From patchwork Thu Jul 15 04:26:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378635 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2AF63C47E48 for ; Thu, 15 Jul 2021 04:26:37 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id C94CB6136E for ; Thu, 15 Jul 2021 04:26:36 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C94CB6136E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 2B3316B0148; Thu, 15 Jul 2021 00:26:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 262D18D0038; Thu, 15 Jul 2021 00:26:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 12B018D0037; Thu, 15 Jul 2021 00:26:37 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0171.hostedemail.com [216.40.44.171]) by kanga.kvack.org (Postfix) with ESMTP id E59916B0148 for ; Thu, 15 Jul 2021 00:26:36 -0400 (EDT) Received: from smtpin18.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id D8A0E1801A888 for ; Thu, 15 Jul 2021 04:26:35 +0000 (UTC) X-FDA: 78363535950.18.422044E Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf09.hostedemail.com (Postfix) with ESMTP id 884B53000104 for ; Thu, 15 Jul 2021 04:26:35 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 687546128C; Thu, 15 Jul 2021 04:26:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323194; bh=r9Dc2vpQIsIfeUy7vPPdEik9j8pDK7B1iwVP2VimDHA=; h=Date:From:To:Subject:In-Reply-To:From; b=SYhkkQQ/BCTJ+5pkR+YcvfP/lA4k6KhQVlS7j2fU0Umw0ciP4bqVbOhdzwUJIauDv I3EBXwXScuRLJINa23tED+2d9y2jKUGHDgYsKV3aNcdBQfLskEt3nZcUeKu06MNShk xdGPU5nZSG7s/itF1f9d+5ecgcPc1srl8pHCGA6M= Date: Wed, 14 Jul 2021 21:26:34 -0700 From: Andrew Morton To: akpm@linux-foundation.org, andreyknvl@gmail.com, chinwen.chang@mediatek.com, dvyukov@google.com, elver@google.com, glider@google.com, Kuan-Ying.Lee@mediatek.com, linux-mm@kvack.org, mm-commits@vger.kernel.org, nicholas.tang@mediatek.com, ryabinin.a.a@gmail.com, torvalds@linux-foundation.org, willy@infradead.org, yee.lee@mediatek.com Subject: [patch 01/13] mm: move helper to check slub_debug_enabled Message-ID: <20210715042634.Ah06LCkDl%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 884B53000104 X-Stat-Signature: znw88kjsdrkzo7edhrxgr1tnyo8hju46 Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b="SYhkkQQ/"; dmarc=none; spf=pass (imf09.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org X-HE-Tag: 1626323195-526117 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Marco Elver Subject: mm: move helper to check slub_debug_enabled Move the helper to check slub_debug_enabled, so that we can confine the use of #ifdef outside slub.c as well. Link: https://lkml.kernel.org/r/20210705103229.8505-2-yee.lee@mediatek.com Signed-off-by: Marco Elver Signed-off-by: Yee Lee Suggested-by: Matthew Wilcox Cc: Alexander Potapenko Cc: Andrey Konovalov Cc: Andrey Ryabinin Cc: Chinwen Chang Cc: Dmitry Vyukov Cc: Kuan-Ying Lee Cc: Nicholas Tang Signed-off-by: Andrew Morton --- mm/slab.h | 15 +++++++++++---- mm/slub.c | 14 -------------- 2 files changed, 11 insertions(+), 18 deletions(-) --- a/mm/slab.h~mm-move-helper-to-check-slub_debug_enabled +++ a/mm/slab.h @@ -216,10 +216,18 @@ DECLARE_STATIC_KEY_FALSE(slub_debug_enab #endif extern void print_tracking(struct kmem_cache *s, void *object); long validate_slab_cache(struct kmem_cache *s); +static inline bool __slub_debug_enabled(void) +{ + return static_branch_unlikely(&slub_debug_enabled); +} #else static inline void print_tracking(struct kmem_cache *s, void *object) { } +static inline bool __slub_debug_enabled(void) +{ + return false; +} #endif /* @@ -229,11 +237,10 @@ static inline void print_tracking(struct */ static inline bool kmem_cache_debug_flags(struct kmem_cache *s, slab_flags_t flags) { -#ifdef CONFIG_SLUB_DEBUG - VM_WARN_ON_ONCE(!(flags & SLAB_DEBUG_FLAGS)); - if (static_branch_unlikely(&slub_debug_enabled)) + if (IS_ENABLED(CONFIG_SLUB_DEBUG)) + VM_WARN_ON_ONCE(!(flags & SLAB_DEBUG_FLAGS)); + if (__slub_debug_enabled()) return s->flags & flags; -#endif return false; } --- a/mm/slub.c~mm-move-helper-to-check-slub_debug_enabled +++ a/mm/slub.c @@ -120,25 +120,11 @@ */ #ifdef CONFIG_SLUB_DEBUG - #ifdef CONFIG_SLUB_DEBUG_ON DEFINE_STATIC_KEY_TRUE(slub_debug_enabled); #else DEFINE_STATIC_KEY_FALSE(slub_debug_enabled); #endif - -static inline bool __slub_debug_enabled(void) -{ - return static_branch_unlikely(&slub_debug_enabled); -} - -#else /* CONFIG_SLUB_DEBUG */ - -static inline bool __slub_debug_enabled(void) -{ - return false; -} - #endif /* CONFIG_SLUB_DEBUG */ static inline bool kmem_cache_debug(struct kmem_cache *s) From patchwork Thu Jul 15 04:26:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378637 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B172C1B08C for ; Thu, 15 Jul 2021 04:26:40 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 0AB8661377 for ; Thu, 15 Jul 2021 04:26:40 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0AB8661377 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 60E9B8D0037; Thu, 15 Jul 2021 00:26:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5E5566B014B; Thu, 15 Jul 2021 00:26:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4861D8D0037; Thu, 15 Jul 2021 00:26:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0006.hostedemail.com [216.40.44.6]) by kanga.kvack.org (Postfix) with ESMTP id 266C36B014A for ; Thu, 15 Jul 2021 00:26:40 -0400 (EDT) Received: from smtpin07.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 1CB6B8248047 for ; Thu, 15 Jul 2021 04:26:39 +0000 (UTC) X-FDA: 78363536118.07.0AA8EF2 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf14.hostedemail.com (Postfix) with ESMTP id B283C6001995 for ; Thu, 15 Jul 2021 04:26:38 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 995BB6136E; Thu, 15 Jul 2021 04:26:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323198; bh=Yxw/iQdvu4ERPuk8Pnk2d2Jkwo9ubIWvEPxE/T+Wz2c=; h=Date:From:To:Subject:In-Reply-To:From; b=ARfCsFB2i4J4dAye/bh5roieiiU3Ha4sJLZgUSyPgIx0W/tmgD5LibGca8j3IHEc3 yq4j4xOFSjAJV+RBXToT+1nyQDXsK90wG6ZVZ1q8C3SzFjVLsePLSzp7E1uiMJk0jA as7wxMy1Ekk3rZAqqfOvR8kuOPT7pmQiErYY4R/Y= Date: Wed, 14 Jul 2021 21:26:37 -0700 From: Andrew Morton To: akpm@linux-foundation.org, andreyknvl@gmail.com, chinwen.chang@mediatek.com, dvyukov@google.com, elver@google.com, glider@google.com, Kuan-Ying.Lee@mediatek.com, linux-mm@kvack.org, mm-commits@vger.kernel.org, nicholas.tang@mediatek.com, ryabinin.a.a@gmail.com, torvalds@linux-foundation.org, willy@infradead.org, yee.lee@mediatek.com Subject: [patch 02/13] kasan: add memzero init for unaligned size at DEBUG Message-ID: <20210715042637.B4Iu8-rX2%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: B283C6001995 X-Stat-Signature: pryrke7zzmzikcfjbt75ngphb16i8koy Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=ARfCsFB2; spf=pass (imf14.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-HE-Tag: 1626323198-272545 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Yee Lee Subject: kasan: add memzero init for unaligned size at DEBUG Issue: when SLUB debug is on, hwtag kasan_unpoison() would overwrite the redzone of object with unaligned size. An additional memzero_explicit() path is added to replacing init by hwtag instruction for those unaligned size at SLUB debug mode. The penalty is acceptable since they are only enabled in debug mode, not production builds. A block of comment is added for explanation. Link: https://lkml.kernel.org/r/20210705103229.8505-3-yee.lee@mediatek.com Signed-off-by: Yee Lee Suggested-by: Andrey Konovalov Suggested-by: Marco Elver Reviewed-by: Marco Elver Reviewed-by: Andrey Konovalov Cc: Andrey Ryabinin Cc: Alexander Potapenko Cc: Dmitry Vyukov Cc: Nicholas Tang Cc: Kuan-Ying Lee Cc: Chinwen Chang Cc: Matthew Wilcox Signed-off-by: Andrew Morton --- mm/kasan/kasan.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) --- a/mm/kasan/kasan.h~kasan-add-memzero-int-for-unaligned-size-at-debug +++ a/mm/kasan/kasan.h @@ -9,6 +9,7 @@ #ifdef CONFIG_KASAN_HW_TAGS #include +#include "../slab.h" DECLARE_STATIC_KEY_FALSE(kasan_flag_stacktrace); extern bool kasan_flag_async __ro_after_init; @@ -387,6 +388,17 @@ static inline void kasan_unpoison(const if (WARN_ON((unsigned long)addr & KASAN_GRANULE_MASK)) return; + /* + * Explicitly initialize the memory with the precise object size to + * avoid overwriting the SLAB redzone. This disables initialization in + * the arch code and may thus lead to performance penalty. The penalty + * is accepted since SLAB redzones aren't enabled in production builds. + */ + if (__slub_debug_enabled() && + init && ((unsigned long)size & KASAN_GRANULE_MASK)) { + init = false; + memzero_explicit((void *)addr, size); + } size = round_up(size, KASAN_GRANULE_SIZE); hw_set_mem_tag_range((void *)addr, size, tag, init); From patchwork Thu Jul 15 04:26:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378639 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56C8AC1B08C for ; Thu, 15 Jul 2021 04:26:43 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 0AC0B6136E for ; Thu, 15 Jul 2021 04:26:43 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0AC0B6136E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 60FD58D0038; Thu, 15 Jul 2021 00:26:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5BE1C6B014C; Thu, 15 Jul 2021 00:26:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 486248D0038; Thu, 15 Jul 2021 00:26:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0121.hostedemail.com [216.40.44.121]) by kanga.kvack.org (Postfix) with ESMTP id 266476B014B for ; Thu, 15 Jul 2021 00:26:43 -0400 (EDT) Received: from smtpin39.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 1F93D1E095 for ; Thu, 15 Jul 2021 04:26:42 +0000 (UTC) X-FDA: 78363536244.39.8B3E917 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf03.hostedemail.com (Postfix) with ESMTP id D32F530001AC for ; Thu, 15 Jul 2021 04:26:41 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id AC33761362; Thu, 15 Jul 2021 04:26:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323201; bh=suk6yR+TaSk/Rfa/37qk89OWG/hZc2Q8FnnnhUvgrd4=; h=Date:From:To:Subject:In-Reply-To:From; b=Xp0G27ceZsFvFPMKYtSsiRGK8NT5l0a9cPIWxfmgcLg4duA2pJ4OdhXnqR1i/k/Md e2pkGG4rdS7EYFpBqXkak53ItUoZq+6Qn/FD6IIh19R+Nt6LVTUvOb4pu4bwpTA9Kn SzvWHMTiOsXnCnPf+nb9tkKAHvq3HIyQ1ki7s05U= Date: Wed, 14 Jul 2021 21:26:40 -0700 From: Andrew Morton To: akpm@linux-foundation.org, andreyknvl@gmail.com, andy.shevchenko@gmail.com, catalin.marinas@arm.com, dvyukov@google.com, elver@google.com, glider@google.com, linux-mm@kvack.org, mm-commits@vger.kernel.org, pcc@google.com, ryabinin.a.a@gmail.com, torvalds@linux-foundation.org, vincenzo.frascino@arm.com Subject: [patch 03/13] kasan: fix build by including kernel.h Message-ID: <20210715042640.2WLhaWjjL%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=Xp0G27ce; spf=pass (imf03.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam05 X-Stat-Signature: fprsxegmqeab7oi6x63h3q1uyc41to83 X-Rspamd-Queue-Id: D32F530001AC X-HE-Tag: 1626323201-347240 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Marco Elver Subject: kasan: fix build by including kernel.h The header relies on _RET_IP_ being defined, and had been receiving that definition via inclusion of bug.h which includes kernel.h. However, since f39650de687e ("kernel.h: split out panic and oops helpers") that is no longer the case and get the following build error when building CONFIG_KASAN_HW_TAGS on arm64: In file included from arch/arm64/mm/kasan_init.c:10: ./include/linux/kasan.h: In function 'kasan_slab_free': ./include/linux/kasan.h:230:39: error: '_RET_IP_' undeclared (first use in this function) 230 | return __kasan_slab_free(s, object, _RET_IP_, init); Fix it by including kernel.h from kasan.h. Link: https://lkml.kernel.org/r/20210705072716.2125074-1-elver@google.com Fixes: f39650de687e ("kernel.h: split out panic and oops helpers") Signed-off-by: Marco Elver Reviewed-by: Andy Shevchenko Reviewed-by: Andrey Konovalov Cc: Alexander Potapenko Cc: Dmitry Vyukov Cc: Peter Collingbourne Cc: Catalin Marinas Cc: Vincenzo Frascino Cc: Andrey Ryabinin Signed-off-by: Andrew Morton --- include/linux/kasan.h | 1 + 1 file changed, 1 insertion(+) --- a/include/linux/kasan.h~kasan-fix-build-by-including-kernelh +++ a/include/linux/kasan.h @@ -3,6 +3,7 @@ #define _LINUX_KASAN_H #include +#include #include #include From patchwork Thu Jul 15 04:26:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378641 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93A61C47E48 for ; Thu, 15 Jul 2021 04:26:46 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 487BB6128C for ; Thu, 15 Jul 2021 04:26:46 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 487BB6128C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 991DE8D003B; Thu, 15 Jul 2021 00:26:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9682D6B014D; Thu, 15 Jul 2021 00:26:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 82FFF8D003B; Thu, 15 Jul 2021 00:26:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0131.hostedemail.com [216.40.44.131]) by kanga.kvack.org (Postfix) with ESMTP id 619256B014C for ; Thu, 15 Jul 2021 00:26:46 -0400 (EDT) Received: from smtpin09.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 6143018495700 for ; Thu, 15 Jul 2021 04:26:45 +0000 (UTC) X-FDA: 78363536370.09.CBA5EB3 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf04.hostedemail.com (Postfix) with ESMTP id 14D8850000AD for ; Thu, 15 Jul 2021 04:26:44 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 14CBC61370; Thu, 15 Jul 2021 04:26:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323204; bh=EvAqvIQgDcf1PNa0VFscBQXiBlZFL89QbmFq6qI+xbw=; h=Date:From:To:Subject:In-Reply-To:From; b=vnksTXKzoryNR6zPfA1cz5dIIMAWDD1ZslJyXezxEnMUHjpQnSHnMT7IvKfIipQFx bEh50uLuAzZ/8/BaS9xh/MQcRv9fL4SJmmvvMstJI5G9IQR0Y4OT+YAM0BoPBBUkQq IlVPZDIVOr1ALJ/C1EEAZFbHLNL2vBYr9GtbZzRE= Date: Wed, 14 Jul 2021 21:26:43 -0700 From: Andrew Morton To: akpm@linux-foundation.org, david@redhat.com, ddstreet@ieee.org, jhubbard@nvidia.com, linux-mm@kvack.org, mcroce@microsoft.com, mgorman@techsingularity.net, mhocko@kernel.org, mm-commits@vger.kernel.org, shy828301@gmail.com, torvalds@linux-foundation.org, vbabka@suse.cz Subject: [patch 04/13] Revert "mm/page_alloc: make should_fail_alloc_page() static" Message-ID: <20210715042643.wjrzYaNvu%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=vnksTXKz; spf=pass (imf04.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam05 X-Stat-Signature: bpfmndkew4d5mktm6hh817rfear8bhff X-Rspamd-Queue-Id: 14D8850000AD X-HE-Tag: 1626323204-330740 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Matteo Croce Subject: Revert "mm/page_alloc: make should_fail_alloc_page() static" This reverts commit f7173090033c70886d925995e9dfdfb76dbb2441. Fix an unresolved symbol error when CONFIG_DEBUG_INFO_BTF=y: LD vmlinux BTFIDS vmlinux FAILED unresolved symbol should_fail_alloc_page make: *** [Makefile:1199: vmlinux] Error 255 make: *** Deleting file 'vmlinux' Link: https://lkml.kernel.org/r/20210708191128.153796-1-mcroce@linux.microsoft.com Fixes: f7173090033c ("mm/page_alloc: make should_fail_alloc_page() static") Signed-off-by: Matteo Croce Acked-by: Mel Gorman Tested-by: John Hubbard Cc: Michal Hocko Cc: David Hildenbrand Cc: Vlastimil Babka Cc: Dan Streetman Cc: Yang Shi Signed-off-by: Andrew Morton --- mm/page_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/page_alloc.c~revert-mm-page_alloc-make-should_fail_alloc_page-static +++ a/mm/page_alloc.c @@ -3820,7 +3820,7 @@ static inline bool __should_fail_alloc_p #endif /* CONFIG_FAIL_PAGE_ALLOC */ -static noinline bool should_fail_alloc_page(gfp_t gfp_mask, unsigned int order) +noinline bool should_fail_alloc_page(gfp_t gfp_mask, unsigned int order) { return __should_fail_alloc_page(gfp_mask, order); } From patchwork Thu Jul 15 04:26:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378643 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DFDCEC47E48 for ; Thu, 15 Jul 2021 04:26:49 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 8182D6128C for ; Thu, 15 Jul 2021 04:26:49 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8182D6128C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id D886B8D0040; Thu, 15 Jul 2021 00:26:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D5F446B014E; Thu, 15 Jul 2021 00:26:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C270A8D0040; Thu, 15 Jul 2021 00:26:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0073.hostedemail.com [216.40.44.73]) by kanga.kvack.org (Postfix) with ESMTP id A1B7D6B014D for ; Thu, 15 Jul 2021 00:26:49 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 97C691EA10 for ; Thu, 15 Jul 2021 04:26:48 +0000 (UTC) X-FDA: 78363536496.28.B3FABB0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf18.hostedemail.com (Postfix) with ESMTP id 4477A400208D for ; Thu, 15 Jul 2021 04:26:48 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 3397661362; Thu, 15 Jul 2021 04:26:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323207; bh=PKkAROtBIDPQ7hCt18ipZ2F8GmOmqL+1K5ZTbKYHApU=; h=Date:From:To:Subject:In-Reply-To:From; b=povLfTnBYuUWqQsXQUumMpFDHctwGRoOMgbBu6mq7HtOI+mUXYS8mUVYvUDv13VJT OfltG/a0iJGcQGyryUKXf3IHPBPPox8LsHq6fLgz0knYNosl+sb1qKv6p0elOX6CnW f7VUIGuM64Xi0avciwSNR4ldjhNxZWYa37/Ohj4Y= Date: Wed, 14 Jul 2021 21:26:46 -0700 From: Andrew Morton To: akpm@linux-foundation.org, aquini@redhat.com, desmondcheongzx@gmail.com, linux-mm@kvack.org, mgorman@techsingularity.net, mm-commits@vger.kernel.org, Qiang.Zhang@windriver.com, skhan@linuxfoundation.org, torvalds@linux-foundation.org Subject: [patch 05/13] mm/page_alloc: avoid page allocator recursion with pagesets.lock held Message-ID: <20210715042646.glYIx91lD%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=povLfTnB; spf=pass (imf18.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam05 X-Stat-Signature: y6gysuujeywor9aj8j9gr3kmkc9wbxao X-Rspamd-Queue-Id: 4477A400208D X-HE-Tag: 1626323208-431685 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Mel Gorman Subject: mm/page_alloc: avoid page allocator recursion with pagesets.lock held Syzbot is reporting potential deadlocks due to pagesets.lock when PAGE_OWNER is enabled. One example from Desmond Cheong Zhi Xi is as follows __alloc_pages_bulk() local_lock_irqsave(&pagesets.lock, flags) <---- outer lock here prep_new_page(): post_alloc_hook(): set_page_owner(): __set_page_owner(): save_stack(): stack_depot_save(): alloc_pages(): alloc_page_interleave(): __alloc_pages(): get_page_from_freelist(): rm_queue(): rm_queue_pcplist(): local_lock_irqsave(&pagesets.lock, flags); *** DEADLOCK *** Zhang, Qiang also reported BUG: sleeping function called from invalid context at mm/page_alloc.c:5179 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 1, name: swapper/0 ..... __dump_stack lib/dump_stack.c:79 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:96 ___might_sleep.cold+0x1f1/0x237 kernel/sched/core.c:9153 prepare_alloc_pages+0x3da/0x580 mm/page_alloc.c:5179 __alloc_pages+0x12f/0x500 mm/page_alloc.c:5375 alloc_page_interleave+0x1e/0x200 mm/mempolicy.c:2147 alloc_pages+0x238/0x2a0 mm/mempolicy.c:2270 stack_depot_save+0x39d/0x4e0 lib/stackdepot.c:303 save_stack+0x15e/0x1e0 mm/page_owner.c:120 __set_page_owner+0x50/0x290 mm/page_owner.c:181 prep_new_page mm/page_alloc.c:2445 [inline] __alloc_pages_bulk+0x8b9/0x1870 mm/page_alloc.c:5313 alloc_pages_bulk_array_node include/linux/gfp.h:557 [inline] vm_area_alloc_pages mm/vmalloc.c:2775 [inline] __vmalloc_area_node mm/vmalloc.c:2845 [inline] __vmalloc_node_range+0x39d/0x960 mm/vmalloc.c:2947 __vmalloc_node mm/vmalloc.c:2996 [inline] vzalloc+0x67/0x80 mm/vmalloc.c:3066 There are a number of ways it could be fixed. The page owner code could be audited to strip GFP flags that allow sleeping but it'll impair the functionality of PAGE_OWNER if allocations fail. The bulk allocator could add a special case to release/reacquire the lock for prep_new_page and lookup PCP after the lock is reacquired at the cost of performance. The pages requiring prep could be tracked using the least significant bit and looping through the array although it is more complicated for the list interface. The options are relatively complex and the second one still incurs a performance penalty when PAGE_OWNER is active so this patch takes the simple approach -- disable bulk allocation of PAGE_OWNER is active. The caller will be forced to allocate one page at a time incurring a performance penalty but PAGE_OWNER is already a performance penalty. Link: https://lkml.kernel.org/r/20210708081434.GV3840@techsingularity.net Fixes: dbbee9d5cd83 ("mm/page_alloc: convert per-cpu list protection to local_lock") Signed-off-by: Mel Gorman Reported-by: Desmond Cheong Zhi Xi Reported-by: "Zhang, Qiang" Reported-by: syzbot+127fd7828d6eeb611703@syzkaller.appspotmail.com Tested-by: syzbot+127fd7828d6eeb611703@syzkaller.appspotmail.com Acked-by: Rafael Aquini Cc: Shuah Khan Signed-off-by: Andrew Morton --- mm/page_alloc.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) --- a/mm/page_alloc.c~mm-page_alloc-avoid-page-allocator-recursion-with-pagesetslock-held +++ a/mm/page_alloc.c @@ -5239,6 +5239,18 @@ unsigned long __alloc_pages_bulk(gfp_t g if (nr_pages - nr_populated == 1) goto failed; +#ifdef CONFIG_PAGE_OWNER + /* + * PAGE_OWNER may recurse into the allocator to allocate space to + * save the stack with pagesets.lock held. Releasing/reacquiring + * removes much of the performance benefit of bulk allocation so + * force the caller to allocate one page at a time as it'll have + * similar performance to added complexity to the bulk allocator. + */ + if (static_branch_unlikely(&page_owner_inited)) + goto failed; +#endif + /* May set ALLOC_NOFRAGMENT, fragmentation will return 1 page. */ gfp &= gfp_allowed_mask; alloc_gfp = gfp; From patchwork Thu Jul 15 04:26:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378645 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6DF46C1B08C for ; Thu, 15 Jul 2021 04:26:52 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3E9126128C for ; Thu, 15 Jul 2021 04:26:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3E9126128C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 8CDB78D0041; Thu, 15 Jul 2021 00:26:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8A4536B014E; Thu, 15 Jul 2021 00:26:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 794D28D0041; Thu, 15 Jul 2021 00:26:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0173.hostedemail.com [216.40.44.173]) by kanga.kvack.org (Postfix) with ESMTP id 4C7606B014D for ; Thu, 15 Jul 2021 00:26:52 -0400 (EDT) Received: from smtpin13.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 3C57F1EA20 for ; Thu, 15 Jul 2021 04:26:51 +0000 (UTC) X-FDA: 78363536622.13.6911D99 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf29.hostedemail.com (Postfix) with ESMTP id EECC3900025D for ; Thu, 15 Jul 2021 04:26:50 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 25B326128C; Thu, 15 Jul 2021 04:26:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323210; bh=bpKWtsUkDZltYMbehZ234UWxzWR/9JVpFWoeIDvnzzA=; h=Date:From:To:Subject:In-Reply-To:From; b=05hqtyZBRP1umvULGfYptw3w8YkHCrcndbDYyrx3TElVDAJbaacXqcTYXdJYIr03G n64UBnN0Ieb2BPSu8DvC2FrRQVS2FK+BSvpBOO6ur5quClBLNGcQEXVJS7/3bEocRO pFT2W378FCV+hYXEyb5bN551/RxW+b5Qin/C6aYM= Date: Wed, 14 Jul 2021 21:26:49 -0700 From: Andrew Morton To: akpm@linux-foundation.org, linux-mm@kvack.org, mgorman@techsingularity.net, mm-commits@vger.kernel.org, torvalds@linux-foundation.org, yanfei.xu@windriver.com Subject: [patch 06/13] mm/page_alloc: correct return value when failing at preparing Message-ID: <20210715042649.CGq7mTI8y%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: EECC3900025D X-Stat-Signature: pyckwy95jpw6yg4hzik7dfab3r4c6i9a Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=05hqtyZB; spf=pass (imf29.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-HE-Tag: 1626323210-548200 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Yanfei Xu Subject: mm/page_alloc: correct return value when failing at preparing If the array passed in is already partially populated, we should return "nr_populated" even failing at preparing arguments stage. Link: https://lkml.kernel.org/r/20210713152100.10381-3-mgorman@techsingularity.net Signed-off-by: Yanfei Xu Signed-off-by: Mel Gorman Link: https://lore.kernel.org/r/20210709102855.55058-1-yanfei.xu@windriver.com Signed-off-by: Andrew Morton --- mm/page_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/page_alloc.c~mm-page_alloc-correct-return-value-when-failing-at-preparing +++ a/mm/page_alloc.c @@ -5255,7 +5255,7 @@ unsigned long __alloc_pages_bulk(gfp_t g gfp &= gfp_allowed_mask; alloc_gfp = gfp; if (!prepare_alloc_pages(gfp, 0, preferred_nid, nodemask, &ac, &alloc_gfp, &alloc_flags)) - return 0; + return nr_populated; gfp = alloc_gfp; /* Find an allowed local zone that meets the low watermark. */ From patchwork Thu Jul 15 04:26:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378647 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB565C47E48 for ; Thu, 15 Jul 2021 04:26:55 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 83ADE61362 for ; Thu, 15 Jul 2021 04:26:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 83ADE61362 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id D87F68D0047; Thu, 15 Jul 2021 00:26:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D60FE6B014E; Thu, 15 Jul 2021 00:26:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C27208D0047; Thu, 15 Jul 2021 00:26:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0090.hostedemail.com [216.40.44.90]) by kanga.kvack.org (Postfix) with ESMTP id 9F42C6B014D for ; Thu, 15 Jul 2021 00:26:55 -0400 (EDT) Received: from smtpin14.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 8D1DC8248047 for ; Thu, 15 Jul 2021 04:26:54 +0000 (UTC) X-FDA: 78363536748.14.C0A4B5E Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf11.hostedemail.com (Postfix) with ESMTP id 29695F000225 for ; Thu, 15 Jul 2021 04:26:54 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 1B22D6128C; Thu, 15 Jul 2021 04:26:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323213; bh=Kw/vHUgu+Ux2WajcBOafYguj9RJ6plED8o+Ox6Om/tc=; h=Date:From:To:Subject:In-Reply-To:From; b=WRo18r8vWkZ6IGvwQFNNknzZCJlBXxe0QKCspd6v8rntiyCXGiy9hwSKaqWDJtxI6 NRMLRDs++dNJtNQbDxlBY118JShRZNPkmPfbLAAHms3k/9TgHnUfrF2DfmKAH6O0UN 4YqSVnqZheplnuyL54UgEdg4DMfm7JrNR4wWZl2w= Date: Wed, 14 Jul 2021 21:26:52 -0700 From: Andrew Morton To: akpm@linux-foundation.org, brouer@redhat.com, chuck.lever@oracle.com, desmondcheongzx@gmail.com, linux-mm@kvack.org, mcroce@microsoft.com, mgorman@techsingularity.net, mm-commits@vger.kernel.org, Qiang.Zhang@windriver.com, torvalds@linux-foundation.org, yanfei.xu@windriver.com Subject: [patch 07/13] mm/page_alloc: further fix __alloc_pages_bulk() return value Message-ID: <20210715042652.3466F866K%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=WRo18r8v; spf=pass (imf11.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Stat-Signature: 63wuaygjxctxpr9tu79kwsa9nqu7oc3b X-Rspamd-Queue-Id: 29695F000225 X-Rspamd-Server: rspam01 X-HE-Tag: 1626323214-302107 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Chuck Lever Subject: mm/page_alloc: further fix __alloc_pages_bulk() return value The author of commit b3b64ebd3822 ("mm/page_alloc: do bulk array bounds check after checking populated elements") was possibly confused by the mixture of return values throughout the function. The API contract is clear that the function "Returns the number of pages on the list or array." It does not list zero as a unique return value with a special meaning. Therefore zero is a plausible return value only if @nr_pages is zero or less. Clean up the return logic to make it clear that the returned value is always the total number of pages in the array/list, not the number of pages that were allocated during this call. The only change in behavior with this patch is the value returned if prepare_alloc_pages() fails. To match the API contract, the number of pages currently in the array/list is returned in this case. The call site in __page_pool_alloc_pages_slow() also seems to be confused on this matter. It should be attended to by someone who is familiar with that code. [mel@techsingularity.net: Return nr_populated if 0 pages are requested] Link: https://lkml.kernel.org/r/20210713152100.10381-4-mgorman@techsingularity.net Signed-off-by: Chuck Lever Signed-off-by: Mel Gorman Acked-by: Jesper Dangaard Brouer Cc: Desmond Cheong Zhi Xi Cc: Zhang Qiang Cc: Yanfei Xu Cc: Matteo Croce Signed-off-by: Andrew Morton --- mm/page_alloc.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) --- a/mm/page_alloc.c~mm-page_alloc-further-fix-__alloc_pages_bulk-return-value +++ a/mm/page_alloc.c @@ -5221,9 +5221,6 @@ unsigned long __alloc_pages_bulk(gfp_t g unsigned int alloc_flags = ALLOC_WMARK_LOW; int nr_populated = 0, nr_account = 0; - if (unlikely(nr_pages <= 0)) - return 0; - /* * Skip populated array elements to determine if any pages need * to be allocated before disabling IRQs. @@ -5231,9 +5228,13 @@ unsigned long __alloc_pages_bulk(gfp_t g while (page_array && nr_populated < nr_pages && page_array[nr_populated]) nr_populated++; + /* No pages requested? */ + if (unlikely(nr_pages <= 0)) + goto out; + /* Already populated array? */ if (unlikely(page_array && nr_pages - nr_populated == 0)) - return nr_populated; + goto out; /* Use the single page allocator for one page. */ if (nr_pages - nr_populated == 1) @@ -5255,7 +5256,7 @@ unsigned long __alloc_pages_bulk(gfp_t g gfp &= gfp_allowed_mask; alloc_gfp = gfp; if (!prepare_alloc_pages(gfp, 0, preferred_nid, nodemask, &ac, &alloc_gfp, &alloc_flags)) - return nr_populated; + goto out; gfp = alloc_gfp; /* Find an allowed local zone that meets the low watermark. */ @@ -5323,6 +5324,7 @@ unsigned long __alloc_pages_bulk(gfp_t g __count_zid_vm_events(PGALLOC, zone_idx(zone), nr_account); zone_statistics(ac.preferred_zoneref->zone, zone, nr_account); +out: return nr_populated; failed_irq: @@ -5338,7 +5340,7 @@ failed: nr_populated++; } - return nr_populated; + goto out; } EXPORT_SYMBOL_GPL(__alloc_pages_bulk); From patchwork Thu Jul 15 04:26:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378649 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74D96C07E96 for ; Thu, 15 Jul 2021 04:26:58 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3EFF86136E for ; Thu, 15 Jul 2021 04:26:58 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3EFF86136E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 91ABD6B014D; Thu, 15 Jul 2021 00:26:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8F2188D0049; Thu, 15 Jul 2021 00:26:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7BA828D0048; Thu, 15 Jul 2021 00:26:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0132.hostedemail.com [216.40.44.132]) by kanga.kvack.org (Postfix) with ESMTP id 586BD6B014D for ; Thu, 15 Jul 2021 00:26:58 -0400 (EDT) Received: from smtpin12.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 47406184B2F3D for ; Thu, 15 Jul 2021 04:26:57 +0000 (UTC) X-FDA: 78363536874.12.B40101A Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf01.hostedemail.com (Postfix) with ESMTP id F1639500CEE0 for ; Thu, 15 Jul 2021 04:26:56 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 1B27A6128C; Thu, 15 Jul 2021 04:26:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323216; bh=dmCJejRnUY2wFaFILR5RtwcF3EX/YHO/GYcUOohB8yM=; h=Date:From:To:Subject:In-Reply-To:From; b=omsg4VG7ifQQP+AmVIEcCGfhfveekNoHIXJruRbBTFft13pVFtknJv1H9NnG5L3J4 Ci27CCvbje7kWAnRduUaoxWNvkMNzMmaJbPrGWeZWADUfRYz609oW+hKoytkueiiof KTujBix2m602BFiTLWW7Wt2vNxoMWSbUXW7dJQms= Date: Wed, 14 Jul 2021 21:26:55 -0700 From: Andrew Morton To: akpm@linux-foundation.org, hch@lst.de, linux-mm@kvack.org, mm-commits@vger.kernel.org, shy828301@gmail.com, torvalds@linux-foundation.org Subject: [patch 08/13] mm: fix the try_to_unmap prototype for !CONFIG_MMU Message-ID: <20210715042655.ljTZkSkdp%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=omsg4VG7; spf=pass (imf01.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: F1639500CEE0 X-Stat-Signature: fahzzy5bxj48eb9wf4qe5zrz7rurmp31 X-HE-Tag: 1626323216-324606 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Christoph Hellwig Subject: mm: fix the try_to_unmap prototype for !CONFIG_MMU Adjust the nommu stub of try_to_unmap to match the changed protype for the full version. Turn it into an inline instead of a macro to generally improve the type checking. Link: https://lkml.kernel.org/r/20210705053944.885828-1-hch@lst.de Fixes: 1fb08ac63bee ("mm: rmap: make try_to_unmap() void function") Signed-off-by: Christoph Hellwig Reviewed-by: Yang Shi Signed-off-by: Andrew Morton --- include/linux/rmap.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/include/linux/rmap.h~mm-fix-the-try_to_unmap-prototype-for-config_mmu +++ a/include/linux/rmap.h @@ -291,7 +291,9 @@ static inline int page_referenced(struct return 0; } -#define try_to_unmap(page, refs) false +static inline void try_to_unmap(struct page *page, enum ttu_flags flags) +{ +} static inline int page_mkclean(struct page *page) { From patchwork Thu Jul 15 04:26:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378651 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82F8FC1B08C for ; Thu, 15 Jul 2021 04:27:01 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3397E6128C for ; Thu, 15 Jul 2021 04:27:01 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3397E6128C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 87EB66B014F; Thu, 15 Jul 2021 00:27:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 855FC8D0049; Thu, 15 Jul 2021 00:27:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 71DE68D0048; Thu, 15 Jul 2021 00:27:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0224.hostedemail.com [216.40.44.224]) by kanga.kvack.org (Postfix) with ESMTP id 4EF876B014F for ; Thu, 15 Jul 2021 00:27:01 -0400 (EDT) Received: from smtpin38.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 3DE95184B3553 for ; Thu, 15 Jul 2021 04:27:00 +0000 (UTC) X-FDA: 78363537000.38.30E7B36 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf27.hostedemail.com (Postfix) with ESMTP id E7AF070000A9 for ; Thu, 15 Jul 2021 04:26:59 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id E204C61360; Thu, 15 Jul 2021 04:26:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323219; bh=ISLOowqcXFi7D/AecfCO5p2bdmuAJjYUwY8N6CDHt1c=; h=Date:From:To:Subject:In-Reply-To:From; b=tZsgM3blwJDRydnOBuqbwUx6MQqj9d3U690Ff9YPSKxtmMQVgrlWMF0oyxIkwuJkE wI9UB2M5kqjbayPMClFRX/1elgqMBbMdy2Q1xODKv6mVRRyvCVVhQ+ER/9r+/C87fH vxXKGiVJB2qlz5o+9D6t1JUCM+DUhC4iEpFmQMkk= Date: Wed, 14 Jul 2021 21:26:58 -0700 From: Andrew Morton To: akpm@linux-foundation.org, apopple@nvidia.com, hulkci@huawei.com, jrdr.linux@gmail.com, linux-mm@kvack.org, mm-commits@vger.kernel.org, oliver.sang@intel.com, torvalds@linux-foundation.org, yangyingliang@huawei.com Subject: [patch 09/13] lib/test_hmm: remove set but unused page variable Message-ID: <20210715042658.PXuvewt1u%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=tZsgM3bl; spf=pass (imf27.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Stat-Signature: 4hfysxbjpx5ummrne9gpusayxawzg4n1 X-Rspamd-Queue-Id: E7AF070000A9 X-Rspamd-Server: rspam01 X-HE-Tag: 1626323219-303411 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Alistair Popple Subject: lib/test_hmm: remove set but unused page variable The HMM selftests use atomic_check_access() to check atomic access to a page has been revoked. It doesn't matter if the page mapping has been removed from the mirrored page tables as that also implies atomic access has been revoked. Therefore remove the unused page variable to fix this compiler warning: lib/test_hmm.c:631:16: warning: variable `page' set but not used [-Wunused-but-set-variable] Link: https://lkml.kernel.org/r/20210706025603.4059-1-apopple@nvidia.com Fixes: b659baea7546 ("mm: selftests for exclusive device memory") Signed-off-by: Alistair Popple Reported-by: Hulk Robot Reported-by: kernel test robot Reported-by: Yang Yingliang Acked-by: Souptick Joarder Signed-off-by: Andrew Morton --- lib/test_hmm.c | 2 -- 1 file changed, 2 deletions(-) --- a/lib/test_hmm.c~lib-test_hmm-remove-set-but-unused-page-variable +++ a/lib/test_hmm.c @@ -628,10 +628,8 @@ static int dmirror_check_atomic(struct d for (pfn = start >> PAGE_SHIFT; pfn < (end >> PAGE_SHIFT); pfn++) { void *entry; - struct page *page; entry = xa_load(&dmirror->pt, pfn); - page = xa_untag_pointer(entry); if (xa_pointer_tag(entry) == DPT_XA_TAG_ATOMIC) return -EPERM; } From patchwork Thu Jul 15 04:27:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378653 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7E7F7C47E48 for ; Thu, 15 Jul 2021 04:27:04 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 349E761380 for ; Thu, 15 Jul 2021 04:27:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 349E761380 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 817FF8D0048; Thu, 15 Jul 2021 00:27:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7EDCA6B0152; Thu, 15 Jul 2021 00:27:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6A89A8D0048; Thu, 15 Jul 2021 00:27:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0179.hostedemail.com [216.40.44.179]) by kanga.kvack.org (Postfix) with ESMTP id 48A4D6B0151 for ; Thu, 15 Jul 2021 00:27:04 -0400 (EDT) Received: from smtpin10.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 399F71EA20 for ; Thu, 15 Jul 2021 04:27:03 +0000 (UTC) X-FDA: 78363537126.10.E2D7663 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf20.hostedemail.com (Postfix) with ESMTP id E81CBD0000A4 for ; Thu, 15 Jul 2021 04:27:02 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id E827C6128C; Thu, 15 Jul 2021 04:27:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323222; bh=E/hPjciFPdETfzSqNvWxfE+8yg//T/nkcBgjMHae9rk=; h=Date:From:To:Subject:In-Reply-To:From; b=N8I6RWMc37zDgNmp1V+XoHsqIo9L8t687sz7qt+z9WxgDbAkFpOEqMb1Hqfav8K7O qAXBWM8HviPYcrV5RQRWrmPLtzC/GMpNzJdBIqsPBxfSEyN2pPePYNsTcJZXx7ewEz AVicbTHcp/0GPnJTXiRhL07VBMPCfY0pO/SLQ4rY= Date: Wed, 14 Jul 2021 21:27:01 -0700 From: Andrew Morton To: akpm@linux-foundation.org, desmondcheongzx@gmail.com, gregkh@linuxfoundation.org, gustavoars@kernel.org, linux-mm@kvack.org, mm-commits@vger.kernel.org, skhan@linuxfoundation.org, slava@dubeyko.com, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk Subject: [patch 10/13] hfs: add missing clean-up in hfs_fill_super Message-ID: <20210715042701.RIM_Afm8q%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: E81CBD0000A4 X-Stat-Signature: 6q9k7f86nuf6skewcmpg15bf75iuoh34 Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=N8I6RWMc; spf=pass (imf20.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-HE-Tag: 1626323222-667201 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Desmond Cheong Zhi Xi Subject: hfs: add missing clean-up in hfs_fill_super Patch series "hfs: fix various errors", v2. This series ultimately aims to address a lockdep warning in hfs_find_init reported by Syzbot: https://syzkaller.appspot.com/bug?id=f007ef1d7a31a469e3be7aeb0fde0769b18585db The work done for this led to the discovery of another bug, and the Syzkaller repro test also reveals an invalid memory access error after clearing the lockdep warning. Hence, this series is broken up into three patches: 1. Add a missing call to hfs_find_exit for an error path in hfs_fill_super 2. Fix memory mapping in hfs_bnode_read by fixing calls to kmap 3. Add lock nesting notation to tell lockdep that the observed locking hierarchy is safe This patch (of 3): Before exiting hfs_fill_super, the struct hfs_find_data used in hfs_find_init should be passed to hfs_find_exit to be cleaned up, and to release the lock held on the btree. The call to hfs_find_exit is missing from an error path. We add it back in by consolidating calls to hfs_find_exit for error paths. Link: https://lkml.kernel.org/r/20210701030756.58760-1-desmondcheongzx@gmail.com Link: https://lkml.kernel.org/r/20210701030756.58760-2-desmondcheongzx@gmail.com Signed-off-by: Desmond Cheong Zhi Xi Reviewed-by: Viacheslav Dubeyko Cc: Gustavo A. R. Silva Cc: Al Viro Cc: Shuah Khan Cc: Greg Kroah-Hartman Signed-off-by: Andrew Morton --- fs/hfs/super.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) --- a/fs/hfs/super.c~hfs-add-missing-clean-up-in-hfs_fill_super +++ a/fs/hfs/super.c @@ -420,14 +420,12 @@ static int hfs_fill_super(struct super_b if (!res) { if (fd.entrylength > sizeof(rec) || fd.entrylength < 0) { res = -EIO; - goto bail; + goto bail_hfs_find; } hfs_bnode_read(fd.bnode, &rec, fd.entryoffset, fd.entrylength); } - if (res) { - hfs_find_exit(&fd); - goto bail_no_root; - } + if (res) + goto bail_hfs_find; res = -EINVAL; root_inode = hfs_iget(sb, &fd.search_key->cat, &rec); hfs_find_exit(&fd); @@ -443,6 +441,8 @@ static int hfs_fill_super(struct super_b /* everything's okay */ return 0; +bail_hfs_find: + hfs_find_exit(&fd); bail_no_root: pr_err("get root inode failed\n"); bail: From patchwork Thu Jul 15 04:27:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378655 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26D52C47E48 for ; Thu, 15 Jul 2021 04:27:08 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id D292A61380 for ; Thu, 15 Jul 2021 04:27:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D292A61380 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 3278D6B0151; Thu, 15 Jul 2021 00:27:08 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2D7D86B0152; Thu, 15 Jul 2021 00:27:08 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 19F8B6B0153; Thu, 15 Jul 2021 00:27:08 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0093.hostedemail.com [216.40.44.93]) by kanga.kvack.org (Postfix) with ESMTP id E06546B0151 for ; Thu, 15 Jul 2021 00:27:07 -0400 (EDT) Received: from smtpin15.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id D6A358248047 for ; Thu, 15 Jul 2021 04:27:06 +0000 (UTC) X-FDA: 78363537252.15.EB99821 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf02.hostedemail.com (Postfix) with ESMTP id 7797D7001A24 for ; Thu, 15 Jul 2021 04:27:06 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 6B0FC61362; Thu, 15 Jul 2021 04:27:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323225; bh=EAhRaG/NzxvwdVRCnQwl2EUao6cYfDwAyLvSLYFpsJ0=; h=Date:From:To:Subject:In-Reply-To:From; b=EkOmNIRtYl2IrvRWNSGLX/5loThH9co0MMn/oLLdrAwVsuxccZzFAHEu+Mj5gB1HO I4WO4S5yQkurDMKdDe2UqcAcsbmOTHsr+Wfu879BL/nmcnZtxuOKhis5UVw1wvgwtr b+40yhuUf1qUVur91RhLF3ytMT2sb54CC1stt5O8= Date: Wed, 14 Jul 2021 21:27:05 -0700 From: Andrew Morton To: akpm@linux-foundation.org, desmondcheongzx@gmail.com, gregkh@linuxfoundation.org, gustavoars@kernel.org, linux-mm@kvack.org, mm-commits@vger.kernel.org, skhan@linuxfoundation.org, slava@dubeyko.com, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk Subject: [patch 11/13] hfs: fix high memory mapping in hfs_bnode_read Message-ID: <20210715042705.lg8lgQHJU%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=EkOmNIRt; spf=pass (imf02.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam05 X-Stat-Signature: upad6xsjb7c16dwxbazpiye3uuirm3c8 X-Rspamd-Queue-Id: 7797D7001A24 X-HE-Tag: 1626323226-1754 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Desmond Cheong Zhi Xi Subject: hfs: fix high memory mapping in hfs_bnode_read Pages that we read in hfs_bnode_read need to be kmapped into kernel address space. However, currently only the 0th page is kmapped. If the given offset + length exceeds this 0th page, then we have an invalid memory access. To fix this, we kmap relevant pages one by one and copy their relevant portions of data. An example of invalid memory access occurring without this fix can be seen in the following crash report: ================================================================== BUG: KASAN: use-after-free in memcpy include/linux/fortify-string.h:191 [inline] BUG: KASAN: use-after-free in hfs_bnode_read+0xc4/0xe0 fs/hfs/bnode.c:26 Read of size 2 at addr ffff888125fdcffe by task syz-executor5/4634 CPU: 0 PID: 4634 Comm: syz-executor5 Not tainted 5.13.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x195/0x1f8 lib/dump_stack.c:120 print_address_description.constprop.0+0x1d/0x110 mm/kasan/report.c:233 __kasan_report mm/kasan/report.c:419 [inline] kasan_report.cold+0x7b/0xd4 mm/kasan/report.c:436 check_region_inline mm/kasan/generic.c:180 [inline] kasan_check_range+0x154/0x1b0 mm/kasan/generic.c:186 memcpy+0x24/0x60 mm/kasan/shadow.c:65 memcpy include/linux/fortify-string.h:191 [inline] hfs_bnode_read+0xc4/0xe0 fs/hfs/bnode.c:26 hfs_bnode_read_u16 fs/hfs/bnode.c:34 [inline] hfs_bnode_find+0x880/0xcc0 fs/hfs/bnode.c:365 hfs_brec_find+0x2d8/0x540 fs/hfs/bfind.c:126 hfs_brec_read+0x27/0x120 fs/hfs/bfind.c:165 hfs_cat_find_brec+0x19a/0x3b0 fs/hfs/catalog.c:194 hfs_fill_super+0xc13/0x1460 fs/hfs/super.c:419 mount_bdev+0x331/0x3f0 fs/super.c:1368 hfs_mount+0x35/0x40 fs/hfs/super.c:457 legacy_get_tree+0x10c/0x220 fs/fs_context.c:592 vfs_get_tree+0x93/0x300 fs/super.c:1498 do_new_mount fs/namespace.c:2905 [inline] path_mount+0x13f5/0x20e0 fs/namespace.c:3235 do_mount fs/namespace.c:3248 [inline] __do_sys_mount fs/namespace.c:3456 [inline] __se_sys_mount fs/namespace.c:3433 [inline] __x64_sys_mount+0x2b8/0x340 fs/namespace.c:3433 do_syscall_64+0x37/0xc0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x45e63a Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 88 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f9404d410d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 0000000020000248 RCX: 000000000045e63a RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f9404d41120 RBP: 00007f9404d41120 R08: 00000000200002c0 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 R13: 0000000000000003 R14: 00000000004ad5d8 R15: 0000000000000000 The buggy address belongs to the page: page:00000000dadbcf3e refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x125fdc flags: 0x2fffc0000000000(node=0|zone=2|lastcpupid=0x3fff) raw: 02fffc0000000000 ffffea000497f748 ffffea000497f6c8 0000000000000000 raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888125fdce80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888125fdcf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff >ffff888125fdcf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff888125fdd000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888125fdd080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ================================================================== Link: https://lkml.kernel.org/r/20210701030756.58760-3-desmondcheongzx@gmail.com Signed-off-by: Desmond Cheong Zhi Xi Reviewed-by: Viacheslav Dubeyko Cc: Al Viro Cc: Greg Kroah-Hartman Cc: Gustavo A. R. Silva Cc: Shuah Khan Signed-off-by: Andrew Morton --- fs/hfs/bnode.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) --- a/fs/hfs/bnode.c~hfs-fix-high-memory-mapping-in-hfs_bnode_read +++ a/fs/hfs/bnode.c @@ -15,16 +15,31 @@ #include "btree.h" -void hfs_bnode_read(struct hfs_bnode *node, void *buf, - int off, int len) +void hfs_bnode_read(struct hfs_bnode *node, void *buf, int off, int len) { struct page *page; + int pagenum; + int bytes_read; + int bytes_to_read; + void *vaddr; off += node->page_offset; - page = node->page[0]; + pagenum = off >> PAGE_SHIFT; + off &= ~PAGE_MASK; /* compute page offset for the first page */ - memcpy(buf, kmap(page) + off, len); - kunmap(page); + for (bytes_read = 0; bytes_read < len; bytes_read += bytes_to_read) { + if (pagenum >= node->tree->pages_per_bnode) + break; + page = node->page[pagenum]; + bytes_to_read = min_t(int, len - bytes_read, PAGE_SIZE - off); + + vaddr = kmap_atomic(page); + memcpy(buf + bytes_read, vaddr + off, bytes_to_read); + kunmap_atomic(vaddr); + + pagenum++; + off = 0; /* page offset only applies to the first page */ + } } u16 hfs_bnode_read_u16(struct hfs_bnode *node, int off) From patchwork Thu Jul 15 04:27:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378657 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1653BC47E4B for ; Thu, 15 Jul 2021 04:27:11 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id BE22B613A9 for ; Thu, 15 Jul 2021 04:27:10 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BE22B613A9 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 1C83A6B0152; Thu, 15 Jul 2021 00:27:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 19F186B0154; Thu, 15 Jul 2021 00:27:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 067A36B0155; Thu, 15 Jul 2021 00:27:11 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0076.hostedemail.com [216.40.44.76]) by kanga.kvack.org (Postfix) with ESMTP id D787E6B0152 for ; Thu, 15 Jul 2021 00:27:10 -0400 (EDT) Received: from smtpin36.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id CAF321F20E for ; Thu, 15 Jul 2021 04:27:09 +0000 (UTC) X-FDA: 78363537378.36.D111D4F Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf11.hostedemail.com (Postfix) with ESMTP id 69EC0F000225 for ; Thu, 15 Jul 2021 04:27:09 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 70E8C61380; Thu, 15 Jul 2021 04:27:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323228; bh=H2vlNlo8faCnYTwf4DwHdOxymTkwkkSjiStHkHZLw/o=; h=Date:From:To:Subject:In-Reply-To:From; b=OienGAGnhvQSsUoH9AsH0VabDDzH1GsXLPHkGRaycrbeuxczgKb4VYcUBxWT45V7N jAQ6xJwkzI+luG3p16VTXBisE2ADQtHexdBnJ+6KTFuWDCD02ffYYBqNLhyqf1vg80 Fw8mx19DGKCZuwLZ3Y58xsKc8KJJtCg6VeUg8eXM= Date: Wed, 14 Jul 2021 21:27:08 -0700 From: Andrew Morton To: akpm@linux-foundation.org, desmondcheongzx@gmail.com, gregkh@linuxfoundation.org, gustavoars@kernel.org, linux-mm@kvack.org, mm-commits@vger.kernel.org, skhan@linuxfoundation.org, slava@dubeyko.com, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk Subject: [patch 12/13] hfs: add lock nesting notation to hfs_find_init Message-ID: <20210715042708.eP0VysJim%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=OienGAGn; spf=pass (imf11.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam02 X-Stat-Signature: oaet35x4mbmgyy7rxhqonkeenydr3tc9 X-Rspamd-Queue-Id: 69EC0F000225 X-HE-Tag: 1626323229-736054 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Desmond Cheong Zhi Xi Subject: hfs: add lock nesting notation to hfs_find_init Syzbot reports a possible recursive lock: https://syzkaller.appspot.com/bug?id=f007ef1d7a31a469e3be7aeb0fde0769b18585db This happens due to missing lock nesting information. From the logs, we see that a call to hfs_fill_super is made to mount the hfs filesystem. While searching for the root inode, the lock on the catalog btree is grabbed. Then, when the parent of the root isn't found, a call to __hfs_bnode_create is made to create the parent of the root. This eventually leads to a call to hfs_ext_read_extent which grabs a lock on the extents btree. Since the order of locking is catalog btree -> extents btree, this lock hierarchy does not lead to a deadlock. To tell lockdep that this locking is safe, we add nesting notation to distinguish between catalog btrees, extents btrees, and attributes btrees (for HFS+). This has already been done in hfsplus. Link: https://lkml.kernel.org/r/20210701030756.58760-4-desmondcheongzx@gmail.com Signed-off-by: Desmond Cheong Zhi Xi Reported-by: syzbot+b718ec84a87b7e73ade4@syzkaller.appspotmail.com Tested-by: syzbot+b718ec84a87b7e73ade4@syzkaller.appspotmail.com Reviewed-by: Viacheslav Dubeyko Cc: Al Viro Cc: Greg Kroah-Hartman Cc: Gustavo A. R. Silva Cc: Shuah Khan Signed-off-by: Andrew Morton --- fs/hfs/bfind.c | 14 +++++++++++++- fs/hfs/btree.h | 7 +++++++ 2 files changed, 20 insertions(+), 1 deletion(-) --- a/fs/hfs/bfind.c~hfs-add-lock-nesting-notation-to-hfs_find_init +++ a/fs/hfs/bfind.c @@ -25,7 +25,19 @@ int hfs_find_init(struct hfs_btree *tree fd->key = ptr + tree->max_key_len + 2; hfs_dbg(BNODE_REFS, "find_init: %d (%p)\n", tree->cnid, __builtin_return_address(0)); - mutex_lock(&tree->tree_lock); + switch (tree->cnid) { + case HFS_CAT_CNID: + mutex_lock_nested(&tree->tree_lock, CATALOG_BTREE_MUTEX); + break; + case HFS_EXT_CNID: + mutex_lock_nested(&tree->tree_lock, EXTENTS_BTREE_MUTEX); + break; + case HFS_ATTR_CNID: + mutex_lock_nested(&tree->tree_lock, ATTR_BTREE_MUTEX); + break; + default: + return -EINVAL; + } return 0; } --- a/fs/hfs/btree.h~hfs-add-lock-nesting-notation-to-hfs_find_init +++ a/fs/hfs/btree.h @@ -13,6 +13,13 @@ typedef int (*btree_keycmp)(const btree_ #define NODE_HASH_SIZE 256 +/* B-tree mutex nested subclasses */ +enum hfs_btree_mutex_classes { + CATALOG_BTREE_MUTEX, + EXTENTS_BTREE_MUTEX, + ATTR_BTREE_MUTEX, +}; + /* A HFS BTree held in memory */ struct hfs_btree { struct super_block *sb; From patchwork Thu Jul 15 04:27:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 12378659 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E128FC47E48 for ; Thu, 15 Jul 2021 04:27:13 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 9C688613A9 for ; Thu, 15 Jul 2021 04:27:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9C688613A9 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id EC0EB6B0154; Thu, 15 Jul 2021 00:27:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E967B6B0156; Thu, 15 Jul 2021 00:27:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D382E6B0157; Thu, 15 Jul 2021 00:27:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0171.hostedemail.com [216.40.44.171]) by kanga.kvack.org (Postfix) with ESMTP id B2A556B0154 for ; Thu, 15 Jul 2021 00:27:13 -0400 (EDT) Received: from smtpin18.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id B007B2203E for ; Thu, 15 Jul 2021 04:27:12 +0000 (UTC) X-FDA: 78363537504.18.3712512 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf23.hostedemail.com (Postfix) with ESMTP id 637FA9000701 for ; Thu, 15 Jul 2021 04:27:12 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 716DC613B2; Thu, 15 Jul 2021 04:27:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1626323231; bh=9m0k110N20kOAoP/o62BcYLkYEF1k7ZEGkRxpN1LxW4=; h=Date:From:To:Subject:In-Reply-To:From; b=Jxns9f0nh5iFonmRirk9p1rMWpQ+Q8m7zXlPLCYUGL//VCSWxpTAJiEJmFPXEioiC KP+PVX0tU8FukAljXxcH4D3djtQiklr87Z4NLuNEjiMj0U+YhMDbdfxm/3KsyAhyPD odUbbxsCY7f7uj5pKTT21j3IYnMNvUrfi/cmwNeA= Date: Wed, 14 Jul 2021 21:27:11 -0700 From: Andrew Morton To: akpm@linux-foundation.org, joao.m.martins@oracle.com, linux-mm@kvack.org, mike.kravetz@oracle.com, mm-commits@vger.kernel.org, stable@vger.kernel.org, torvalds@linux-foundation.org Subject: [patch 13/13] mm/hugetlb: fix refs calculation from unaligned @vaddr Message-ID: <20210715042711.DQ8aY7BZt%akpm@linux-foundation.org> In-Reply-To: <20210714212609.fad116e584ba1194981a6294@linux-foundation.org> User-Agent: s-nail v14.8.16 Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=Jxns9f0n; spf=pass (imf23.hostedemail.com: domain of akpm@linux-foundation.org designates 198.145.29.99 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org; dmarc=none X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 637FA9000701 X-Stat-Signature: xwm3kx4qaikmnmhaynbgwfzw3q3zcrkd X-HE-Tag: 1626323232-636111 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Joao Martins Subject: mm/hugetlb: fix refs calculation from unaligned @vaddr commit 82e5d378b0e47 ("mm/hugetlb: refactor subpage recording") refactored the count of subpages but missed an edge case when @vaddr is not aligned to PAGE_SIZE e.g. when close to vma->vm_end. It would then errousnly set @refs to 0 and record_subpages_vmas() wouldn't set the @pages array element to its value, consequently causing the reported null-deref by syzbot. Fix it by aligning down @vaddr by PAGE_SIZE in @refs calculation. Link: https://lkml.kernel.org/r/20210713152440.28650-1-joao.m.martins@oracle.com Fixes: 82e5d378b0e47 ("mm/hugetlb: refactor subpage recording") Reported-by: syzbot+a3fcd59df1b372066f5a@syzkaller.appspotmail.com Signed-off-by: Joao Martins Reviewed-by: Mike Kravetz Cc: Signed-off-by: Andrew Morton --- mm/hugetlb.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/mm/hugetlb.c~mm-hugetlb-fix-refs-calculation-from-unaligned-vaddr +++ a/mm/hugetlb.c @@ -5440,8 +5440,9 @@ long follow_hugetlb_page(struct mm_struc continue; } - refs = min3(pages_per_huge_page(h) - pfn_offset, - (vma->vm_end - vaddr) >> PAGE_SHIFT, remainder); + /* vaddr may not be aligned to PAGE_SIZE */ + refs = min3(pages_per_huge_page(h) - pfn_offset, remainder, + (vma->vm_end - ALIGN_DOWN(vaddr, PAGE_SIZE)) >> PAGE_SHIFT); if (pages || vmas) record_subpages_vmas(mem_map_offset(page, pfn_offset),