| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Mar 2022 11:31:11 +0000
From: HORIGUCHI NAOYA(堀口 直也)
<naoya.horiguchi@....com>
To: Mike Kravetz <mike.kravetz@...cle.com>
CC: Miaohe Lin <linmiaohe@...wei.com>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Oscar Salvador <osalvador@...e.de>,
Michal Hocko <mhocko@...e.com>,
Andrew Morton <akpm@...ux-foundation.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: Re: [PATCH] hugetlb: do not demote poisoned hugetlb pages
On Wed, Mar 16, 2022 at 03:31:57PM -0700, Mike Kravetz wrote:
> On 3/8/22 05:43, Miaohe Lin wrote:
> > On 2022/3/8 5:57, Mike Kravetz wrote:
> >> It is possible for poisoned hugetlb pages to reside on the free lists.
> >> The huge page allocation routines which dequeue entries from the free
> >> lists make a point of avoiding poisoned pages. There is no such check
> >> and avoidance in the demote code path.
> >>
> >> If a hugetlb page on the is on a free list, poison will only be set in
> >> the head page rather then the page with the actual error. If such a
> >> page is demoted, then the poison flag may follow the wrong page. A page
> >> without error could have poison set, and a page with poison could not
> >> have the flag set.
> >>
> >> Check for poison before attempting to demote a hugetlb page. Also,
> >> return -EBUSY to the caller if only poisoned pages are on the free list.
> >>
> >> Fixes: 8531fc6f52f5 ("hugetlb: add hugetlb demote page support")
> >> Signed-off-by: Mike Kravetz <mike.kravetz@...cle.com>
> >> Cc: <stable@...r.kernel.org>
> >> ---
> >> mm/hugetlb.c | 17 ++++++++++-------
> >> 1 file changed, 10 insertions(+), 7 deletions(-)
> >>
> >> diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> >> index b34f50156f7e..f8ca7cca3c1a 100644
> >> --- a/mm/hugetlb.c
> >> +++ b/mm/hugetlb.c
> >> @@ -3475,7 +3475,6 @@ static int demote_pool_huge_page(struct hstate *h, nodemask_t *nodes_allowed)
> >> {
> >> int nr_nodes, node;
> >> struct page *page;
> >> - int rc = 0;
> >>
> >> lockdep_assert_held(&hugetlb_lock);
> >>
> >> @@ -3486,15 +3485,19 @@ static int demote_pool_huge_page(struct hstate *h, nodemask_t *nodes_allowed)
> >> }
> >>
> >> for_each_node_mask_to_free(h, nr_nodes, node, nodes_allowed) {
> >> - if (!list_empty(&h->hugepage_freelists[node])) {
> >> - page = list_entry(h->hugepage_freelists[node].next,
> >> - struct page, lru);
> >> - rc = demote_free_huge_page(h, page);
> >> - break;
> >> + list_for_each_entry(page, &h->hugepage_freelists[node], lru) {
> >> + if (PageHWPoison(page))
> >> + continue;
> >> +
> >> + return demote_free_huge_page(h, page);
> >
> > It seems this patch is not ideal. Memory failure can hit the hugetlb page anytime without
> > holding the hugetlb_lock. So the page might become HWPoison just after the check. But this
> > patch should have handled the common case. Many thanks for your work. :)
> >
>
> Correct, this patch handles the common case of not demoting a hugetlb
> page if HWPoison is set. This is similar to code in the dequeue path
> used when allocating a huge page for allocation use.
>
> As you point out, work still needs to be done to better coordinate
> memory failure with demote as well as huge page freeing. As you know
> Naoya is working on this now. It is unclear if that work will be limited
> to memory error handling code, or if greater coordination with hugetlb
> code will be required.
I submitted v5 patch today and it changes memory-failure.c mostly.
The changes on hugetlb.c is only about get_hwpoison_huge_page(),
where checking compound_head() is done in hugetlb_lock, so it never
touches core logic on hugetlb allocation/free/demotion.
So the suggested change should cooperate well enough with my patch.
>
> Unless you have objections, I believe this patch should move forward and
> be backported to stable trees. If we determine that more coordination
> between memory error and hugetlb code is needed, that can be added later.
Sending to stable looks fine to me.
Thank you for the patch and helpingn on my thread.
Reviewed-by: Naoya Horiguchi <naoya.horiguchi@....com>
Powered by blists - more mailing lists