From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09FC1C2D0DB for ; Mon, 20 Jan 2020 14:07:46 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id BAD7621835 for ; Mon, 20 Jan 2020 14:07:45 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BAD7621835 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 5BD226B0668; Mon, 20 Jan 2020 09:07:45 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 546AE6B0669; Mon, 20 Jan 2020 09:07:45 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E7996B066A; Mon, 20 Jan 2020 09:07:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0081.hostedemail.com [216.40.44.81]) by kanga.kvack.org (Postfix) with ESMTP id 250056B0668 for ; Mon, 20 Jan 2020 09:07:45 -0500 (EST) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with SMTP id B3BC634A3 for ; Mon, 20 Jan 2020 14:07:44 +0000 (UTC) X-FDA: 76398190848.06.tent65_266fddf04c65f X-HE-Tag: tent65_266fddf04c65f X-Filterd-Recvd-Size: 6520 Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by imf27.hostedemail.com (Postfix) with ESMTP for ; Mon, 20 Jan 2020 14:07:43 +0000 (UTC) Received: by mail-wm1-f67.google.com with SMTP id t14so14815323wmi.5 for ; Mon, 20 Jan 2020 06:07:43 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=6PEshjh6oj1hS5bO6DIB8H4W+Hl04tdhGeOu91RZ3Ik=; b=SwEydhlLhq+h/1ICxeU+2S9rhz4Yg0V+4gLR6nWJSONpweJCL/vgbEXVWVlGgcnZkj VlL0+n1q2j243MweGploNLBLdutEbeGchzoX39x750hHKjYCyvkOIWFSvOC7jh4oSu6d 1WtJLp5mpJMJca0FSqWlyNLm/t8JoeZh3sTMLlJvEqPpLoCu4SjQPIGjXHmVGHxC2ajI qOghk8/jFaqKtS/ABgV9e1XmzJxUyjLZuaC6WkEzkx/QNa2Y2AdNUQmL2K3494BGB7H7 3d3GqRRfwrGDmEH5Irz8UNvToi/SqiTySumAQrcE9BPTV24nHrWCpdJtzj1gt/wj7cmH wyVQ== X-Gm-Message-State: APjAAAVJj+sAmw4FHVIHNgAPESqg2RAjgAIWFhU0FPwAuxj2I42BT/Ur oSqqjHIRU8kY9Nu11cnW9Bc= X-Google-Smtp-Source: APXvYqzbAArKV7ShAu35gL43PdCCsBpRP7+6QHgxCRNfYMckD6wi/7J21ZbhsQFYE/sU93amP7GCRQ== X-Received: by 2002:a05:600c:2c06:: with SMTP id q6mr20003235wmg.154.1579529262880; Mon, 20 Jan 2020 06:07:42 -0800 (PST) Received: from localhost (prg-ext-pat.suse.com. [213.151.95.130]) by smtp.gmail.com with ESMTPSA id v3sm47402669wru.32.2020.01.20.06.07.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Jan 2020 06:07:41 -0800 (PST) Date: Mon, 20 Jan 2020 15:07:40 +0100 From: Michal Hocko To: Qian Cai Cc: akpm@linux-foundation.org, david@redhat.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH -mm v2] mm/page_isolation: fix potential warning from user Message-ID: <20200120140740.GG18451@dhcp22.suse.cz> References: <20200120131909.813-1-cai@lca.pw> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200120131909.813-1-cai@lca.pw> User-Agent: Mutt/1.12.2 (2019-09-21) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon 20-01-20 08:19:09, Qian Cai wrote: > It makes sense to call the WARN_ON_ONCE(zone_idx(zone) == ZONE_MOVABLE) > from start_isolate_page_range(), but should avoid triggering it from > userspace, i.e, from is_mem_section_removable() because it could be a > DoS if warn_on_panic is set. Let's just make it clear that this mostly a pre-cautious because a real DoS should be pretty much impossible. But let's see whether somebody want to make a CVE out of it ;) > While at it, simplify the code a bit by removing an unnecessary jump > label and a local variable, so set_migratetype_isolate() could really > return a bool. > > Suggested-by: Michal Hocko > Signed-off-by: Qian Cai Acked-by: Michal Hocko Thanks! > --- > > v2: Improve the commit log. > Warn for all start_isolate_page_range() users not just offlining. > > mm/page_alloc.c | 11 ++++------- > mm/page_isolation.c | 30 +++++++++++++++++------------- > 2 files changed, 21 insertions(+), 20 deletions(-) > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > index 621716a25639..3c4eb750a199 100644 > --- a/mm/page_alloc.c > +++ b/mm/page_alloc.c > @@ -8231,7 +8231,7 @@ struct page *has_unmovable_pages(struct zone *zone, struct page *page, > if (is_migrate_cma(migratetype)) > return NULL; > > - goto unmovable; > + return page; > } > > for (; iter < pageblock_nr_pages; iter++) { > @@ -8241,7 +8241,7 @@ struct page *has_unmovable_pages(struct zone *zone, struct page *page, > page = pfn_to_page(pfn + iter); > > if (PageReserved(page)) > - goto unmovable; > + return page; > > /* > * If the zone is movable and we have ruled out all reserved > @@ -8261,7 +8261,7 @@ struct page *has_unmovable_pages(struct zone *zone, struct page *page, > unsigned int skip_pages; > > if (!hugepage_migration_supported(page_hstate(head))) > - goto unmovable; > + return page; > > skip_pages = compound_nr(head) - (page - head); > iter += skip_pages - 1; > @@ -8303,12 +8303,9 @@ struct page *has_unmovable_pages(struct zone *zone, struct page *page, > * is set to both of a memory hole page and a _used_ kernel > * page at boot. > */ > - goto unmovable; > + return page; > } > return NULL; > -unmovable: > - WARN_ON_ONCE(zone_idx(zone) == ZONE_MOVABLE); > - return pfn_to_page(pfn + iter); > } > > #ifdef CONFIG_CONTIG_ALLOC > diff --git a/mm/page_isolation.c b/mm/page_isolation.c > index e70586523ca3..31f5516f5d54 100644 > --- a/mm/page_isolation.c > +++ b/mm/page_isolation.c > @@ -15,12 +15,12 @@ > #define CREATE_TRACE_POINTS > #include > > -static int set_migratetype_isolate(struct page *page, int migratetype, int isol_flags) > +static bool set_migratetype_isolate(struct page *page, int migratetype, > + int isol_flags) > { > - struct page *unmovable = NULL; > + struct page *unmovable = ERR_PTR(-EBUSY); > struct zone *zone; > unsigned long flags; > - int ret = -EBUSY; > > zone = page_zone(page); > > @@ -49,21 +49,25 @@ static int set_migratetype_isolate(struct page *page, int migratetype, int isol_ > NULL); > > __mod_zone_freepage_state(zone, -nr_pages, mt); > - ret = 0; > } > > out: > spin_unlock_irqrestore(&zone->lock, flags); > - if (!ret) > + > + if (!unmovable) { > drain_all_pages(zone); > - else if ((isol_flags & REPORT_FAILURE) && unmovable) > - /* > - * printk() with zone->lock held will guarantee to trigger a > - * lockdep splat, so defer it here. > - */ > - dump_page(unmovable, "unmovable page"); > - > - return ret; > + } else { > + WARN_ON_ONCE(zone_idx(zone) == ZONE_MOVABLE); > + > + if ((isol_flags & REPORT_FAILURE) && !IS_ERR(unmovable)) > + /* > + * printk() with zone->lock held will likely trigger a > + * lockdep splat, so defer it here. > + */ > + dump_page(unmovable, "unmovable page"); > + } > + > + return !!unmovable; > } > > static void unset_migratetype_isolate(struct page *page, unsigned migratetype) > -- > 2.21.0 (Apple Git-122.2) -- Michal Hocko SUSE Labs