From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E33EC4829B for ; Tue, 6 Feb 2024 15:15:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B11AC6B0071; Tue, 6 Feb 2024 10:15:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id AC1486B0072; Tue, 6 Feb 2024 10:15:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 989836B0074; Tue, 6 Feb 2024 10:15:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 8A46B6B0071 for ; Tue, 6 Feb 2024 10:15:32 -0500 (EST) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 47736120C11 for ; Tue, 6 Feb 2024 15:15:32 +0000 (UTC) X-FDA: 81761728104.18.A52DB15 Received: from mail-ej1-f49.google.com (mail-ej1-f49.google.com [209.85.218.49]) by imf17.hostedemail.com (Postfix) with ESMTP id E69EA4001E for ; Tue, 6 Feb 2024 15:15:29 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=cmpxchg-org.20230601.gappssmtp.com header.s=20230601 header.b=Cphw65em; spf=pass (imf17.hostedemail.com: domain of hannes@cmpxchg.org designates 209.85.218.49 as permitted sender) smtp.mailfrom=hannes@cmpxchg.org; dmarc=pass (policy=none) header.from=cmpxchg.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1707232530; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4gBnKK77AV0+CN8NcnVmcSVbE7VVIsZ5+lIFHAO1uLY=; b=Iuglb32LbYnzaD4OVMY2Ul5YA1PRUaNAaAcvt+oLUlFfoUGsgCMP3jQFepvTLWxsbsf6DO x4RLSHsezBYa95xQho/41gQsLwrMJkR2wfmkxxDRyB7GVsmjkAvViz/j6wuNknc1Crs4AF enhr52v1Qe06eYkQiGdY5p++uf+t6xM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1707232530; a=rsa-sha256; cv=none; b=gIOuANrfIxL6pjON8bWGH64xCjWKnMGCWAulLRN7uW2OXaY7LXFHXrh87j8nlNQWGL3G26 GfxmjOAlGgTTSLb8x8iTwlXSXUfNazhxcyBGwXjvt34PWWF8/12huvs3Uo9DiSqCN/fQbK j+/vgq1LM5S/ovrXfI52dt6tkehKWmU= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=cmpxchg-org.20230601.gappssmtp.com header.s=20230601 header.b=Cphw65em; spf=pass (imf17.hostedemail.com: domain of hannes@cmpxchg.org designates 209.85.218.49 as permitted sender) smtp.mailfrom=hannes@cmpxchg.org; dmarc=pass (policy=none) header.from=cmpxchg.org Received: by mail-ej1-f49.google.com with SMTP id a640c23a62f3a-a380a1fa56fso130995066b.0 for ; Tue, 06 Feb 2024 07:15:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cmpxchg-org.20230601.gappssmtp.com; s=20230601; t=1707232528; x=1707837328; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=4gBnKK77AV0+CN8NcnVmcSVbE7VVIsZ5+lIFHAO1uLY=; b=Cphw65em7x84fjnKwjy8YVmtyR/Iovj1flJgaw+piaUjV7soi1uTynB9Eu5rEZN8Zc 8FbRx1wVyhjfpHbFzo0VaVNXiU2wgPFbJUFmLG88gDI4QzBNAD9/Vf+2Ib0919E1E87O KI5E+cUBqsnR30ivN0hYvp4a1ouOmwAd08NJ7LdLJmlQWh5ywUWkQn0IppdnIZBiWmm8 hWIsLfuOeZzt5ACHqXSCT2SDD+SxtwWdUxc0mdV1AsYX42hYUl2ProZ3ddXJH3e9pEF8 7yoAKpp+7M6glH9j650/MaqdE9qOm3QAA6ZliT7eZ5chWPvsciSzwjDzZMEPahL3Avlx TBJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707232528; x=1707837328; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=4gBnKK77AV0+CN8NcnVmcSVbE7VVIsZ5+lIFHAO1uLY=; b=rXHv+KS3lmGrDOc5ybsxkvLLhZAJ+o+/7x6tvO/zB2hIc0O1h2xbn8ynQz60HyZKrn bUIZwB+TBgHDY0qGpJ7+eBvhdtudnq0fTRA0wm93EdinKdMgNztCm+md5vJ3bNbwsF7y pbKJ0Qpip9v95rhkFU/TNIm9YoX/jTaWpGiwzt6mql2kFek51R95c9MNp5vEsLxNoDfA AC364bvzGuzlSIwq1xoHy7GE6x0RGG1ph7cTZE8B94lVi41VCs9uvjbCzisTHHXw3Ldq n2VeJ1udcm0le8Xcfaqi+D+pG0t+flSqkeC/eftXpzup26EHwAw+pcJFTKKX5C1ZUZ76 OpPA== X-Gm-Message-State: AOJu0YzUv9FblzhFXDPLORfNFkOZq6upaqo6+eUIC5hyiaxSqgyg4Wsd GoZPoZXcapYyAlZXlWlSctPeGzt5caq1dPAoqLqv9roZOqyBfgMnrHymXRnHyX986GHnx+D8FqM J4QA= X-Google-Smtp-Source: AGHT+IFQnaKZqeh5Rj4xqEMX0k6pttBa4Vu1n4Z0CI4CRMpqbmsUFuB5tmsthzYeBD6KzApNV8jfhw== X-Received: by 2002:a17:906:7c4d:b0:a23:7633:59ae with SMTP id g13-20020a1709067c4d00b00a23763359aemr3112272ejp.9.1707232528329; Tue, 06 Feb 2024 07:15:28 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCUg9wW+S7ycBthefkD2WByjBb+beZRpaMOnm58bFhiH+rMC4v4yIEFIixiiBRuvnLUWNHASoKCQ6koWvzr7wDfLACo/vhOqMf4D8E1dgCAwJywxwIBuWzPU0xOQNd8z9gAwuxqpRKpioQ0c0XXpwyu3Hy4rGpvg8oj19AFfLGP6XEg69HNLGGa+6/bE6BwM9hGKRFzC0qvOT4E6VqQYUu7Fi7mJ3qGP8w== Received: from localhost ([2a02:8071:6401:180:f8f5:527f:9670:eba8]) by smtp.gmail.com with ESMTPSA id rg14-20020a1709076b8e00b00a382ba97f95sm765703ejc.143.2024.02.06.07.15.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Feb 2024 07:15:28 -0800 (PST) Date: Tue, 6 Feb 2024 16:15:23 +0100 From: Johannes Weiner To: Nhat Pham Cc: akpm@linux-foundation.org, chengming.zhou@linux.dev, yosryahmed@google.com, linux-mm@kvack.org, kernel-team@meta.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mm/swap_state: update zswap LRU's protection range with the folio locked Message-ID: <20240206151523.GB54958@cmpxchg.org> References: <20240205232442.3240571-1-nphamcs@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240205232442.3240571-1-nphamcs@gmail.com> X-Rspamd-Queue-Id: E69EA4001E X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: h14xtpozo8m3bo3m9zqsn365xa1zjko5 X-HE-Tag: 1707232529-987399 X-HE-Meta: U2FsdGVkX19mVQc8bUhACnTUoH79D162vH+QhdXpLdkqtiIifwopzYXppaOHNrd/AMLpKkIlXSun8V2uedV7X7fLzRughQTFMZIVRYqCPZhcI6zuGDoo9lHHGqDo97zUcwMVYd5HgIMFMUeIhD1sdYGnn//OO2+iHhWKb3htkpJrEyEiaNEHWS2QUSJcoB8YefVve0OOR+FFgzZE91vtxVXXP5QW3qnxBOLkVbxBOKFlsgjNXKCIp7b+Hg5n0tx9OA96/59rC6QP3Aa6yKT/Rbe2rZWXcGjJYytgfa8rsRG5ax4489FnayBAf3c49OIGqcpja+BwtqYJcNPYofpa0uXVghWfj4remjUSDrUYpesziilHhP8scWmvVYMUWky6E7KdA2AJ6aiUn/cXwViEZHCO0TP8f0RzXw65J+CjZXVYPNt2hqymNceYQ01p6xCZReF+QqvloRitpyndGjuvwjOEnh8x6YhMepQSSzxQNfx1mrnAwHwpHgO2Qib9RW4QPwwvZa9fvo/yzdYOZXFtS9Wj8UIw0ddlpsEfIhJoLdjDpFXO3EoiEnLy4QfvN+OISM52dyUNJ4A8tIyMkN/d1cxPr9K5IpW95/3aZSx1/LsRIGUz1fC9UcaRyF70bATBji7JsC8oUcbzZQ08Yn2uv7iIRUhRGQQ4kBE/a70XN6n1BcfwgdTHmKNEN1szncYENjnC+VwbS8Je6kVL+dx4VlHctEMeay8MpG7/sKIek+VJ7TBdm9Aq2klE/Yq4fs63YvcmXQyCw99ga1AzNKFccfcdrV9c71uiVY2IKqZURGuHfspWr9Nyl2jFbvIBMkq0P8/1SSdMM6k1MXO1DMXN6s40g4R3vmpuojzjlyyFGd4pMSuNrtiTnEbxyXJtYdXdugSYbyIgZtkRDF8+9/AmpLyGQlaR7qVtvJPeAJewHvHWqxi5BXR45hP97OG7LcDPcdtc70JPKd39pC7MJgJ QlURnzEp FihrWXyy3wKfqBKdboptMNKSA1vDmyND5hqL3Ai7u2dqagJytEi1YrYsMDWQH/fOKd7IyQnpbPM8aoL4wtW2yApD1Dj3BdbZA3YJb/T2/uh109DhtRMO6sEchAQOoKoMwEf3LyWVTbvOvEgjbjtB9U0x+8FUrVtHJXPhmu8InVbs31qCv7auXF8LY8P4Np2EyyTPVWb9RoBgBQYYeqdqOmVcBtyZRPfMrhlRySKb5+oHf4e3yvLnVEOMBJf6WF5rUj7XUZDPd9CWiENUlklG7K2JGc/8DIqbfYfFwnCj1kmtJOfciCO0cO5ncLw4gz3/Cey7+ouz2Jiyv8pSAh314O6eZUEowwqrvmNYjpXKMF7MJ5L6uNmS3Bly3r5NTeG1cGyWM1hT0Z08pYzTuBmA0kW9xJikXe8n3MqB2ASYPhkFVdw6d9/wiJ7k04uXU4wBKJJdyX4zERp5VsM5wSYGsmPMkwPoOf9b8kMLC3joISxdFkE4H8FYP7YQpE+wEYC0jgjMWJCwKd4dJdEqtz3nM8Ag0KJfwZL0fokjJWXVEJrrfCQTpX0bbrVOAA37Mgr8lhaHWJJKO3FHBD1QU9v6Kx14sj5UvMwexU0n4oB+33V6OHDAj7Jh7fovUOtFzuKiVojfpbC+YZLpbyvUd6wbN6pOk9l83cAS37NQiTRDeiXMmvXgZdCzNvRFTebahqVT4ZyTU X-Bogosity: Ham, tests=bogofilter, spamicity=0.000066, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 05, 2024 at 03:24:42PM -0800, Nhat Pham wrote: > Move the zswap LRU protection range update above the swap_read_folio() > call, and only when a new page is allocated. This is the case where > (z)swapin could happen, which is a signal that the zswap shrinker should > be more conservative with its reclaiming action. > > It also prevents a race, in which folio migration can clear the > memcg_data of the now unlocked folio, resulting in a warning in the > inlined folio_lruvec() call. The warning is the most probable outcome, and it will cause the update to go against the root cgroup which is safe at least. But AFAICS there is no ordering guarantee to rule out a UAF if the lookup succeeds but the memcg and lruvec get freed before the update. I think that part should be more prominent in the changelog. It's more important than the first paragraph. Consider somebody scrolling through the git log and trying to decide whether to backport or not; it's helpful to describe the bug and its impact first thing, then put the explanation of the fix after. > Reported-by: syzbot+17a611d10af7d18a7092@syzkaller.appspotmail.com > Closes: https://lore.kernel.org/all/000000000000ae47f90610803260@google.com/ > Fixes: b5ba474f3f51 ("zswap: shrink zswap pool based on memory pressure") > Signed-off-by: Nhat Pham Would it make sense to add VM_WARN_ON_ONCE(!folio_test_locked(folio)); to zswap_folio_swapin() as well?