lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20251001135201.fgidcx2w7jnmxinh@master>
Date: Wed, 1 Oct 2025 13:52:01 +0000
From: Wei Yang <richard.weiyang@...il.com>
To: Lance Yang <lance.yang@...ux.dev>
Cc: Wei Yang <richard.weiyang@...il.com>, akpm@...ux-foundation.org,
	david@...hat.com, lorenzo.stoakes@...cle.com,
	Liam.Howlett@...cle.com, baohua@...nel.org,
	baolin.wang@...ux.alibaba.com, dev.jain@....com, hughd@...gle.com,
	ioworker0@...il.com, kirill@...temov.name,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	mpenttil@...hat.com, npache@...hat.com, ryan.roberts@....com,
	ziy@...dia.com
Subject: Re: [PATCH mm-new v2 1/1] mm/khugepaged: abort collapse scan on
 non-swap entries

On Wed, Oct 01, 2025 at 06:05:57PM +0800, Lance Yang wrote:
>
>
>On 2025/10/1 16:54, Wei Yang wrote:
>> On Wed, Oct 01, 2025 at 11:22:51AM +0800, Lance Yang wrote:
>> > From: Lance Yang <lance.yang@...ux.dev>
>> > 
>> > Currently, special non-swap entries (like migration, hwpoison, or PTE
>> > markers) are not caught early in hpage_collapse_scan_pmd(), leading to
>> > failures deep in the swap-in logic.
>> > 
>> > hpage_collapse_scan_pmd()
>> > `- collapse_huge_page()
>> >      `- __collapse_huge_page_swapin() -> fails!
>> > 
>> > As David suggested[1], this patch skips any such non-swap entries
>> > early. If any one is found, the scan is aborted immediately with the
>> > SCAN_PTE_NON_PRESENT result, as Lorenzo suggested[2], avoiding wasted
>> > work.
>> > 
>> > [1] https://lore.kernel.org/linux-mm/7840f68e-7580-42cb-a7c8-1ba64fd6df69@redhat.com
>> > [2] https://lore.kernel.org/linux-mm/7df49fe7-c6b7-426a-8680-dcd55219c8bd@lucifer.local
>> > 
>> > Suggested-by: David Hildenbrand <david@...hat.com>
>> > Suggested-by: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
>> > Signed-off-by: Lance Yang <lance.yang@...ux.dev>
>> > ---
>> > v1 -> v2:
>> > - Skip all non-present entries except swap entries (per David) thanks!
>> > - https://lore.kernel.org/linux-mm/20250924100207.28332-1-lance.yang@linux.dev/
>> > 
>> > mm/khugepaged.c | 32 ++++++++++++++++++--------------
>> > 1 file changed, 18 insertions(+), 14 deletions(-)
>> > 
>> > diff --git a/mm/khugepaged.c b/mm/khugepaged.c
>> > index 7ab2d1a42df3..d0957648db19 100644
>> > --- a/mm/khugepaged.c
>> > +++ b/mm/khugepaged.c
>> > @@ -1284,7 +1284,23 @@ static int hpage_collapse_scan_pmd(struct mm_struct *mm,
>> > 	for (addr = start_addr, _pte = pte; _pte < pte + HPAGE_PMD_NR;
>> > 	     _pte++, addr += PAGE_SIZE) {
>> > 		pte_t pteval = ptep_get(_pte);
>> > -		if (is_swap_pte(pteval)) {
>> 
>> It looks is_swap_pte() is mis-leading?
>
>Hmm.. not to me, IMO. is_swap_pte() just means:
>
>!pte_none(pte) && !pte_present(pte)
>
>> 
>> > +		if (pte_none(pteval) || is_zero_pfn(pte_pfn(pteval))) {
>> > +			++none_or_zero;
>> > +			if (!userfaultfd_armed(vma) &&
>> > +			    (!cc->is_khugepaged ||
>> > +			     none_or_zero <= khugepaged_max_ptes_none)) {
>> > +				continue;
>> > +			} else {
>> > +				result = SCAN_EXCEED_NONE_PTE;
>> > +				count_vm_event(THP_SCAN_EXCEED_NONE_PTE);
>> > +				goto out_unmap;
>> > +			}
>> > +		} else if (!pte_present(pteval)) {
>> > +			if (non_swap_entry(pte_to_swp_entry(pteval))) {
>> > +				result = SCAN_PTE_NON_PRESENT;
>> > +				goto out_unmap;
>> > +			}
>> > +
>> > 			++unmapped;
>> > 			if (!cc->is_khugepaged ||
>> > 			    unmapped <= khugepaged_max_ptes_swap) {
>> > @@ -1293,7 +1309,7 @@ static int hpage_collapse_scan_pmd(struct mm_struct *mm,
>> > 				 * enabled swap entries.  Please see
>> > 				 * comment below for pte_uffd_wp().
>> > 				 */
>> > -				if (pte_swp_uffd_wp_any(pteval)) {
>> > +				if (pte_swp_uffd_wp(pteval)) {
>> 
>> I am not sure why we want to change this. There is no description in the
>> change log.
>> 
>> Would you mind giving some hint on this?
>
>The reason is that pte_swp_uffd_wp_any(pte) is broader than what
>we need :)
>
>static inline bool pte_swp_uffd_wp_any(pte_t pte)
>{
>#ifdef CONFIG_PTE_MARKER_UFFD_WP
>	if (!is_swap_pte(pte))
>		return false;
>
>	if (pte_swp_uffd_wp(pte))
>		return true;
>
>	if (pte_marker_uffd_wp(pte))
>		return true;
>#endif
>	return false;
>}
>
>In the context within hpage_collapse_scan_pmd(), we are already inside
>an is_swap_pte() block, and we have just handled all non-swap entries
>(which would include pte_marker_uffd_wp()).
>
>So we only need to check if the swap entry itself is write-protected
>for userfaultfd ;)
>
>Hope that explains it. I skipped it in the changelog as it's a tiny
>cleanup ...

Thanks, I got it.

Generally, looks good to me.

Reviewed-by: Wei Yang <richard.weiyang@...il.com>

-- 
Wei Yang
Help you, Help me

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ