From patchwork Mon Mar 18 23:00:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Barry Song <21cnbao@gmail.com> X-Patchwork-Id: 13596007 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 80BDFC54E58 for ; Mon, 18 Mar 2024 23:00:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D46208D0006; Mon, 18 Mar 2024 19:00:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CF5708D0002; Mon, 18 Mar 2024 19:00:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B6F668D0006; Mon, 18 Mar 2024 19:00:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id A54048D0002 for ; Mon, 18 Mar 2024 19:00:32 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 3C1CD40F56 for ; Mon, 18 Mar 2024 23:00:32 +0000 (UTC) X-FDA: 81911680704.06.5364BD7 Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by imf06.hostedemail.com (Postfix) with ESMTP id 6948C18002E for ; Mon, 18 Mar 2024 23:00:29 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=k+IaeRxG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf06.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.210.170 as permitted sender) smtp.mailfrom=21cnbao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710802829; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=knuy5c2qliqG2FNwU48/FMhWrEftpX+A/MIcSa4Nh2w=; b=6sfWMiWxbNEPXSh7j/EucPIxZbY9yOBZ0kWf/5wIHGQH2fKkf/Jq9/MRRPC4EwuL7j7McA TUehPXGgWSkkdVr0+J5+/Ua+IQivJBX+a14rA51Fy0NhXO9gkEWFsmLunDkwcWy5cFX+WR RFtJgI1U3f/ihT5NH8FvJzRFSIluTwM= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=k+IaeRxG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf06.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.210.170 as permitted sender) smtp.mailfrom=21cnbao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710802829; a=rsa-sha256; cv=none; b=aNfsJYgJCOFeuvS2tyZpmwfn7qMC1i4tl1f0Cd/iyWQgNaSp7AJ3gDsym6OL5bFYrhEdAJ qLGm9DbW3BmiGd5rXfjdcJjsLluNniwfFxJ8WB3zeluXdDYawirx/jZV6SaE5p8gnkzPKI cx6sPlRUmWHa0g9OAhP/eAOwOnbOgG4= Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-6e6b5aa0b52so4106844b3a.3 for ; Mon, 18 Mar 2024 16:00:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710802828; x=1711407628; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=knuy5c2qliqG2FNwU48/FMhWrEftpX+A/MIcSa4Nh2w=; b=k+IaeRxGEHYDsDnJ+f8dn33Q/77Ry42vvvQHksWwIIabNDrTxP7jIqaNroVrqPpDjx jbzI5TL13EtvCmT5ZpYzUR21dEGPGVxq/sRNy70gKECgkFEcOMmM+9JXVnOf4dRlvLkq wADzQiPlj8cpsddtgH00p17Ut6rddPRSm+EaMTCVNN3JlprDtH+YlFPfkNWj8MZO/z/Z uepklv0KNXLEIE7efz8UbCPv+blKDwvHQIHlqrZJGrUv9buqEw7kyKooZdJbPjgegg6j +tPh/8lb6h4gMb441NlYstxqKaj9xELQPJkdhl6nEJlUdp9m976ULKfFjPlIWpGJOVJX rV9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710802828; x=1711407628; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=knuy5c2qliqG2FNwU48/FMhWrEftpX+A/MIcSa4Nh2w=; b=ciAxAMRd9E9qizt9GgBfQ8GQRZ39pBiVxns6/V0c5JxnTVPL9Jab8Sb/3NY5X7MO8t 5yeZ+jc0f6rVZLSRUChhSycXbpdAz4vMVBNOBJGN2V7nCMQms9mtK1lpOwAtdBzmo7Hg BSOSyFY+FwkJIRk5f9yQusSwWnSByyw41rtpP24SmikONLaPPJp3HZDfS6XB6dTqgT7I V9EqYUmwai25uyEcdPoJkKN+fLA008n28TCWNM7DuUsG/aIUEzpoPORtvwEnorAB2LT6 UGp9ONyHziSiROwfzHjpqH34tmhlvBDe+0tyeGi14S3vpXvFLdSh5s0UQfsLyDxBLGpX bKiw== X-Forwarded-Encrypted: i=1; AJvYcCX5MPNKuM2xjqjvdP2ZhffUDELj6sYFZnzH/FuR3uphOYnmPDffkIw5TvVBuVqFUhCLrNldcS6sODqLzMxkwFs8F4I= X-Gm-Message-State: AOJu0Yyo4GK0DhRi1siRGOR2XTHqjssxDq1wBD0VtCQNtdwVoH80zoir e4Xe/tlpa0ppV/bWaeghWEfNjmeXc93Ql42EhilOCUGcRyz1auhs X-Google-Smtp-Source: AGHT+IHxIS7qqMu/AV+b4ZDO7WewVppVr5aFkxSfYheo9LVfPDhWqAZqjjgxqqHnrCAER4FsTQcTvw== X-Received: by 2002:a05:6a00:80dd:b0:6e6:cf40:2d66 with SMTP id ei29-20020a056a0080dd00b006e6cf402d66mr12171635pfb.6.1710802827997; Mon, 18 Mar 2024 16:00:27 -0700 (PDT) Received: from localhost.localdomain ([2407:7000:8942:5500:aaa1:59ff:fe57:eb97]) by smtp.gmail.com with ESMTPSA id b19-20020aa78713000000b006e6c3753786sm8422856pfo.41.2024.03.18.16.00.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Mar 2024 16:00:27 -0700 (PDT) From: Barry Song <21cnbao@gmail.com> To: hannes@cmpxchg.org, yosryahmed@google.com, nphamcs@gmail.com, akpm@linux-foundation.org, chrisl@kernel.org, v-songbaohua@oppo.com, linux-mm@kvack.org Cc: linux-kernel@vger.kernel.org, ira.weiny@intel.com, syzbot+adbc983a1588b7805de3@syzkaller.appspotmail.com Subject: [PATCH] mm: zswap: fix kernel BUG in sg_init_one Date: Tue, 19 Mar 2024 12:00:13 +1300 Message-Id: <20240318230013.87543-1-21cnbao@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: 1iogbitdm4und8nncu3z38nrawwm64jn X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 6948C18002E X-HE-Tag: 1710802829-390660 X-HE-Meta: U2FsdGVkX1/1Sqwj7lIv4awQrUTwrYnFFPKysV1yIDxoDJZiQ/UigxU0p0wo/zX//GRB24LhDjiaAYaCla/wKMHqJ+uTwyExMxvXJAulK2zlxL1wwbPGA8d3Dk8a9JB/yIcPqfYp3YxyeSsKU4x8F4ZCbPS9RaYZXowQnGDOCe01n8habZCUBSFyAJcrj2uzLrc6tC9iOqFo8x9k9oEJ/7rJmi0KbdiB9F+tLK4RmpuJv2btxXQ2pMFrC2fa/3i7B7jKo3MHAaBMlTYTZIynWfSwa+jANlcOkmxfXPqLougKpib7oIHGxJ8SOpnY2zkT8R2FhbZiVYM5vpuk63cYuVa02pm+e6rYD/tGy/yVgxQSt7rEwaVAocovJPCRt43LL91sqnKoi4+F7iLgxDYswdiHdps6fIbjVoFTn8PcMhHcZ1X45ZCU54WvAa4OJaVh5SU0clW3kQQkM/JC3VHoRGqShtcBb83xtAJyyuKLh3Db9JTsP2QN2see0wtJuCDs/k6aRxgkAbJuV9NHsaxrFzibFMUhIEkoP39kdxH3VkOA4IMh8oeENIc+sCNIlDP6nGqxDSAj1B5AXITq5x8DslmjJpkYC2Kt7rFOmJKMucmAf/cqhL4Vk2D6BL6+uCBV+g7i19jlnK5A2zMZQklCptbAzEw5y7oTD1+bSD+p7HzP+MCHG9Zt07lNSS7FJ4SV2kT426LLtiISmsQ1xz/4WBJ2ndIlGf//qSZVYnArp9j9b05LNAeBMhC5NPdEIfgrxKDkriNfARjy2CVumcDHI4ahycPpevbNTWizeYyjtU7RI47DIUdTQrmGJAQaCOwnbbGxT6Nmwx5OyWbJbx6xaR9Kh4Korw6iWdASWQqob9yg70nZ3/n027aRfUGwe6fhPbJFYv55WO91WtOQZ26xpU9EMax/8k8nBy6I3HI1SvvhZaLO9c5P/BaKorQVnWFZd2JONfWQ3+Runy3XzzI MUs8dD2y rzuL0fV0arTxZwQEmVMPqLBqQ1n1yQfKbFTc9su4bOO+GQnYlqfyc8yXRDCGfGemC+DvaZaGgkL5I7VfAz5ZgyI4T7YBQSasjmOPCkkaae4OyzhTjfcFwoj583kFH5iMD49EGDsRGDZOfX9D/uwjINHR3pHcMaSxQL04no15g84QfiZ8BafJpmw9NSjSLyaLQkYY5kVHV4/WH7b1OQPm+35Oxme6O/Dt+/VSRmb8ALdKEpyezpWDkL0+SaHKV3B3AXtO7R1ejNTPj9paW+Wiszxm60toncXVvWezmmYGUfWgWK0TyrWCXHrGEuEtB7yjCfnCPZsxRGwRHB0H7d17TsV5Ez1fr9tYiFYZZUfFG+wxxy71cM4BH53ZgCgTpXyDI30qVVwi+HEavNEvrntS0yC/kxhmbX4evCii76lKuIGp8StEE5SfRl6sAz3DCMC4Gb2a1nW+oFdH9fEqBc+7RKeQZrAXeNbe2ALyR8S0fTMdDVv7Bfwev4ku3YRJatbKcNWBhpLG2ctlti1P5Ah6u6XY8bZNJh7RyGdCj0oL8UqO3lswdrpzzYhxVxCrIfydip+UxBKdtFuZb5PeDG3yoeNx7wSjTC74JTJxuzPBEwVcyVl2Y54md348/BmLBp8ey1dW4b0RiLGOmf6YKlAlV1BjjpkKN6OmbSGXDemx36A0jCfjqqyCkItTp7vWz4ZKPZnGaVJ97QRJX0BBc6Rg8eAF+jSpOnqq/oOg1pNuCmJRio3CxXvDieuJDPGgRT9Ss7la4HMVD8Qucxxs6h+L7w1xmEEeZ5ZnqeAKnXdJ0E9URsgSxJwvQ+/gNEA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Barry Song sg_init_one() relies on linearly mapped low memory for the safe utilization of virt_to_page(). Consequently, we have two choices: either employ kmap_to_page() alongside sg_set_page(), or resort to copying high memory contents to a temporary buffer residing in low memory. However, considering the introduction of the WARN_ON_ONCE in commit ef6e06b2ef870 ("highmem: fix kmap_to_page() for kmap_local_page() addresses"), which specifically addresses high memory concerns, it appears that memcpy remains the sole viable option. Reported-and-tested-by: syzbot+adbc983a1588b7805de3@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/000000000000bbb3d80613f243a6@google.com/ Fixes: 270700dd06ca ("mm/zswap: remove the memcpy if acomp is not sleepable") Signed-off-by: Barry Song --- mm/zswap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index 9dec853647c8..17bf6d87b274 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1080,7 +1080,8 @@ static void zswap_decompress(struct zswap_entry *entry, struct page *page) mutex_lock(&acomp_ctx->mutex); src = zpool_map_handle(zpool, entry->handle, ZPOOL_MM_RO); - if (acomp_ctx->is_sleepable && !zpool_can_sleep_mapped(zpool)) { + if ((acomp_ctx->is_sleepable && !zpool_can_sleep_mapped(zpool)) || + !virt_addr_valid(src)) { memcpy(acomp_ctx->buffer, src, entry->length); src = acomp_ctx->buffer; zpool_unmap_handle(zpool, entry->handle); @@ -1094,7 +1095,7 @@ static void zswap_decompress(struct zswap_entry *entry, struct page *page) BUG_ON(acomp_ctx->req->dlen != PAGE_SIZE); mutex_unlock(&acomp_ctx->mutex); - if (!acomp_ctx->is_sleepable || zpool_can_sleep_mapped(zpool)) + if (src != acomp_ctx->buffer) zpool_unmap_handle(zpool, entry->handle); }