lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 20 Apr 2016 23:15:06 +0000
From:	Naoya Horiguchi <n-horiguchi@...jp.nec.com>
To:	Xishi Qiu <qiuxishi@...wei.com>
CC:	Linux MM <linux-mm@...ck.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: mce: a question about memory_failure_early_kill in
 memory_failure()

On Wed, Apr 20, 2016 at 06:58:59PM +0800, Xishi Qiu wrote:
> On 2016/4/20 18:51, Xishi Qiu wrote:
> 
> > On 2016/4/20 15:07, Naoya Horiguchi wrote:
> > 
> >> On Tue, Apr 19, 2016 at 07:13:34PM +0800, Xishi Qiu wrote:
> >>> /proc/sys/vm/memory_failure_early_kill
> >>>
> >>> 1: means kill all processes that have the corrupted and not reloadable page mapped.
> >>> 0: means only unmap the corrupted page from all processes and only kill a process
> >>> who tries to access it.
> >>>
> >>> If set memory_failure_early_kill to 0, and memory_failure() has been called.
> >>> memory_failure()
> >>> 	hwpoison_user_mappings()
> >>> 		collect_procs()  // the task(with no PF_MCE_PROCESS flag) is not in the tokill list
> >>> 			try_to_unmap()
> >>>
> >>> If the task access the memory, there will be a page fault,
> >>> so the task can not access the original page again, right?
> >>
> >> Yes, right. That's the behavior in default "late kill" case.
> >>
> > 
> > Hi Naoya,
> > 
> > Thanks for your reply, my confusion is that after try_to_unmap(), there will be a
> > page fault if the task access the memory, and we will alloc a new page for it.

When try_to_unmap() is called for PageHWPoison(page) without TTU_IGNORE_HWPOISON,
page table entries mapping the error page are replaced with hwpoison entries,
which changes the bahavior of a subsequent page fault. Then, the page fault will
fail with VM_FAULT_HWPOISON, so finally the process will be killed without allocating
a new page.

> 
> Hi Naoya,
> 
> If we alloc a new page, the task won't access the poisioned page again, so it won't be
> killed by mce(late kill), right?

Allocating a new page for virtual address affected by memory error is dangerous
because if the error page was dirty (or anonymous as you mentioned), the data
is lost and new page allocation means that the data lost is ignored. The first
priority of hwpoison mechanism is to avoid consuming corrupted data.

> If the poisioned page is anon, we will lost data, right?

Yes, that's the idea.

> 
> > So how the hardware(mce) know this page fault is relate to the poisioned page which
> > is unmapped from the task? 
> > 
> > Will we record something in pte when after try_to_unmap() in memory_failure()?

As mentioned above, hwpoison entry does this job.

Thanks,
Naoya Horiguchi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ