lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 23 Sep 2013 16:19:36 +0800
From:	Weijie Yang <weijie.yang@...sung.com>
To:	akpm@...ux-foundation.org
Cc:	sjenning@...ux.vnet.ibm.com, bob.liu@...cle.com,
	minchan@...nel.org, weijie.yang.kh@...il.com, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	d.j.shin@...sung.com, heesub.shin@...sung.com,
	kyungmin.park@...sung.com, hau.chen@...sung.com,
	bifeng.tong@...sung.com, rui.xie@...sung.com
Subject: [PATCH v3 0/3] mm/zswap bugfix: memory leaks and other problems

This patch series fix a few bugs in mm/zswap based on Linux-3.11.

v2 --> v3
	- keep GFP_KERNEL flag

v1 --> v2
	- free memory in zswap_frontswap_invalidate_area(in patch 1)
	- fix whitespace corruption (line wrapping)
	
Corresponding mail thread: https://lkml.org/lkml/2013/8/18/59

These issues fixed/optimized are:

 1. memory leaks when re-swapon
 
 2. memory leaks when invalidate and reclaim occur concurrently
 
 3. avoid unnecessary page scanning


Issues discussed in that mail thread NOT fixed as it happens rarely or
not a big problem or controversial:

 1. a "theoretical race condition" when reclaim page
When a handle alloced from zbud, zbud considers this handle is used
validly by upper(zswap) and can be a candidate for reclaim. But zswap has
to initialize it such as setting swapentry and adding it to rbtree.
so there is a race condition, such as:
 thread 0: obtain handle x from zbud_alloc
 thread 1: zbud_reclaim_page is called
 thread 1: callback zswap_writeback_entry to reclaim handle x
 thread 1: get swpentry from handle x (it is random value now)
 thread 1: bad thing may happen
 thread 0: initialize handle x with swapentry

2. frontswap_map bitmap not cleared after zswap reclaim
Frontswap uses frontswap_map bitmap to track page in "backend" implementation,
when zswap reclaim a page, the corresponding bitmap record is not cleared.

3. the potential that zswap store and reclaim functions called recursively


 mm/zswap.c |   28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ