| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZZWfN6ymZ50MjzuQ@casper.infradead.org> Date: Wed, 3 Jan 2024 17:53:59 +0000 From: Matthew Wilcox <willy@...radead.org> To: Hillf Danton <hdanton@...a.com> Cc: Genes Lists <lists@...ience.com>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-mm@...ck.org Subject: Re: 6.6.8 stable: crash in folio_mark_dirty On Wed, Jan 03, 2024 at 06:49:07PM +0800, Hillf Danton wrote: > On Mon, 1 Jan 2024 14:11:02 +0000 Matthew Wilcox > > > > From an mm point of view, what is implicit is that truncate calls > > unmap_mapping_folio -> unmap_mapping_range_tree -> > > unmap_mapping_range_vma -> zap_page_range_single -> unmap_single_vma -> > > unmap_page_range -> zap_p4d_range -> zap_pud_range -> zap_pmd_range -> > > zap_pte_range -> pte_offset_map_lock() > > > > So a truncate will take the page lock, then spin on the pte lock > > until the racing munmap() has finished (ok, this was an exit(), not > > a munmap(), but exit() does an implicit munmap()). > > > But ptl fails to explain the warning reported, while the sequence in > __block_commit_write() > > mark_buffer_dirty(); > folio_mark_uptodate(); > > hints the warning is bogus. The folio is locked when filesystems call __block_commit_write(). Nothing explains the reported warning, IMO. Other than data corruption, and I'm not sure that we've found the last data corrupter.
Powered by blists - more mailing lists