lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 08 Feb 2012 05:41:52 +0400
From:	Konstantin Khlebnikov <khlebnikov@...nvz.org>
To:	Hugh Dickins <hughd@...gle.com>
CC:	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH BUGFIX] mm: fix find_get_page() for shmem exceptional
 entries

Hugh Dickins wrote:
> On Tue, 7 Feb 2012, Konstantin Khlebnikov wrote:
>
>> Bug was added in commit v3.0-7291-g8079b1c (mm: clarify the radix_tree
>> exceptional cases)
>> So, v3.1 and v3.2 affected.
>>
>> Konstantin Khlebnikov wrote:
>>> It should return NULL, otherwise the caller will be very surprised.
>>>
>>> Signed-off-by: Konstantin Khlebnikov<khlebnikov@...nvz.org>
>
> Thanks for worrying about it, but Nak to this patch.
>
> If you have found somewhere that is surprised by an exceptional entry
> instead of a page, then indeed we shall need to fix that: I'm not
> aware of any.

Oh, this is very dangerous semantics, especially for function called "find-get-page"
which sometimes returns not-getted not-a-page =)

>
> There are several places that are prepared for the possibility:
> find_lock_page() (and your patch would be breaking shmem.c's use of
> find_lock_page()), mincore_page(), memcontrol.c's mc_handle_file_pte().
>
> Of the remaining calls to find_get_page(), my understanding is that
> either they are filesystems operating upon their own pagecache, or
> they involve using ->readpage() - that's one of the two reasons why
> I gave shmem its own ->splice_read() and removed its ->readpage()
> before switching over to use the exceptional entries.
>
> Hugh
>
>>> ---
>>>    mm/filemap.c |    1 +
>>>    1 files changed, 1 insertions(+), 0 deletions(-)
>>>
>>> diff --git a/mm/filemap.c b/mm/filemap.c
>>> index 518223b..ca98cb5 100644
>>> --- a/mm/filemap.c
>>> +++ b/mm/filemap.c
>>> @@ -693,6 +693,7 @@ repeat:
>>>    			 * here as an exceptional entry: so return it without
>>>    			 * attempting to raise page count.
>>>    			 */
>>> +			page = NULL;
>>>    			goto out;
>>>    		}
>>>    		if (!page_cache_get_speculative(page))

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ