lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 21 Apr 2022 16:20:13 +0200
From:   David Hildenbrand <david@...hat.com>
To:     Miaohe Lin <linmiaohe@...wei.com>, akpm@...ux-foundation.org
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Oscar Salvador <osalvador@...e.de>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Naoya Horiguchi <naoya.horiguchi@....com>
Subject: Re: [PATCH] mm/memory_hotplug: avoid consuming corrupted data when
 offline pages

On 21.04.22 15:51, Miaohe Lin wrote:
> When trying to offline pages, HWPoisoned hugepage is migrated without
> checking PageHWPoison first. So corrupted data could be consumed. Fix
> it by deferring isolate_huge_page until PageHWPoison is handled.
> 

CCing Oscar, Mike and Naoya

> Signed-off-by: Miaohe Lin <linmiaohe@...wei.com>
> ---
>  mm/memory_hotplug.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c
> index 4c6065e5d274..093f85ec5c5c 100644
> --- a/mm/memory_hotplug.c
> +++ b/mm/memory_hotplug.c
> @@ -1600,11 +1600,9 @@ do_migrate_range(unsigned long start_pfn, unsigned long end_pfn)
>  		folio = page_folio(page);
>  		head = &folio->page;
>  
> -		if (PageHuge(page)) {
> +		if (PageHuge(page))
>  			pfn = page_to_pfn(head) + compound_nr(head) - 1;
> -			isolate_huge_page(head, &source);
> -			continue;
> -		} else if (PageTransHuge(page))
> +		else if (PageTransHuge(page))
>  			pfn = page_to_pfn(head) + thp_nr_pages(page) - 1;
>  
>  		/*
> @@ -1622,6 +1620,11 @@ do_migrate_range(unsigned long start_pfn, unsigned long end_pfn)
>  			continue;
>  		}
>  
> +		if (PageHuge(page)) {
> +			isolate_huge_page(head, &source);
> +			continue;
> +		}
> +
>  		if (!get_page_unless_zero(page))
>  			continue;
>  		/*

The problem statement makes sense to me but I am not sure about the
details if we run into the "PageHWPoison" path with a huge page. I have
the gut feeling that we have to do more for huge pages in the
PageHWPoison() path, because we might be dealing with a free huge page
after unmap succeeds. I might be wrong.

-- 
Thanks,

David / dhildenb

Powered by blists - more mailing lists