lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 21 Oct 2019 15:48:48 +0200
From:   Oscar Salvador <osalvador@...e.de>
To:     Michal Hocko <mhocko@...nel.org>
Cc:     n-horiguchi@...jp.nec.com, mike.kravetz@...cle.com,
        linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v2 11/16] mm,hwpoison: Rework soft offline for in-use
 pages

On Fri, Oct 18, 2019 at 02:39:01PM +0200, Michal Hocko wrote:
> 
> I am sorry but I got lost in the above description and I cannot really
> make much sense from the code either. Let me try to outline the way how
> I think about this.
> 
> Say we have a pfn to hwpoison. We have effectivelly three possibilities
> - page is poisoned already - done nothing to do
> - page is managed by the buddy allocator - excavate from there
> - page is in use
> 
> The last category is the most interesting one. There are essentially
> three classes of pages
> - freeable
> - migrateable
> - others
> 
> We cannot do really much about the last one, right? Do we mark them
> HWPoison anyway?

We can only perform actions on LRU/Movable pages or hugetlb pages.

So unless the page does not fall into those areas, we do not do anything
with them.

> Freeable should be simply marked HWPoison and freed.
> For all those migrateable, we simply do migrate and mark HWPoison.
> Now the main question is how to handle HWPoison page when it is freed
> - aka last reference is dropped. The main question is whether the last
> reference is ever dropped. If yes then the free_pages_prepare should
> never release it to the allocator (some compound destructors would have
> to special case as well, e.g. hugetlb would have to hand over to the
> allocator rather than a pool). If not then the page would be lingering
> potentially with some state bound to it (e.g. memcg charge).  So I
> suspect you want the former.

For non-hugetlb pages, we do not call put_page in the migration path,
but we do it in page_handle_poison, after the page has been flagged as
hwpoison.
Then the check in free_papes_prepare will see that the page is hwpoison
and will bail out, so the page is not released into the allocator/pcp lists.

Hugetlb pages follow a different methodology.
They are dissolved, and then we split the higher-order page and take the
page off the buddy.
The problem is that while it is easy to hold a non-hugetlb page,
doing the same for hugetlb pages is not that easy:

1) we would need to hook in enqueue_hugetlb_page so the page is not enqueued
   into hugetlb freelists
2) when trying to free a hugetlb page, we would need to do as we do for gigantic
   pages now, and that is breaking down the pages into order-0 pages and release
   them to the buddy (so the check in free_papges_prepare would skip the
   hwpoison page).
   Trying to handle a higher-order hwpoison page in free_pages_prepare is
   a bit complicated.
   
There is one thing I was unsure though.
Bailing out at the beginning of free_pages_prepare if the page is hwpoison
means that the calls to

- __memcg_kmem_uncharge
- page_cpupid_reset_last
- reset_page_owner
- ...

will not be performed.
I thought this is right because the page is not really "free", it is just unusable,
so.. it should be still charged to the memcg?

-- 
Oscar Salvador
SUSE L3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ