the state of the
uffdio_api structure on error
From: Axel Rasmussen <axelrasmussen@google.com>
To: Alejandro Colomar <alx@kernel.org>, Peter Xu <peterx@redhat.com>
Cc: linux-man@vger.kernel.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org,
Axel Rasmussen <axelrasmussen@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL
autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]);
Tue, 19 Sep 2023 12:03:07 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777522877012270003
X-GMAIL-MSGID: 1777522877012270003
|
| Series |
userfaultfd man page updates
|
|
Commit Message
Axel Rasmussen
Sept. 19, 2023, 7:02 p.m. UTC
The old FIXME noted that the zeroing was done to differentiate the two
EINVAL cases. It's possible something like this was true historically,
but in current Linux we zero it in *both* EINVAL cases, so this is at
least no longer true.
After reading the code, I can't determine any clear reason why we zero
it in some cases but not in others. So, some simple advice we can give
userspace is: if an error occurs, treat the contents of the structure as
unspecified. Just re-initialize it before retrying UFFDIO_API again.
Signed-off-by: Axel Rasmussen <axelrasmussen@google.com>
---
man2/ioctl_userfaultfd.2 | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
Comments
Hi Axel, On Tue, Sep 19, 2023 at 12:02:04PM -0700, Axel Rasmussen wrote: > The old FIXME noted that the zeroing was done to differentiate the two > EINVAL cases. It's possible something like this was true historically, > but in current Linux we zero it in *both* EINVAL cases, so this is at > least no longer true. > > After reading the code, I can't determine any clear reason why we zero > it in some cases but not in others. So, some simple advice we can give > userspace is: if an error occurs, treat the contents of the structure as > unspecified. Just re-initialize it before retrying UFFDIO_API again. > > Signed-off-by: Axel Rasmussen <axelrasmussen@google.com> I can't apply this patch due to conflicts (due to not having applied two of the previous ones). Please resend all remaining patches in following revisions of the patch set. The applied ones are here: <https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/log/?h=contrib> It's kind of like Linux's 'next' branch. Cheers, Alex > --- > man2/ioctl_userfaultfd.2 | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/man2/ioctl_userfaultfd.2 b/man2/ioctl_userfaultfd.2 > index 1aa9654be..29dca1f6b 100644 > --- a/man2/ioctl_userfaultfd.2 > +++ b/man2/ioctl_userfaultfd.2 > @@ -272,6 +272,14 @@ operation returns 0 on success. > On error, \-1 is returned and > .I errno > is set to indicate the error. > +If an error occurs, > +the kernel may zero the provided > +.I uffdio_api > +structure. > +The caller should treat its contents as unspecified, > +and reinitialize it before re-attempting another > +.B UFFDIO_API > +call. > Possible errors include: > .TP > .B EFAULT > @@ -305,14 +313,6 @@ twice, > the first time with no features set, > is explicitly allowed > as per the two-step feature detection handshake. > -.\" FIXME In the above error case, the returned 'uffdio_api' structure is > -.\" zeroed out. Why is this done? This should be explained in the manual page. > -.\" > -.\" Mike Rapoport: > -.\" In my understanding the uffdio_api > -.\" structure is zeroed to allow the caller > -.\" to distinguish the reasons for -EINVAL. > -.\" > .SS UFFDIO_REGISTER > (Since Linux 4.3.) > Register a memory address range with the userfaultfd object. > -- > 2.42.0.459.ge4e396fd5e-goog >
On Mon, Sep 25, 2023 at 4:56 PM Alejandro Colomar <alx@kernel.org> wrote: > > Hi Axel, > > On Tue, Sep 19, 2023 at 12:02:04PM -0700, Axel Rasmussen wrote: > > The old FIXME noted that the zeroing was done to differentiate the two > > EINVAL cases. It's possible something like this was true historically, > > but in current Linux we zero it in *both* EINVAL cases, so this is at > > least no longer true. > > > > After reading the code, I can't determine any clear reason why we zero > > it in some cases but not in others. So, some simple advice we can give > > userspace is: if an error occurs, treat the contents of the structure as > > unspecified. Just re-initialize it before retrying UFFDIO_API again. > > > > Signed-off-by: Axel Rasmussen <axelrasmussen@google.com> > > I can't apply this patch due to conflicts (due to not having applied two > of the previous ones). Please resend all remaining patches in following > revisions of the patch set. > > The applied ones are here: > > <https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/log/?h=contrib> > > It's kind of like Linux's 'next' branch. Thanks for the review Alex! I'll fix up the issues noted and send the remaining few patches this week. :) > > Cheers, > Alex > > > --- > > man2/ioctl_userfaultfd.2 | 16 ++++++++-------- > > 1 file changed, 8 insertions(+), 8 deletions(-) > > > > diff --git a/man2/ioctl_userfaultfd.2 b/man2/ioctl_userfaultfd.2 > > index 1aa9654be..29dca1f6b 100644 > > --- a/man2/ioctl_userfaultfd.2 > > +++ b/man2/ioctl_userfaultfd.2 > > @@ -272,6 +272,14 @@ operation returns 0 on success. > > On error, \-1 is returned and > > .I errno > > is set to indicate the error. > > +If an error occurs, > > +the kernel may zero the provided > > +.I uffdio_api > > +structure. > > +The caller should treat its contents as unspecified, > > +and reinitialize it before re-attempting another > > +.B UFFDIO_API > > +call. > > Possible errors include: > > .TP > > .B EFAULT > > @@ -305,14 +313,6 @@ twice, > > the first time with no features set, > > is explicitly allowed > > as per the two-step feature detection handshake. > > -.\" FIXME In the above error case, the returned 'uffdio_api' structure is > > -.\" zeroed out. Why is this done? This should be explained in the manual page. > > -.\" > > -.\" Mike Rapoport: > > -.\" In my understanding the uffdio_api > > -.\" structure is zeroed to allow the caller > > -.\" to distinguish the reasons for -EINVAL. > > -.\" > > .SS UFFDIO_REGISTER > > (Since Linux 4.3.) > > Register a memory address range with the userfaultfd object. > > -- > > 2.42.0.459.ge4e396fd5e-goog > >
On Tue, Sep 19, 2023 at 12:02:04PM -0700, Axel Rasmussen wrote: > The old FIXME noted that the zeroing was done to differentiate the two > EINVAL cases. It's possible something like this was true historically, > but in current Linux we zero it in *both* EINVAL cases, so this is at > least no longer true. > > After reading the code, I can't determine any clear reason why we zero > it in some cases but not in others. So, some simple advice we can give > userspace is: if an error occurs, treat the contents of the structure as > unspecified. Just re-initialize it before retrying UFFDIO_API again. In old kernels (e.g. 4.20 and I didn't go to check when this changed) we had two -EINVALS: one when UFFDIO_API was called when state != UFFD_STATE_WAIT_API and another for API version or features mismatch and we zeroed uffd_api struct only in the second case. In the current code the first case does not exits anymore. > Signed-off-by: Axel Rasmussen <axelrasmussen@google.com> Reviewed-by: Mike Rapoport (IBM) <rppt@kernel.org> > --- > man2/ioctl_userfaultfd.2 | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/man2/ioctl_userfaultfd.2 b/man2/ioctl_userfaultfd.2 > index 1aa9654be..29dca1f6b 100644 > --- a/man2/ioctl_userfaultfd.2 > +++ b/man2/ioctl_userfaultfd.2 > @@ -272,6 +272,14 @@ operation returns 0 on success. > On error, \-1 is returned and > .I errno > is set to indicate the error. > +If an error occurs, > +the kernel may zero the provided > +.I uffdio_api > +structure. > +The caller should treat its contents as unspecified, > +and reinitialize it before re-attempting another > +.B UFFDIO_API > +call. > Possible errors include: > .TP > .B EFAULT > @@ -305,14 +313,6 @@ twice, > the first time with no features set, > is explicitly allowed > as per the two-step feature detection handshake. > -.\" FIXME In the above error case, the returned 'uffdio_api' structure is > -.\" zeroed out. Why is this done? This should be explained in the manual page. > -.\" > -.\" Mike Rapoport: > -.\" In my understanding the uffdio_api > -.\" structure is zeroed to allow the caller > -.\" to distinguish the reasons for -EINVAL. > -.\" > .SS UFFDIO_REGISTER > (Since Linux 4.3.) > Register a memory address range with the userfaultfd object. > -- > 2.42.0.459.ge4e396fd5e-goog > >
diff --git a/man2/ioctl_userfaultfd.2 b/man2/ioctl_userfaultfd.2 index 1aa9654be..29dca1f6b 100644 --- a/man2/ioctl_userfaultfd.2 +++ b/man2/ioctl_userfaultfd.2 @@ -272,6 +272,14 @@ operation returns 0 on success. On error, \-1 is returned and .I errno is set to indicate the error. +If an error occurs, +the kernel may zero the provided +.I uffdio_api +structure. +The caller should treat its contents as unspecified, +and reinitialize it before re-attempting another +.B UFFDIO_API +call. Possible errors include: .TP .B EFAULT @@ -305,14 +313,6 @@ twice, the first time with no features set, is explicitly allowed as per the two-step feature detection handshake. -.\" FIXME In the above error case, the returned 'uffdio_api' structure is -.\" zeroed out. Why is this done? This should be explained in the manual page. -.\" -.\" Mike Rapoport: -.\" In my understanding the uffdio_api -.\" structure is zeroed to allow the caller -.\" to distinguish the reasons for -EINVAL. -.\" .SS UFFDIO_REGISTER (Since Linux 4.3.) Register a memory address range with the userfaultfd object.