lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z7_7vah_U1JzmpCX@google.com>
Date: Thu, 27 Feb 2025 05:44:29 +0000
From: Yosry Ahmed <yosry.ahmed@...ux.dev>
To: Johannes Weiner <hannes@...xchg.org>
Cc: Nhat Pham <nphamcs@...il.com>, akpm@...ux-foundation.org,
	chengming.zhou@...ux.dev, linux-mm@...ck.org, kernel-team@...a.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] zswap: do not crash the kernel on decompression
 failure

On Wed, Feb 26, 2025 at 11:31:41PM -0500, Johannes Weiner wrote:
> On Thu, Feb 27, 2025 at 01:19:31AM +0000, Yosry Ahmed wrote:
> > On Wed, Feb 26, 2025 at 04:14:45PM -0800, Nhat Pham wrote:
> > >  	if (WARN_ON_ONCE(folio_test_large(folio)))
> > >  		return true;
> > >  
> > > +	entry = xa_load(tree, offset);
> > > +	if (!entry)
> > > +		return false;
> > > +
> > 
> > A small comment here pointing out that we are deliberatly not setting
> > uptodate because of the failure may make things more obvious, or do you
> > think that's not needed?
> >
> > > +	if (!zswap_decompress(entry, folio))
> > > +		return true;
> 
> How about an actual -ev and have this in swap_read_folio():

Good idea, I was going to suggest an enum but this is simpler.

> 
>         ret = zswap_load(folio);
>         if (ret != -ENOENT) {
>                 folio_unlock(folio);
>                 goto finish;
>         }
> 
> 	read from swapfile...
> 
> Then in zswap_load(), move uptodate further up like this (I had
> previously suggested this):
> 
> 	if (!zswap_decompress(entry, folio))
> 		return -EIO;
> 
> 	folio_mark_uptodate(folio);
> 
> and I think it would be clear, even without or just minimal comments.

Another possibility is moving folio_mark_uptodate() back to
swap_read_folio(), which should make things even clearer imo as the
success/failure logic is all in one place:

	ret = zswap_load(folio);
	if (ret != -ENOENT) {
		folio_unlock(folio);
		/* Comment about not marking uptodate */
		if (!ret)
			folio_mark_uptodate();
		goto finish;
	}

or we can make it crystal clear we have 3 distinct cases:

	ret = zswap_load(folio);
	if (!ret) {
		folio_unlock(folio);
		folio_mark_uptodate();
		goto finish;
	} else if (ret != -ENOENT) {
		/* Comment about not marking uptodate */
		folio_unlock(folio);
		goto finish;
	}

WDYT?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ