| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Jun 2020 17:56:58 -0400
From: Andrea Arcangeli <aarcange@...hat.com>
To: Robin Murphy <robin.murphy@....com>
Cc: Joerg Roedel <joro@...tes.org>, Roman Gushchin <guro@...com>,
Yang Shi <shy828301@...il.com>,
iommu@...ts.linux-foundation.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux MM <linux-mm@...ck.org>,
Michal Hocko <mhocko@...nel.org>,
Johannes Weiner <hannes@...xchg.org>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Wei Yang <richardw.yang@...ux.intel.com>,
Will Deacon <will@...nel.org>
Subject: Re: kernel BUG at mm/huge_memory.c:2613!
Hello,
On Mon, Jun 22, 2020 at 04:30:41PM +0100, Robin Murphy wrote:
> On 2020-06-22 13:46, Joerg Roedel wrote:
> > + Robin
> >
> > Robin, any idea on this?
>
> After a bit of archaeology, this dates back to the original review:
>
> https://lore.kernel.org/linux-arm-kernel/54C285D4.3070802@arm.com/
> https://lore.kernel.org/linux-arm-kernel/54DA2666.9030003@arm.com/
>
> In summary: originally this inherited from other arch code that did
> simply strip __GFP_COMP; that was deemed questionable because of the
> nonsensical comment about CONFIG_HUGETLBFS that was stuck to it; the
> current code is like it is because in 5 and a half years nobody said
> that it's wrong :)
>
> If there actually *are* good reasons for stripping __GFP_COMP, then I've
> certainly no objection to doing so.
The main question is if there's any good reasons for not forbidding
__GFP_COMP to be specified in the callers. The reason given in the
comment isn't convincing.
I don't see how a caller that gets a pointer can care about how the
page structure looks like and in turn why it's asking for __GFP_COMP.
As far as I can tell there are two orthogonal issues in play here:
1) The comment about __GFP_COMP facilitating the sound driver to do
partial mapping doesn't make much sense. It's probably best to
WARN_ON immediately in dma_alloc_coherent if __GFP_COMP is
specified, not only down the call stack in the
__iommu_dma_alloc_pages() path.
Note: the CMA paths would already ignore __GFP_COMP if it's
specified so that __GFP_COMP request can already be ignored. It
sounds preferable to warn the caller it's asking something it can't
get, than to silently ignore __GFP_COMP.
On a side note: hugetlbfs/THP pages can only be allocated with
__GFP_COMP because for example put_page() must work on all tail
pages (you can't call compound_head() unless the tail page is part
of a compound page). But for private driver pages mapped by
remap_pfn_range, any full or partial mapping is done manually and
nobody can call GUP on VM_PFNMAP|VM_IO anyway (there's not even the
requirement of a page struct backing those mappings in fact).
2) __iommu_dma_alloc_pages cannot use __GFP_COMP if it intends to
return an array of small pages, which is the only thing that the
current sg_alloc_table_from_pages() supports in input. split_page
will work as expected to generate small pages from non-compound
order>0 pages, incidentally it's implement on mm/page_alloc.c, not
in huge_memory.c.
split_huge_page as opposed is not intended to be used on newly
allocated compound page. Maybe we should renamed it to
split_trans_huge_page to make it more explicit, since it won't even
work on hugetlbfs (compound) pages.
Thanks,
Andrea
Powered by blists - more mailing lists