| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1af4fd61-7926-47c8-be45-833c0dbec08b@redhat.com>
Date: Wed, 24 Apr 2024 11:38:51 +0200
From: David Hildenbrand <david@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: linux-mm@...ck.org, linux-doc@...r.kernel.org, cgroups@...r.kernel.org,
linux-sh@...r.kernel.org, linux-trace-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>,
"Matthew Wilcox (Oracle)" <willy@...radead.org>, Peter Xu
<peterx@...hat.com>, Ryan Roberts <ryan.roberts@....com>,
Yin Fengwei <fengwei.yin@...el.com>, Yang Shi <shy828301@...il.com>,
Zi Yan <ziy@...dia.com>, Jonathan Corbet <corbet@....net>,
Hugh Dickins <hughd@...gle.com>, Yoshinori Sato
<ysato@...rs.sourceforge.jp>, Rich Felker <dalias@...c.org>,
John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>,
Chris Zankel <chris@...kel.net>, Max Filippov <jcmvbkbc@...il.com>,
Muchun Song <muchun.song@...ux.dev>, Miaohe Lin <linmiaohe@...wei.com>,
Naoya Horiguchi <naoya.horiguchi@....com>,
Richard Chang <richardycc@...gle.com>
Subject: Re: [PATCH v1 01/18] mm: allow for detecting underflows with
page_mapcount() again
On 09.04.24 21:22, David Hildenbrand wrote:
> Commit 53277bcf126d ("mm: support page_mapcount() on page_has_type()
> pages") made it impossible to detect mapcount underflows by treating
> any negative raw mapcount value as a mapcount of 0.
>
> We perform such underflow checks in zap_present_folio_ptes() and
> zap_huge_pmd(), which would currently no longer trigger.
>
> Let's check against PAGE_MAPCOUNT_RESERVE instead by using
> page_type_has_type(), like page_has_type() would, so we can still catch
> some underflows.
>
> Fixes: 53277bcf126d ("mm: support page_mapcount() on page_has_type() pages")
> Signed-off-by: David Hildenbrand <david@...hat.com>
> ---
> include/linux/mm.h | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/include/linux/mm.h b/include/linux/mm.h
> index ef34cf54c14f..0fb8a40f82dd 100644
> --- a/include/linux/mm.h
> +++ b/include/linux/mm.h
> @@ -1229,11 +1229,10 @@ static inline void page_mapcount_reset(struct page *page)
> */
> static inline int page_mapcount(struct page *page)
> {
> - int mapcount = atomic_read(&page->_mapcount) + 1;
> + int mapcount = atomic_read(&page->_mapcount);
>
> /* Handle page_has_type() pages */
> - if (mapcount < 0)
> - mapcount = 0;
> + mapcount = page_type_has_type(mapcount) ? 0 : mapcount + 1;
> if (unlikely(PageCompound(page)))
> mapcount += folio_entire_mapcount(page_folio(page));
>
From b49849001f3d2aad0af93cf2098065d7cbd9a959 Mon Sep 17 00:00:00 2001
From: David Hildenbrand <david@...hat.com>
Date: Wed, 24 Apr 2024 10:50:09 +0200
Subject: [PATCH] !fixup: mm: allow for detecting underflows with
page_mapcount() again
Let's make page_mapcount() slighly more efficient by inlining the
page_type_has_type() check.
Signed-off-by: David Hildenbrand <david@...hat.com>
---
include/linux/mm.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index dc33f8269fb52..cf700c5cdd58b 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -1229,10 +1229,11 @@ static inline void page_mapcount_reset(struct page *page)
*/
static inline int page_mapcount(struct page *page)
{
- int mapcount = atomic_read(&page->_mapcount);
+ int mapcount = atomic_read(&page->_mapcount) + 1;
/* Handle page_has_type() pages */
- mapcount = page_type_has_type(mapcount) ? 0 : mapcount + 1;
+ if (mapcount < PAGE_MAPCOUNT_RESERVE + 1)
+ mapcount = 0;
if (unlikely(PageCompound(page)))
mapcount += folio_entire_mapcount(page_folio(page));
--
2.44.0
--
Cheers,
David / dhildenb
Powered by blists - more mailing lists