| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YR05JVZwfAlZO9Wh@casper.infradead.org>
Date: Wed, 18 Aug 2021 17:45:25 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Hugh Dickins <hughd@...gle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] mm: Remove bogus VM_BUG_ON
On Wed, Aug 18, 2021 at 09:34:51AM -0700, Hugh Dickins wrote:
> On Wed, 18 Aug 2021, Matthew Wilcox (Oracle) wrote:
>
> > It is not safe to check page->index without holding the page lock.
> > It can be changed if the page is moved between the swap cache and the
> > page cache for a shmem file, for example. There is a VM_BUG_ON below
> > which checks page->index is correct after taking the page lock.
> >
> > Cc: stable@...r.kernel.org
> > Fixes: 5c211ba29deb ("mm: add and use find_lock_entries")
>
> I don't mind that VM_BUG_ON_PAGE() being removed, but question whether
> this Fixes anything, and needs to go to stable. Or maybe it's just that
> the shmem example is wrong - moving shmem from page to swap cache does
> not change page->index. Or maybe you have later changes in your tree
> which change that and do require this. Otherwise, I'll have to worry
> why my testing has missed it for six months.
I'm sorry, I think you're going to have to worry :-( Syzbot found
it initially:
https://lore.kernel.org/linux-mm/0000000000009cfcda05c926b34b@google.com/
and then I hit it today during my testing (which is definitely due to
further changes in my tree).
I should have added:
Reported-by: syzbot+c87be4f669d920c76330@...kaller.appspotmail.com
Powered by blists - more mailing lists