From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78CFEC433EF for ; Mon, 25 Apr 2022 08:47:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E6B748D001F; Mon, 25 Apr 2022 04:47:47 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E1B5E8D0006; Mon, 25 Apr 2022 04:47:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CE2E98D001F; Mon, 25 Apr 2022 04:47:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.25]) by kanga.kvack.org (Postfix) with ESMTP id BF03A8D0006 for ; Mon, 25 Apr 2022 04:47:47 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 9E2E522A29 for ; Mon, 25 Apr 2022 08:47:47 +0000 (UTC) X-FDA: 79394773374.05.A3D5BDB Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by imf05.hostedemail.com (Postfix) with ESMTP id 1AF6210004B for ; Mon, 25 Apr 2022 08:47:40 +0000 (UTC) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.55]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4KmzCH37Jrzfb32; Mon, 25 Apr 2022 16:46:51 +0800 (CST) Received: from [10.174.177.76] (10.174.177.76) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Mon, 25 Apr 2022 16:47:42 +0800 Subject: Re: [PATCH v3 1/3] mm/swapfile: unuse_pte can map random data if swap read fails To: David Hildenbrand , =?UTF-8?B?SE9SSUdVQ0hJIE5BT1lBKOWggOWPoyDnm7TkuZ8p?= CC: "akpm@linux-foundation.org" , "willy@infradead.org" , "vbabka@suse.cz" , "dhowells@redhat.com" , "neilb@suse.de" , "apopple@nvidia.com" , "surenb@google.com" , "minchan@kernel.org" , "peterx@redhat.com" , "sfr@canb.auug.org.au" , "linux-mm@kvack.org" , "linux-kernel@vger.kernel.org" References: <20220424091105.48374-1-linmiaohe@huawei.com> <20220424091105.48374-2-linmiaohe@huawei.com> <20220425010804.GA3746096@hori.linux.bs1.fc.nec.co.jp> From: Miaohe Lin Message-ID: <3ab987be-614a-4757-4124-26bb09d3f160@huawei.com> Date: Mon, 25 Apr 2022 16:47:41 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.177.76] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected X-Stat-Signature: ww6bki5kfaewjk9yeaufpdabeefstkid X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 1AF6210004B Authentication-Results: imf05.hostedemail.com; dkim=none; spf=pass (imf05.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.187 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com X-Rspam-User: X-HE-Tag: 1650876460-39537 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2022/4/25 15:45, David Hildenbrand wrote: > On 25.04.22 03:08, HORIGUCHI NAOYA(堀口 直也) wrote: >> On Sun, Apr 24, 2022 at 05:11:03PM +0800, Miaohe Lin wrote: >>> There is a bug in unuse_pte(): when swap page happens to be unreadable, >>> page filled with random data is mapped into user address space. In case >>> of error, a special swap entry indicating swap read fails is set to the >>> page table. So the swapcache page can be freed and the user won't end up >>> with a permanently mounted swap because a sector is bad. And if the page >>> is accessed later, the user process will be killed so that corrupted data >>> is never consumed. On the other hand, if the page is never accessed, the >>> user won't even notice it. >>> >>> Signed-off-by: Miaohe Lin >>> Acked-by: David Hildenbrand >> >> Hi Miaohe, >> >> This bug sounds relatively serious to me, and it seems old, so is it worth >> sending to -stable? > > I'm not sure if this is worth -stable, but no strong opinion. I have no strong opinion too. I'm just afraid someone might run into it. But swapoff is expected to be a rare operation anyway... > > The do_swap_page() part was added in 2005: > > commit b81074800b98ac50b64d4c8d34e8abf0fda5e3d1 > Author: Kirill Korotaev > Date: Mon May 16 21:53:50 2005 -0700 > > [PATCH] do_swap_page() can map random data if swap read fails > > There is a bug in do_swap_page(): when swap page happens to be unreadable, > page filled with random data is mapped into user address space. The fix is > to check for PageUptodate and send SIGBUS in case of error. > > Signed-Off-By: Kirill Korotaev > Signed-Off-By: Alexey Kuznetsov > Acked-by: Hugh Dickins > Signed-off-by: Andrew Morton > Signed-off-by: Linus Torvalds > > So the do_swap_page() part has been fixed for quite a while already. Does this mean only do_swap_page maps random data if swap read fails is observed from that time on? So this might not be worth -stable as it's never seen more than a decade? Thanks! >