lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 20 Nov 2013 14:48:29 -0500
From:	Dan Streetman <ddstreet@...e.org>
To:	Seth Jennings <sjennings@...iantweb.net>
Cc:	Dan Streetman <ddstreet@...e.org>, linux-mm@...ck.org,
	linux-kernel <linux-kernel@...r.kernel.org>,
	Bob Liu <bob.liu@...cle.com>, Minchan Kim <minchan@...nel.org>,
	Weijie Yang <weijie.yang@...sung.com>
Subject: [PATCH] mm/zswap: don't allow entry eviction if in use by load

The changes in commit 0ab0abcf511545d1fddbe72a36b3ca73388ac937
introduce a bug in writeback, if an entry is in use by load
it will be evicted anyway, which isn't correct (technically,
the code currently in zbud doesn't actually care much what the
zswap evict function returns, but that could change).

This changes the check in the writeback function to prevent eviction
if the entry is still in use (with a nonzero refcount).  The
refcount is used instead of searching the rb tree beacuse we're
holding the tree lock (which is required for any changes to refcount)
and it's faster than a tree search.

Signed-off-by: Dan Streetman <ddstreet@...e.org>
---
 mm/zswap.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/mm/zswap.c b/mm/zswap.c
index e55bab9..e154f1e 100644
--- a/mm/zswap.c
+++ b/mm/zswap.c
@@ -600,14 +600,18 @@ static int zswap_writeback_entry(struct zbud_pool *pool, unsigned long handle)
 	zswap_entry_put(tree, entry);
 
 	/*
-	* There are two possible situations for entry here:
+	* There are three possible situations for entry here:
 	* (1) refcount is 1(normal case),  entry is valid and on the tree
 	* (2) refcount is 0, entry is freed and not on the tree
 	*     because invalidate happened during writeback
-	*  search the tree and free the entry if find entry
+	* (3) refcount is 2, entry is in use by load, prevent eviction
 	*/
-	if (entry == zswap_rb_search(&tree->rbroot, offset))
+	if (likely(entry->refcount > 0))
 		zswap_entry_put(tree, entry);
+	if (unlikely(entry->refcount > 0)) {
+		spin_unlock(&tree->lock);
+		return -EAGAIN;
+	}
 	spin_unlock(&tree->lock);
 
 	goto end;
-- 
1.8.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ