lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 4 Jan 2016 16:01:06 +0100
From:	Vlastimil Babka <vbabka@...e.cz>
To:	Heiko Carstens <heiko.carstens@...ibm.com>,
	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH] mm/vmstat: fix overflow in mod_zone_page_state()

On 12/29/2015 01:07 PM, Heiko Carstens wrote:
> mod_zone_page_state() takes a "delta" integer argument. delta contains
> the number of pages that should be added or subtracted from a struct
> zone's vm_stat field.
>
> If a zone is larger than 8TB this will cause overflows. E.g. for a
> zone with a size slightly larger than 8TB the line
>
> 	mod_zone_page_state(zone, NR_ALLOC_BATCH, zone->managed_pages);
>
> in mm/page_alloc.c:free_area_init_core() will result in a negative
> result for the NR_ALLOC_BATCH entry within the zone's vm_stat, since
> 8TB contain 0x8xxxxxxx pages which will be sign extended to a negative
> value.
>
> Fix this by changing the delta argument to long type.
>
> This could fix an early boot problem seen on s390, where we have a 9TB
> system with only one node. ZONE_DMA contains 2GB and ZONE_NORMAL the
> rest. The system is trying to allocate a GFP_DMA page but ZONE_DMA is
> completely empty, so it tries to reclaim pages in an endless loop.
>
> This was seen on a heavily patched 3.10 kernel. One possible
> explaination seem to be the overflows caused by mod_zone_page_state().
> Unfortunately I did not have the chance to verify that this patch
> actually fixes the problem, since I don't have access to the system
> right now. However the overflow problem does exist anyway.
>
> Given the description that a system with slightly less than 8TB does
> work, this seems to be a candidate for the observed problem.
>
> Signed-off-by: Heiko Carstens <heiko.carstens@...ibm.com>

Acked-by: Vlastimil Babka <vbabka@...e.cz>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ