lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 27 May 2019 14:23:31 +0200
From:   Vlastimil Babka <vbabka@...e.cz>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        zhong jiang <zhongjiang@...wei.com>
Cc:     osalvador@...e.de, khandual@...ux.vnet.ibm.com, mhocko@...e.com,
        mgorman@...hsingularity.net, aarcange@...hat.com,
        rcampbell@...dia.com, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/mempolicy: Fix an incorrect rebind node in
 mpol_rebind_nodemask

On 5/25/19 8:28 PM, Andrew Morton wrote:
> (Cc Vlastimil)

Oh dear, 2 years and I forgot all the details about how this works.

> On Sat, 25 May 2019 15:07:23 +0800 zhong jiang <zhongjiang@...wei.com> wrote:
> 
>> We bind an different node to different vma, Unluckily,
>> it will bind different vma to same node by checking the /proc/pid/numa_maps.   
>> Commit 213980c0f23b ("mm, mempolicy: simplify rebinding mempolicies when updating cpusets")
>> has introduced the issue.  when we change memory policy by seting cpuset.mems,
>> A process will rebind the specified policy more than one times. 
>> if the cpuset_mems_allowed is not equal to user specified nodes. hence the issue will trigger.
>> Maybe result in the out of memory which allocating memory from same node.

I have a hard time understanding what the problem is. Could you please
write it as a (pseudo) reproducer? I.e. an example of the process/admin
mempolicy/cpuset actions that have some wrong observed results vs the
correct expected result.

>> --- a/mm/mempolicy.c
>> +++ b/mm/mempolicy.c
>> @@ -345,7 +345,7 @@ static void mpol_rebind_nodemask(struct mempolicy *pol, const nodemask_t *nodes)
>>  	else {
>>  		nodes_remap(tmp, pol->v.nodes,pol->w.cpuset_mems_allowed,
>>  								*nodes);
>> -		pol->w.cpuset_mems_allowed = tmp;
>> +		pol->w.cpuset_mems_allowed = *nodes;

Looks like a mechanical error on my side when removing the code for
step1+step2 rebinding. Before my commit there was

pol->w.cpuset_mems_allowed = step ? tmp : *nodes;

Since 'step' was removed and thus 0, I should have used *nodes indeed.
Thanks for catching that.

>>  	}
>>  
>>  	if (nodes_empty(tmp))
> 
> hm, I'm not surprised the code broke.  What the heck is going on in
> there?  It used to have a perfunctory comment, but Vlastimil deleted
> it.

Yeah the comment was specific for the case that was being removed.

> Could someone please propose a comment for the above code block
> explaining why we're doing what we do?

I'll have to relearn this first...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ