lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 12 Oct 2022 03:10:26 +0100
From:   Matthew Wilcox <willy@...radead.org>
To:     "Vishal Moola (Oracle)" <vishal.moola@...il.com>
Cc:     akpm@...ux-foundation.org, hughd@...gle.com,
        linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/4] filemap: find_lock_entries() now updates start offset

On Tue, Oct 11, 2022 at 02:56:31PM -0700, Vishal Moola (Oracle) wrote:
> @@ -2116,7 +2118,16 @@ unsigned find_lock_entries(struct address_space *mapping, pgoff_t start,
>  		folio_put(folio);
>  	}
>  	rcu_read_unlock();
> +	nr = folio_batch_count(fbatch);
> +
> +	if (nr) {
> +		folio = fbatch->folios[nr - 1];
> +		nr = folio_nr_pages(folio);
>  
> +		if (folio_test_hugetlb(folio))
> +			nr = 1;
> +		*start = folio->index + nr;
> +	}

Hmm ... this is going to go wrong if the folio is actually a shadow
entry, isn't it?

> +++ b/mm/shmem.c
> @@ -922,21 +922,18 @@ static void shmem_undo_range(struct inode *inode, loff_t lstart, loff_t lend,
>  
>  	folio_batch_init(&fbatch);
>  	index = start;
> -	while (index < end && find_lock_entries(mapping, index, end - 1,
> +	while (index < end && find_lock_entries(mapping, &index, end - 1,
>  			&fbatch, indices)) {
>  		for (i = 0; i < folio_batch_count(&fbatch); i++) {
>  			folio = fbatch.folios[i];
>  
> -			index = indices[i];
> -
>  			if (xa_is_value(folio)) {
>  				if (unfalloc)
>  					continue;
>  				nr_swaps_freed += !shmem_free_swap(mapping,
> -								index, folio);
> +							folio->index, folio);

We know this is a value entry, so we definitely can't look at
folio->index.  This should probably be:

+							indices[i], folio);

> @@ -510,20 +509,18 @@ unsigned long invalidate_mapping_pagevec(struct address_space *mapping,
>  	int i;
>  
>  	folio_batch_init(&fbatch);
> -	while (find_lock_entries(mapping, index, end, &fbatch, indices)) {
> +	while (find_lock_entries(mapping, &index, end, &fbatch, indices)) {
>  		for (i = 0; i < folio_batch_count(&fbatch); i++) {
>  			struct folio *folio = fbatch.folios[i];
>  
>  			/* We rely upon deletion not changing folio->index */
> -			index = indices[i];
>  
>  			if (xa_is_value(folio)) {
>  				count += invalidate_exceptional_entry(mapping,
> -								      index,
> -								      folio);
> +								  folio->index,
> +								  folio);

Same here.  I'd fix the indent while you're at it to get more on that
second line and not need a third line.

Powered by blists - more mailing lists