From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3DD1DC433EF for ; Mon, 24 Jan 2022 17:31:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B2DE76B0096; Mon, 24 Jan 2022 12:31:31 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id ADD3C6B0099; Mon, 24 Jan 2022 12:31:31 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9CC8F6B009C; Mon, 24 Jan 2022 12:31:31 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0148.hostedemail.com [216.40.44.148]) by kanga.kvack.org (Postfix) with ESMTP id 8FEE96B0096 for ; Mon, 24 Jan 2022 12:31:31 -0500 (EST) Received: from smtpin16.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 3B7C98249980 for ; Mon, 24 Jan 2022 17:31:31 +0000 (UTC) X-FDA: 79065872382.16.1635328 Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com [209.85.160.177]) by imf14.hostedemail.com (Postfix) with ESMTP id 6128310003F for ; Mon, 24 Jan 2022 17:31:29 +0000 (UTC) Received: by mail-qt1-f177.google.com with SMTP id o3so900176qtm.12 for ; Mon, 24 Jan 2022 09:31:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=E8MQ4czb3ly2s0ZsHOR2X1HdMa1yeCdwsrvL3BnehgA=; b=Wg2tUc+O43y+Z/MoAaE+dIs/RaMYZg3sY5Qr5LVg3GlCgc4PYr2PKS5NFnGiQjW4/E Xg/e0p94De6lky+3hq+TVAtuI2D+mKpdkNvAAECOKSakxmY9LtOjYTMczIv9I47a0LC1 HBjDdJc9vbqBUHUHY0DR75+K4I2j5K8eQpslOyIm1nTgTPcbtMj3NKddE4Wls/j+tgOA O8fIaLFeiXmzv4zKTd3GC1nagNriRzRL+urBT1QGxlw1swAIdBycI78zgT9zB5N1TvLn zmV0n3bSt1HC3AK81NOMCBIbYQ515Gh8IGvP1mqVXHCuT1K2x1pnh1a63Tub/P8o1R/I 87wQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=E8MQ4czb3ly2s0ZsHOR2X1HdMa1yeCdwsrvL3BnehgA=; b=lUP2mCgYNb3106VDpYAaH5YfkK2i2OXkUXEmOXGW1j1cL3uJCj/tqoqtXzQSqt7BEh 1/1YlBtkGRWjh9Xm2AhMwpdpkDDrk/2qfcnmnP6EK0sm4e4DjXtso2YDh7GpLYcxFesR inPitYhA5PFVX+b6lp09293yRuR6LTVcedzWwbV3LOu2aX71VG6mn3W0GYG8ypBBaGcF NUm4mqzQUdZxraHvwWAdysRlQLXPXFXEGMSEas6c7K7koMJSB35XoBJMH2DYAllmRfdB myK2impafbYxHWQl7ZrxkGIjK7QGkzYfP/P015fMI0CveFY/6CmXQUOJ8mnfUxhhadwc u4jA== X-Gm-Message-State: AOAM531ZO3r94YfaisHGgLG1oJSfIrU/1/C33wqbFCTWqI5eC+IVzgSc t4Kp7HZ1HNxE6oKX6mgBPLU59PX2U5x6OVZQDyLyUbGpHwg= X-Google-Smtp-Source: ABdhPJyQnGtfIbojLhJ7nOqwsG6cQ6YUdbeVqP4NbJ9FV0B/g8EYeQIMJZJ+MT74ICkdxcLPsKBJ+5Yw/kAAzmlA9CA= X-Received: by 2002:a02:b382:: with SMTP id p2mr7731338jan.71.1643044973568; Mon, 24 Jan 2022 09:22:53 -0800 (PST) MIME-Version: 1.0 References: <20220120020148.1632253-1-pcc@google.com> In-Reply-To: <20220120020148.1632253-1-pcc@google.com> From: Andrey Konovalov Date: Mon, 24 Jan 2022 18:22:42 +0100 Message-ID: Subject: Re: [PATCH v3] mm: use compare-exchange operation to set KASAN page tag To: Peter Collingbourne Cc: Andrew Morton , Linux Memory Management List , LKML , Peter Zijlstra , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=Wg2tUc+O; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf14.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.160.177 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 6128310003F X-Stat-Signature: ymrxpxpzj4f3rfsu71996acf9mbh7cfo X-HE-Tag: 1643045489-101397 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Jan 20, 2022 at 3:02 AM Peter Collingbourne wrote: > > It has been reported that the tag setting operation on newly-allocated > pages can cause the page flags to be corrupted when performed > concurrently with other flag updates as a result of the use of > non-atomic operations. Fix the problem by using a compare-exchange > loop to update the tag. > > Signed-off-by: Peter Collingbourne > Link: https://linux-review.googlesource.com/id/I456b24a2b9067d93968d43b4bb3351c0cec63101 > Fixes: 2813b9c02962 ("kasan, mm, arm64: tag non slab memory allocated via pagealloc") > Cc: stable@vger.kernel.org > --- > v3: > - use try_cmpxchg() as suggested by Peter Zijlstra on another > patch > > v2: > - use READ_ONCE() > > include/linux/mm.h | 17 ++++++++++++----- > 1 file changed, 12 insertions(+), 5 deletions(-) > > diff --git a/include/linux/mm.h b/include/linux/mm.h > index c768a7c81b0b..87473fe52c3f 100644 > --- a/include/linux/mm.h > +++ b/include/linux/mm.h > @@ -1531,11 +1531,18 @@ static inline u8 page_kasan_tag(const struct page *page) > > static inline void page_kasan_tag_set(struct page *page, u8 tag) > { > - if (kasan_enabled()) { > - tag ^= 0xff; > - page->flags &= ~(KASAN_TAG_MASK << KASAN_TAG_PGSHIFT); > - page->flags |= (tag & KASAN_TAG_MASK) << KASAN_TAG_PGSHIFT; > - } > + unsigned long old_flags, flags; > + > + if (!kasan_enabled()) > + return; > + > + tag ^= 0xff; > + old_flags = READ_ONCE(page->flags); > + do { > + flags = old_flags; > + flags &= ~(KASAN_TAG_MASK << KASAN_TAG_PGSHIFT); > + flags |= (tag & KASAN_TAG_MASK) << KASAN_TAG_PGSHIFT; > + } while (unlikely(!try_cmpxchg(&page->flags, &old_flags, flags))); > } > > static inline void page_kasan_tag_reset(struct page *page) > -- > 2.34.1.703.g22d0c6ccf7-goog > Reviewed-by: Andrey Konovalov FWIW, try_cmpxchg() doesn't seem to be doing annotated atomic accesses when accessing old_flags, so using READ_ONCE() in page_kasan_tag_set() seems pointless after all.