| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251213083639.364539-1-kartikey406@gmail.com>
Date: Sat, 13 Dec 2025 14:06:39 +0530
From: Deepanshu Kartikey <kartikey406@...il.com>
To: akpm@...ux-foundation.org,
axelrasmussen@...gle.com,
yuanchu@...gle.com,
weixugc@...gle.com,
hannes@...xchg.org,
david@...nel.org,
mhocko@...nel.org,
zhengqi.arch@...edance.com,
shakeel.butt@...ux.dev,
lorenzo.stoakes@...cle.com,
yuzhao@...gle.com,
heftig@...hlinux.org,
oleksandr@...alenko.name,
bgeffon@...gle.com
Cc: linux-mm@...ck.org,
linux-kernel@...r.kernel.org,
Deepanshu Kartikey <kartikey406@...il.com>,
syzbot+90fcab4d88cffed6d0d8@...kaller.appspotmail.com
Subject: [PATCH] mm: vmscan: always allow writeback during memcg reclaim
When laptop_mode is enabled, may_writepage is set to 0 in
try_to_free_mem_cgroup_pages(). This triggers a warning in MGLRU's
lru_gen_shrink_lruvec():
VM_WARN_ON_ONCE(!sc->may_writepage || !sc->may_unmap);
The warning occurs because MGLRU expects full reclaim capabilities to
function correctly. The call path is:
mem_cgroup_resize_max()
try_to_free_mem_cgroup_pages()
do_try_to_free_pages()
shrink_node()
shrink_lruvec()
lru_gen_shrink_lruvec() <-- WARNING
Unlike kswapd or direct reclaim where laptop_mode's disk-saving behavior
is a reasonable optimization, memcg limit enforcement is a hard
requirement - memory MUST be freed when a cgroup exceeds its limit.
The may_unmap field is already set unconditionally to 1 in this path,
acknowledging that memcg reclaim needs full capabilities.
Set may_writepage unconditionally to 1 for memcg reclaim to ensure
MGLRU works correctly and memory limits are properly enforced.
Fixes: bd74fdaea146 ("mm: multi-gen LRU: support page table walks")
Reported-by: syzbot+90fcab4d88cffed6d0d8@...kaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=90fcab4d88cffed6d0d8
Signed-off-by: Deepanshu Kartikey <kartikey406@...il.com>
---
Note: Only compile-tested. No reproducer available from syzbot.
---
mm/vmscan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/vmscan.c b/mm/vmscan.c
index 900c74b6aa62..5e1c99d9cbd7 100644
--- a/mm/vmscan.c
+++ b/mm/vmscan.c
@@ -6669,7 +6669,7 @@ unsigned long try_to_free_mem_cgroup_pages(struct mem_cgroup *memcg,
.reclaim_idx = MAX_NR_ZONES - 1,
.target_mem_cgroup = memcg,
.priority = DEF_PRIORITY,
- .may_writepage = !laptop_mode,
+ .may_writepage = 1,
.may_unmap = 1,
.may_swap = !!(reclaim_options & MEMCG_RECLAIM_MAY_SWAP),
.proactive = !!(reclaim_options & MEMCG_RECLAIM_PROACTIVE),
--
2.43.0
Powered by blists - more mailing lists