| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Feb 2020 00:21:49 +0300
From: "Kirill A. Shutemov" <kirill@...temov.name>
To: Qian Cai <cai@....pw>
Cc: Matthew Wilcox <willy@...radead.org>, akpm@...ux-foundation.org,
elver@...gle.com, linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH -next] mm/filemap: fix a data race in filemap_fault()
On Mon, Feb 10, 2020 at 02:58:17PM -0500, Qian Cai wrote:
> On Mon, 2020-02-10 at 21:05 +0300, Kirill A. Shutemov wrote:
> > On Mon, Feb 10, 2020 at 09:25:11AM -0800, Matthew Wilcox wrote:
> > > On Mon, Feb 10, 2020 at 12:00:29PM -0500, Qian Cai wrote:
> > > > @@ -2622,7 +2622,7 @@ void filemap_map_pages(struct vm_fault *vmf,
> > > > if (page->index >= max_idx)
> > > > goto unlock;
> > > >
> > > > - if (file->f_ra.mmap_miss > 0)
> > > > + if (data_race(file->f_ra.mmap_miss > 0))
> > > > file->f_ra.mmap_miss--;
> > >
> > > How is this safe? Two threads can each see 1, and then both decrement the
> > > in-memory copy, causing it to end up at -1.
> >
> > Right, it is bogus.
> >
> > Below is my completely untested attempt on fix this. It still allows
> > races, but they will only lead to missed accounting, but not underflow.
>
> Looks good to me. Do you plan to send out an official patch?
Feel free to submit it. After testing.
--
Kirill A. Shutemov
Powered by blists - more mailing lists