| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Aug 2022 04:17:50 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Hugh Dickins <hughd@...gle.com>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] shmem: Update folio if shmem_replace_page() updates the
page
On Tue, Aug 02, 2022 at 05:46:37PM -0700, Andrew Morton wrote:
> On Sat, 30 Jul 2022 05:25:18 +0100 "Matthew Wilcox (Oracle)" <willy@...radead.org> wrote:
>
> > If we allocate a new page, we need to make sure that our folio matches
> > that new page. This will be solved by changing shmem_replace_page()
> > to shmem_replace_folio(), but this is the minimal fix.
> >
> > ...
> >
> > --- a/mm/shmem.c
> > +++ b/mm/shmem.c
> > @@ -1771,6 +1771,7 @@ static int shmem_swapin_folio(struct inode *inode, pgoff_t index,
> >
> > if (shmem_should_replace_folio(folio, gfp)) {
> > error = shmem_replace_page(&page, gfp, info, index);
> > + folio = page_folio(page);
> > if (error)
> > goto failed;
> > }
>
> What are the user-visible runtime effects of the bug?
>
> Should we backport this into 5.19.X?
Definitely should be backported. The next line not visible in this
patch context says:
error = shmem_add_to_page_cache(folio, mapping, index,
swp_to_radix_entry(swap), gfp,
charge_mm);
so if we do end up in this path, we store the wrong page in the
shmem inode's page cache, and I would rather imagine that data
corruption ensues.
Powered by blists - more mailing lists