lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20150421084705.GG21832@hori1.linux.bs1.fc.nec.co.jp>
Date:	Tue, 21 Apr 2015 08:47:05 +0000
From:	Naoya Horiguchi <n-horiguchi@...jp.nec.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
CC:	Dean Nelson <dnelson@...hat.com>, Andi Kleen <andi@...stfloor.org>,
	"Andrea Arcangeli" <aarcange@...hat.com>,
	Hidetoshi Seto <seto.hidetoshi@...fujitsu.com>,
	Jin Dongming <jin.dongming@...css.fujitsu.com>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] mm/memory-failure: call shake_page() when error hits
 thp tail page

On Mon, Apr 20, 2015 at 02:30:14PM -0700, Andrew Morton wrote:
> On Wed, 15 Apr 2015 07:25:46 +0000 Naoya Horiguchi <n-horiguchi@...jp.nec.com> wrote:
> 
> > Currently memory_failure() calls shake_page() to sweep pages out from pcplists
> > only when the victim page is 4kB LRU page or thp head page. But we should do
> > this for a thp tail page too.
> > Consider that a memory error hits a thp tail page whose head page is on a
> > pcplist when memory_failure() runs. Then, the current kernel skips shake_pages()
> > part, so hwpoison_user_mappings() returns without calling split_huge_page() nor
> > try_to_unmap() because PageLRU of the thp head is still cleared due to the skip
> > of shake_page().
> > As a result, me_huge_page() runs for the thp, which is a broken behavior.
> > 
> > This patch fixes this problem by calling shake_page() for thp tail case.
> > 
> > Fixes: 385de35722c9 ("thp: allow a hwpoisoned head page to be put back to LRU")
> > Signed-off-by: Naoya Horiguchi <n-horiguchi@...jp.nec.com>
> > Cc: stable@...r.kernel.org  # v3.4+
> 
> What are the userspace-visible effects of the bug?  This info is needed
> for backporting into -stable and other kernels, please.

One effect is memory leak of the thp. And another is to fail to isolate
the memory error, so later access to the error address causes another MCE,
which kills the processes which used the thp.

Thanks,
Naoya Horiguchi--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ