lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 13 Jun 2024 20:46:13 +1200
From: Barry Song <21cnbao@...il.com>
To: david@...hat.com, akpm@...ux-foundation.org, linux-mm@...ck.org
Cc: chrisl@...nel.org, linux-kernel@...r.kernel.org, mhocko@...e.com, 
	ryan.roberts@....com, baolin.wang@...ux.alibaba.com, yosryahmed@...gle.com, 
	shy828301@...il.com, surenb@...gle.com, v-songbaohua@...o.com, 
	willy@...radead.org, ying.huang@...el.com, yuzhao@...gle.com
Subject: Re: [PATCH RFC 3/3] mm: remove folio_test_anon(folio)==false path in __folio_add_anon_rmap()

On Thu, Jun 13, 2024 at 12:08 PM Barry Song <21cnbao@...il.com> wrote:
>
> From: Barry Song <v-songbaohua@...o.com>
>
> The folio_test_anon(folio)==false case within do_swap_page() has been
> relocated to folio_add_new_anon_rmap(). Additionally, two other callers
> consistently pass anonymous folios.
>
> stack 1:
> remove_migration_pmd
>    -> folio_add_anon_rmap_pmd
>      -> __folio_add_anon_rmap
>
> stack 2:
> __split_huge_pmd_locked
>    -> folio_add_anon_rmap_ptes
>       -> __folio_add_anon_rmap
>
> __folio_add_anon_rmap() only needs to handle the cases
> folio_test_anon(folio)==true now.

My team reported a case where swapoff() is calling
folio_add_anon_rmap_pte *not* folio_add_anon_rmap_ptes
with one new anon  (!folio_test_anon(folio)).

I will double check all folio_add_anon_rmap_pte() cases.

>
> Suggested-by: David Hildenbrand <david@...hat.com>
> Signed-off-by: Barry Song <v-songbaohua@...o.com>
> ---
>  mm/rmap.c | 17 +++--------------
>  1 file changed, 3 insertions(+), 14 deletions(-)
>
> diff --git a/mm/rmap.c b/mm/rmap.c
> index e612d999811a..e84c706c8241 100644
> --- a/mm/rmap.c
> +++ b/mm/rmap.c
> @@ -1299,21 +1299,10 @@ static __always_inline void __folio_add_anon_rmap(struct folio *folio,
>
>         nr = __folio_add_rmap(folio, page, nr_pages, level, &nr_pmdmapped);
>
> -       if (unlikely(!folio_test_anon(folio))) {
> -               VM_WARN_ON_FOLIO(!folio_test_locked(folio), folio);
> -               /*
> -                * For a PTE-mapped large folio, we only know that the single
> -                * PTE is exclusive. Further, __folio_set_anon() might not get
> -                * folio->index right when not given the address of the head
> -                * page.
> -                */
> -               VM_WARN_ON_FOLIO(folio_test_large(folio) &&
> -                                level != RMAP_LEVEL_PMD, folio);
> -               __folio_set_anon(folio, vma, address,
> -                                !!(flags & RMAP_EXCLUSIVE));
> -       } else if (likely(!folio_test_ksm(folio))) {
> +       VM_WARN_ON_FOLIO(!folio_test_anon(folio), folio);
> +
> +       if (likely(!folio_test_ksm(folio)))
>                 __page_check_anon_rmap(folio, page, vma, address);
> -       }
>
>         __folio_mod_stat(folio, nr, nr_pmdmapped);
>
> --
> 2.34.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ