From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 459A3C433F5 for ; Tue, 26 Apr 2022 07:06:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CF3146B0074; Tue, 26 Apr 2022 03:06:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CA38C6B0075; Tue, 26 Apr 2022 03:06:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BB8E56B0078; Tue, 26 Apr 2022 03:06:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.a.hostedemail.com [64.99.140.24]) by kanga.kvack.org (Postfix) with ESMTP id AD32D6B0074 for ; Tue, 26 Apr 2022 03:06:43 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 7F7B420A11 for ; Tue, 26 Apr 2022 07:06:43 +0000 (UTC) X-FDA: 79398147486.30.1A75F3C Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by imf08.hostedemail.com (Postfix) with ESMTP id 56DDA16003C for ; Tue, 26 Apr 2022 07:06:37 +0000 (UTC) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.53]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4KnXwt6ClnzhYj7; Tue, 26 Apr 2022 15:06:22 +0800 (CST) Received: from [10.174.177.76] (10.174.177.76) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 26 Apr 2022 15:06:38 +0800 Subject: Re: [PATCH v3 1/3] mm/swapfile: unuse_pte can map random data if swap read fails To: =?UTF-8?B?SE9SSUdVQ0hJIE5BT1lBKOWggOWPoyDnm7TkuZ8p?= CC: David Hildenbrand , "akpm@linux-foundation.org" , "willy@infradead.org" , "vbabka@suse.cz" , "dhowells@redhat.com" , "neilb@suse.de" , "apopple@nvidia.com" , "surenb@google.com" , "minchan@kernel.org" , "peterx@redhat.com" , "sfr@canb.auug.org.au" , "linux-mm@kvack.org" , "linux-kernel@vger.kernel.org" References: <20220424091105.48374-1-linmiaohe@huawei.com> <20220424091105.48374-2-linmiaohe@huawei.com> <20220425010804.GA3746096@hori.linux.bs1.fc.nec.co.jp> <3ab987be-614a-4757-4124-26bb09d3f160@huawei.com> <20220426003118.GA3829204@hori.linux.bs1.fc.nec.co.jp> From: Miaohe Lin Message-ID: <45a5052b-5c6e-1d5e-6c90-eb3ff2ed1130@huawei.com> Date: Tue, 26 Apr 2022 15:06:38 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: <20220426003118.GA3829204@hori.linux.bs1.fc.nec.co.jp> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.177.76] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 56DDA16003C X-Stat-Signature: jqhp3b7iaigjid7cacbw7z8rirt5kure X-Rspam-User: Authentication-Results: imf08.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf08.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.188 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com X-HE-Tag: 1650956797-410416 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2022/4/26 8:31, HORIGUCHI NAOYA(堀口 直也) wrote: > On Mon, Apr 25, 2022 at 04:47:41PM +0800, Miaohe Lin wrote: >> On 2022/4/25 15:45, David Hildenbrand wrote: >>> On 25.04.22 03:08, HORIGUCHI NAOYA(堀口 直也) wrote: >>>> On Sun, Apr 24, 2022 at 05:11:03PM +0800, Miaohe Lin wrote: >>>>> There is a bug in unuse_pte(): when swap page happens to be unreadable, >>>>> page filled with random data is mapped into user address space. In case >>>>> of error, a special swap entry indicating swap read fails is set to the >>>>> page table. So the swapcache page can be freed and the user won't end up >>>>> with a permanently mounted swap because a sector is bad. And if the page >>>>> is accessed later, the user process will be killed so that corrupted data >>>>> is never consumed. On the other hand, if the page is never accessed, the >>>>> user won't even notice it. >>>>> >>>>> Signed-off-by: Miaohe Lin >>>>> Acked-by: David Hildenbrand >>>> >>>> Hi Miaohe, >>>> >>>> This bug sounds relatively serious to me, and it seems old, so is it worth >>>> sending to -stable? >>> >>> I'm not sure if this is worth -stable, but no strong opinion. >> >> I have no strong opinion too. I'm just afraid someone might run into it. But swapoff is >> expected to be a rare operation anyway... >> >>> >>> The do_swap_page() part was added in 2005: >>> >>> commit b81074800b98ac50b64d4c8d34e8abf0fda5e3d1 >>> Author: Kirill Korotaev >>> Date: Mon May 16 21:53:50 2005 -0700 >>> >>> [PATCH] do_swap_page() can map random data if swap read fails >>> >>> There is a bug in do_swap_page(): when swap page happens to be unreadable, >>> page filled with random data is mapped into user address space. The fix is >>> to check for PageUptodate and send SIGBUS in case of error. >>> >>> Signed-Off-By: Kirill Korotaev >>> Signed-Off-By: Alexey Kuznetsov >>> Acked-by: Hugh Dickins >>> Signed-off-by: Andrew Morton >>> Signed-off-by: Linus Torvalds >>> >>> So the do_swap_page() part has been fixed for quite a while already. >> >> Does this mean only do_swap_page maps random data if swap read fails is observed from that time on? >> So this might not be worth -stable as it's never seen more than a decade? > > OK, both choices seems possible, so not sending to -stable is fine to me. > It's finally up to you. I tend not to send it to -stable due to the above concern now. Thanks! > > Thanks, > Naoya Horiguchi >