| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEvNRgEoPs5ia+u0ODra6N4BdOwpYa04j8nDxwfNVyfCOWnM6g@mail.gmail.com> Date: Mon, 9 Feb 2026 10:22:06 -0800 From: Ackerley Tng <ackerleytng@...gle.com> To: Deepanshu Kartikey <kartikey406@...il.com>, "David Hildenbrand (Arm)" <david@...nel.org> Cc: akpm@...ux-foundation.org, lorenzo.stoakes@...cle.com, baolin.wang@...ux.alibaba.com, Liam.Howlett@...cle.com, npache@...hat.com, ryan.roberts@....com, dev.jain@....com, baohua@...nel.org, seanjc@...gle.com, pbonzini@...hat.com, michael.roth@....com, vannapurve@...gle.com, ziy@...dia.com, linux-mm@...ck.org, linux-kernel@...r.kernel.org, syzbot+33a04338019ac7e43a44@...kaller.appspotmail.com Subject: Re: [PATCH] mm: thp: Deny THP for guest_memfd and secretmem in file_thp_enabled() Deepanshu Kartikey <kartikey406@...il.com> writes: > On Mon, Feb 9, 2026 at 4:12 PM David Hildenbrand (Arm) <david@...nel.org> wrote: >> >> > Maybe introduce a AS_NO_READ_ONLY_THP_FOR_FS, which we can just easily >> > rip out along with CONFIG_READ_ONLY_THP_FOR_FS later? >> >> On second thought, why do we pass the >> >> !inode_is_open_for_write(inode) >> >> in file_thp_enabled()? >> >> Isn't that the main problem for these memfd things? >> >> Maybe a get_write_access() is missing somewhere? >> > > Hi David, > > Thanks for the suggestion. I looked into the get_write_access() path. > > Both guest_memfd and secretmem use alloc_file_pseudo() which skips > calling get_write_access(), so i_writecount stays 0. That's why > file_thp_enabled() sees them as read-only files. > > We could add get_write_access() after alloc_file_pseudo() in both, but > I think that would be a hack rather than a proper fix: > > - i_writecount has a specific semantic: tracking how many fds have the > file open for writing. We'd be bumping it just to influence > file_thp_enabled() behavior. > I agree re-using i_writecount feels odd since it is abusing the idea of being written to. I might have misunderstood the full context of i_writecount though. > - It doesn't express the actual intent. The real issue is that > CONFIG_READ_ONLY_THP_FOR_FS was never meant for pseudo-filesystem > backed files. > > I think the AS_NO_READ_ONLY_THP_FOR_FS flag you suggested earlier is > the cleaner approach. It is explicit, has no side effects, and is easy > to rip out when CONFIG_READ_ONLY_THP_FOR_FS goes away. > I was considering other address space flags and I think the best might be to make khugepaged respect AS_FOLIO_ORDER_MAX and have somewhere in __vma_thp_allowable_orders() check the maximum allowed order for the address space. khugepaged is about consolidating memory to huge pages, so if the address space doesn't allow a larger folio order, then khugepaged should not operate on that memory. The other options are + AS_UNEVICTABLE: Sounds like khugepaged should respect AS_UNEVICTABLE, but IIUC evictability is more closely related to swapping and khugepaged might operate on swappable memory? Both guest_memfd and secretmem set AS_UNEVICTABLE. + AS_INACCESSIBLE: This is only used by guest_memfd, and is mostly used to block migration. khugepaged kind of migrates the memory contents too, but someday we want guest_memfd to support migration, and at that time we would still want to block khugepaged, so I don't think we want to reuse a flag that couples khugepaged to migration. > > [...snip...] >
Powered by blists - more mailing lists