lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20131218162858.6ec808c067baf4644532e110@linux-foundation.org>
Date:	Wed, 18 Dec 2013 16:28:58 -0800
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Wanpeng Li <liwanp@...ux.vnet.ibm.com>
Cc:	Sasha Levin <sasha.levin@...cle.com>,
	Hugh Dickins <hughd@...gle.com>,
	Joonsoo Kim <iamjoonsoo.kim@....com>, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/rmap: fix BUG at rmap_walk

On Thu, 19 Dec 2013 08:16:35 +0800 Wanpeng Li <liwanp@...ux.vnet.ibm.com> wrote:

> page_get_anon_vma() called in page_referenced_anon() will lock and 
> increase the refcount of anon_vma, page won't be locked for anonymous 
> page. This patch fix it by skip check anonymous page locked.
> 
> [  588.698828] kernel BUG at mm/rmap.c:1663!

Why is all this suddenly happening.  Did we change something, or did a
new test get added to trinity?

> --- a/mm/rmap.c
> +++ b/mm/rmap.c
> @@ -1660,7 +1660,8 @@ done:
>  
>  int rmap_walk(struct page *page, struct rmap_walk_control *rwc)
>  {
> -	VM_BUG_ON(!PageLocked(page));
> +	if (!PageAnon(page) || PageKsm(page))
> +		VM_BUG_ON(!PageLocked(page));
>  
>  	if (unlikely(PageKsm(page)))
>  		return rmap_walk_ksm(page, rwc);

Is there any reason why rmap_walk_ksm() and rmap_walk_file() *need*
PageLocked() whereas rmap_walk_anon() does not?  If so, let's implement
it like this:


--- a/mm/rmap.c~a
+++ a/mm/rmap.c
@@ -1716,6 +1716,10 @@ static int rmap_walk_file(struct page *p
 	struct vm_area_struct *vma;
 	int ret = SWAP_AGAIN;
 
+	/*
+	 * page must be locked because <reason goes here>
+	 */
+	VM_BUG_ON(!PageLocked(page));
 	if (!mapping)
 		return ret;
 	mutex_lock(&mapping->i_mmap_mutex);
@@ -1737,8 +1741,6 @@ static int rmap_walk_file(struct page *p
 int rmap_walk(struct page *page, int (*rmap_one)(struct page *,
 		struct vm_area_struct *, unsigned long, void *), void *arg)
 {
-	VM_BUG_ON(!PageLocked(page));
-
 	if (unlikely(PageKsm(page)))
 		return rmap_walk_ksm(page, rmap_one, arg);
 	else if (PageAnon(page))
--- a/mm/ksm.c~a
+++ a/mm/ksm.c
@@ -2006,6 +2006,9 @@ int rmap_walk_ksm(struct page *page, int
 	int search_new_forks = 0;
 
 	VM_BUG_ON(!PageKsm(page));
+	/*
+	 * page must be locked because <reason goes here>
+	 */
 	VM_BUG_ON(!PageLocked(page));
 
 	stable_node = page_stable_node(page);


Or if there is no reason why the page must be locked for
rmap_walk_ksm() and rmap_walk_file(), let's just remove rmap_walk()'s
VM_BUG_ON()?  And rmap_walk_ksm()'s as well - it's duplicative anyway.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ