lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250416043147.31208-1-alexjlzheng@tencent.com>
Date: Wed, 16 Apr 2025 12:31:47 +0800
From: Jinliang Zheng <alexjlzheng@...il.com>
To: akpm@...ux-foundation.org
Cc: alexjlzheng@...il.com,
	alexjlzheng@...cent.com,
	andrea@...terlinux.com,
	fengguang.wu@...el.com,
	linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-mm@...ck.org,
	mengensun@...cent.com,
	stable@...r.kernel.org,
	willy@...radead.org
Subject: Re: [PATCH v2] mm: fix ratelimit_pages update error in dirty_ratio_handler()

On Tue, 15 Apr 2025 18:58:51 -0700, akpm@...ux-foundation.org wrote:
> On Tue, 15 Apr 2025 17:02:32 +0800 alexjlzheng@...il.com wrote:
> 
> > From: Jinliang Zheng <alexjlzheng@...cent.com>
> > 
> > In the dirty_ratio_handler() function, vm_dirty_bytes must be set to
> > zero before calling writeback_set_ratelimit(), as global_dirty_limits()
> > always prioritizes the value of vm_dirty_bytes.
> 
> Can you please tell us precisely where global_dirty_limits()
> prioritizes vm_dirty_bytes?  I spent a while chasing code and didn't
> see how global_dirty_limits() gets to node_dirty_ok()(?).

Thank you for your reply.

It's domain_dirty_limits() that's relevant here, not node_dirty_ok:

  dirty_ratio_handler
    writeback_set_ratelimit
      global_dirty_limits(&dirty_thresh)           <- ratelimit_pages based on dirty_thresh
        domain_dirty_limits
          if (bytes)                               <- bytes = vm_dirty_bytes <--------+
            thresh = f1(bytes)                     <- prioritizes vm_dirty_bytes      |
          else                                                                        |
            thresh = f2(ratio)                                                        |
      ratelimit_pages = f3(dirty_thresh)                                              |
    vm_dirty_bytes = 0                             <- it's late! ---------------------+

> 
> > That causes ratelimit_pages to still use the value calculated based on
> > vm_dirty_bytes, which is wrong now.
> > 
> > Fixes: 9d823e8f6b1b ("writeback: per task dirty rate limit")
> > Signed-off-by: Jinliang Zheng <alexjlzheng@...cent.com>
> > Reviewed-by: MengEn Sun <mengensun@...cent.com>
> > Cc: stable@...r.kernel.org
> 
> Please, as always, provide a description of the userspace-visible
> effects of this bug?

The impact visible to userspace is difficult to capture directly because there is no
procfs/sysfs interface exported to user space. However, it will have a real impact
on the balance of dirty pages.

For example:
1. On default, we have vm_dirty_ratio=40, vm_dirty_bytes=0
2. echo 8192 > dirty_bytes, then vm_dirty_bytes=8192, vm_dirty_ratio=0, and ratelimit_pages
   is calculated based on vm_dirty_bytes now.
3. echo 20 > dirty_ratio, then since vm_dirty_bytes is not reset to zero when
   writeback_set_ratelimit() -> global_dirty_limits() -> domain_dirty_limits() is called,
   reallimit_pages is still calculated based on vm_dirty_bytes instead of vm_dirty_ratio.
   This does not conform to the actual intention of the user.

thanks,
Jinliang Zheng :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ