| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87sgnih6gz.fsf@yhuang-dev.intel.com> Date: Thu, 24 Oct 2019 16:51:08 +0800 From: "Huang\, Ying" <ying.huang@...el.com> To: Chen Wandun <chenwandun@...wei.com> Cc: <linux-kernel@...r.kernel.org>, <linux-mm@...ck.org> Subject: Re: [Question] Is there race between swapoff and swapout Chen Wandun <chenwandun@...wei.com> writes: > I analysied the code about swapoff and swapout, and I suspected there may be a race. > The kernel version is 4.14 stable. > > CPU0 CPU1 > swapoff swap out > add_to_swap > get_swap_page > ...... get_swap_pages > spin_lock(&swap_avail_lock) > get swap_info_struct > spin_unlock(&swap_avail_lock) > spin_lock(&swap_avail_lock) > __def_from_avail_list(swap_info_struct) > spin_unlock(&swap_avail_lock) ...... > try_to_unuse // unuse all slot > /* get a free slot from swap_info_struct, > * and write data to slot later > */ > scan_swap_map_slots > free swap_info_struct > ....... > > > If CPU1 get the swap_info_struct first, then CPU0 delete it from list and > unuse all slot in swap_info_struct, before CPU0 free swap_info_struct CPU1 > call scan_swap_map_slots to alloc a free slot. > > I am not sure the analysis above is correct, > Please let me know if there is any mistake SWP_WRITEOK will be cleared during swapoff, and it is checked during swap slots allocation. Best Regards, Huang, Ying > Thanks > ChenWandun
Powered by blists - more mailing lists