lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b9042a51-56de-2c39-7d0c-41f515633128@suse.cz>
Date:   Thu, 8 Jun 2017 13:02:09 +0200
From:   Vlastimil Babka <vbabka@...e.cz>
To:     Will Deacon <will.deacon@....com>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        mark.rutland@....com, akpm@...ux-foundation.org,
        kirill.shutemov@...ux.intel.com, Punit.Agrawal@....com,
        mgorman@...e.de, steve.capper@....com
Subject: Re: [PATCH 2/3] mm/page_ref: Ensure page_ref_unfreeze is ordered
 against prior accesses

On 06/08/2017 12:34 PM, Will Deacon wrote:
> On Thu, Jun 08, 2017 at 11:38:21AM +0200, Vlastimil Babka wrote:
>>
>> Undecided if it's really needed. This is IMHO not the classical case
>> from Documentation/core-api/atomic_ops.rst where we have to make
>> modifications visible before we let others see them? Here the one who is
>> freezing is doing it so others can't get their page pin and interfere
>> with the freezer's work. But maybe there are some (documented or not)
>> consistency guarantees to expect once you obtain the pin, that can be
>> violated, or they might be added later, so it would be safer to add the
>> barrier?
> 
> The problem comes if the unfreeze is reordered so that it happens before the
> freezer has performed its work. For example, in
> migrate_huge_page_move_mapping:
> 
> 
> 	if (!page_ref_freeze(page, expected_count)) {
> 		spin_unlock_irq(&mapping->tree_lock);
> 		return -EAGAIN;
> 	}
> 
> 	newpage->index = page->index;
> 	newpage->mapping = page->mapping;
> 
> 	get_page(newpage);
> 
> 	radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
> 
> 	page_ref_unfreeze(page, expected_count - 1);
> 
> 
> then there's nothing stopping the CPU (and potentially the compiler) from
> reordering the unfreeze call so that it effectively becomes:
> 
> 
> 	if (!page_ref_freeze(page, expected_count)) {
> 		spin_unlock_irq(&mapping->tree_lock);
> 		return -EAGAIN;
> 	}
> 
> 	page_ref_unfreeze(page, expected_count - 1);
> 
> 	newpage->index = page->index;
> 	newpage->mapping = page->mapping;
> 
> 	get_page(newpage);
> 
> 	radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
> 
> 
> which then means that the freezer's work is carried out without the page
> being frozen.

But in this example the modifications are for newpage and freezing is
for page, so I think it doesn't apply. But I get the point.

> Will
> 
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@...ck.org.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@...ck.org"> email@...ck.org </a>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ