lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 13 Feb 2019 13:03:30 +0100
From:   Michal Hocko <mhocko@...nel.org>
To:     Minchan Kim <minchan@...nel.org>
Cc:     gregkh@...uxfoundation.org, linux-mm <linux-mm@...ck.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Johannes Weiner <hannes@...xchg.org>,
        "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Hugh Dickins <hughd@...gle.com>,
        Liu Bo <bo.liu@...ux.alibaba.com>, stable@...r.kernel.org
Subject: Re: [PATCH] mm: Fix the pgtable leak

On Wed 13-02-19 20:29:00, Minchan Kim wrote:
> [1] was backported to v4.9 stable tree but it introduces pgtable
> memory leak because with fault retrial, preallocated pagetable
> could be leaked in second iteration.
> To fix the problem, this patch backport [2].
> 
> [1] 5cf3e5ff95876, mm, memcg: fix reclaim deadlock with writeback
> [2] b0b9b3df27d10, mm: stop leaking PageTables
> 
> Fixes: 5cf3e5ff95876 ("mm, memcg: fix reclaim deadlock with writeback")
> Cc: Johannes Weiner <hannes@...xchg.org>
> Cc: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> Cc: Michal Hocko <mhocko@...e.com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Cc: Hugh Dickins <hughd@...gle.com>
> Cc: Liu Bo <bo.liu@...ux.alibaba.com>
> Cc: <stable@...r.kernel.org> [4.9]
> Signed-off-by: Minchan Kim <minchan@...nel.org>

Thanks for catching this dependency. Do I assume it correctly that this
is stable-4.9 only?

> ---
>  mm/memory.c | 21 +++++++++++++++------
>  1 file changed, 15 insertions(+), 6 deletions(-)
> 
> diff --git a/mm/memory.c b/mm/memory.c
> index 35d8217bb0467..47248dc0b9e1a 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -3329,15 +3329,24 @@ static int do_fault(struct fault_env *fe)
>  {
>  	struct vm_area_struct *vma = fe->vma;
>  	pgoff_t pgoff = linear_page_index(vma, fe->address);
> +	int ret;
>  
>  	/* The VMA was not fully populated on mmap() or missing VM_DONTEXPAND */
>  	if (!vma->vm_ops->fault)
> -		return VM_FAULT_SIGBUS;
> -	if (!(fe->flags & FAULT_FLAG_WRITE))
> -		return do_read_fault(fe, pgoff);
> -	if (!(vma->vm_flags & VM_SHARED))
> -		return do_cow_fault(fe, pgoff);
> -	return do_shared_fault(fe, pgoff);
> +		ret = VM_FAULT_SIGBUS;
> +	else if (!(fe->flags & FAULT_FLAG_WRITE))
> +		ret = do_read_fault(fe, pgoff);
> +	else if (!(vma->vm_flags & VM_SHARED))
> +		ret = do_cow_fault(fe, pgoff);
> +	else
> +		ret = do_shared_fault(fe, pgoff);
> +
> +	/* preallocated pagetable is unused: free it */
> +	if (fe->prealloc_pte) {
> +		pte_free(vma->vm_mm, fe->prealloc_pte);
> +		fe->prealloc_pte = 0;
> +	}
> +	return ret;
>  }
>  
>  static int numa_migrate_prep(struct page *page, struct vm_area_struct *vma,
> -- 
> 2.20.1.791.gb4d0f1c61a-goog
> 

-- 
Michal Hocko
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ