From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 490A0C54E58 for ; Mon, 18 Mar 2024 23:17:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id ADE476B0092; Mon, 18 Mar 2024 19:17:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A8EDD6B0093; Mon, 18 Mar 2024 19:17:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 97D8D6B0095; Mon, 18 Mar 2024 19:17:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 851C46B0092 for ; Mon, 18 Mar 2024 19:17:28 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 374FB120F7D for ; Mon, 18 Mar 2024 23:17:28 +0000 (UTC) X-FDA: 81911723376.13.C185750 Received: from mail-ej1-f52.google.com (mail-ej1-f52.google.com [209.85.218.52]) by imf07.hostedemail.com (Postfix) with ESMTP id 546D340019 for ; Mon, 18 Mar 2024 23:17:26 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=vR61vGPj; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf07.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.52 as permitted sender) smtp.mailfrom=yosryahmed@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710803846; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=MYlJ0m8B4UnARm2TPYjOnOf8jyZsU1XoJlsBaw3m4Ek=; b=xHXvv9HeFfxD6xduDv3ouuJBJK4QSEAGe5gXFAJ4haYmOdd1v59u8O0/TnW8Ahb5rXpPJr ELc/UEnjkEuvgO77Wc+PoLrRnts+JPqFTeFTS2mBcNYbCipVJR7oLSVEGLswb6E2tfAt0b ADKZTM9a0Az/R30tEAveTD7JsknQ6m4= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=vR61vGPj; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf07.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.52 as permitted sender) smtp.mailfrom=yosryahmed@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710803846; a=rsa-sha256; cv=none; b=2d63ChjesepIarfIvM7z29kTUzxPxHgBVKcPcK3UTextt7p94h1B6y/hnHKDfhqVrSkTGK Lqb0u/321Q2gb05Rx2kjWK40AaP5tX9sCsqdhICp8ce2cv+CEVWYgIx8KuxY5fEpxe6GdA iZl+vkwl7Ie7DV2kTK9hxqOSJDscUSQ= Received: by mail-ej1-f52.google.com with SMTP id a640c23a62f3a-a4675aaa2e8so571255466b.0 for ; Mon, 18 Mar 2024 16:17:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1710803845; x=1711408645; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=MYlJ0m8B4UnARm2TPYjOnOf8jyZsU1XoJlsBaw3m4Ek=; b=vR61vGPjuxXOVFfYPMCvjK/HFovsipb5NXa245RMa6oynx//Z7jyoOhXAiur8BpVRU 9FnMTM5YSElNojDGQLEk13JgwGzUytcQD0iGmYH392lXgCnHln0V0dPkXwsCPtn/FTOe w7wT+Yss4fiPBsAeCM5w6nt6kHpNGFKWZ6eSLpgIXJoRhthtS2Ppp/z8cfdfHTEQa3D0 DJr9sXH401gIc9EY53OZT5eIgZdcpeEmbSQRSmUmk8CgU1kqQKCaOFUEkiCcMtxR4wvp ckQx2IN/XZ7nNCPqz6LJNlKMsSX+cLwlWEwlsi7aNYHT/qb97rBkhw3etOjqvkpH7nJo xnvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710803845; x=1711408645; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MYlJ0m8B4UnARm2TPYjOnOf8jyZsU1XoJlsBaw3m4Ek=; b=i1drB6sx+8r5ThbUGgDGCAC5T/EyN5TzQyHr3rJZCw0UAvRcI4Ik03c7tKD8YfZHZg 05KRgfK5aMDIl9JtJhvpIoPGzSd/UPV/lG++qJYLKxBdZ7mlLK8JzzoHqUcT6sMSoztV ESglQWp+dFpHdrKLCN5TxgLlE9k8Buvyy6wS9HaiUXQhxFLWnjTD4hbbK+LqUb6RAYip XNHNY4QNiP/w/gNzOAdqR8AdQLzbHId+oBTWMdMYV2gygrUzwDLlXkzz20/Jzk0KEO1q TIvgH+dtYxf1CzVqnD/DbKpLCUwIgZsktV4JMO/aR55TGVyYrge6f6p6GQYjGnL4xuI6 EJww== X-Forwarded-Encrypted: i=1; AJvYcCUvj+/reHK2ohOB7Y+VV8/zXR47vKWZn+t7g0v55jdJ2jxOW6vL0hyo9tszb/9G2Z+scw2eUJhHnrM/W5pJogE1PvA= X-Gm-Message-State: AOJu0YzpALYSKusAhXAB6trfL5obprspgvXhstOr4nbKRuC76Q+QQdw0 T/SjGAzhY7GAiLxU49Irrx4jdivXrF3Stsrb/6yfzhN1wR4xZ621bIau0fQla7sh4l51WZF/Se0 wcdIstPVNoyDfQABDb5MtkY263f6JuKI0Wntf X-Google-Smtp-Source: AGHT+IGxy+nudpmCt0OCP8vE+D/ayY+4MLDrueOCL5VIn37CqXgAP7JT5EqPjiBfS+AcsXqTVkMlldAxDCiV3W8RiSE= X-Received: by 2002:a17:907:971c:b0:a46:9a9e:f3b0 with SMTP id jg28-20020a170907971c00b00a469a9ef3b0mr8215722ejc.67.1710803844571; Mon, 18 Mar 2024 16:17:24 -0700 (PDT) MIME-Version: 1.0 References: <20240318230013.87543-1-21cnbao@gmail.com> In-Reply-To: From: Yosry Ahmed Date: Mon, 18 Mar 2024 16:16:46 -0700 Message-ID: Subject: Re: [PATCH] mm: zswap: fix kernel BUG in sg_init_one To: Barry Song <21cnbao@gmail.com> Cc: hannes@cmpxchg.org, nphamcs@gmail.com, akpm@linux-foundation.org, chrisl@kernel.org, v-songbaohua@oppo.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, ira.weiny@intel.com, syzbot+adbc983a1588b7805de3@syzkaller.appspotmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 546D340019 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: 6kwqyg3rouyruaf6joj8o3dkcf53it4m X-HE-Tag: 1710803846-27053 X-HE-Meta: U2FsdGVkX185mWUYRREvJ/nJQBvZi8BYkjw/YQHdor2a5uuuZDV7wC2XiaRlVHzadTg7zPiRu3eVT6eSc7fVvcZU1fcTuu4O7WJwKO5tXroKE/SSjbMcLWU20aWpuTwWle73Yidr5ZXURc4L5gRrOXmqC/kBWwIDbf4juJQ8ap1+U3C2A6r4xmo6SSUcuAwvCg9FavAoQvd4aXyAmz/JimRWmxqkIBJR93YG9fETv4/9WX68nAeK0NkvMV1hMp0vpJ2a509YZVnFPTa/yMraLIXX92fwflmbTp2kkjkvW7+ZjCm5WAQN7WxcMP9GXc1qH3kg+dmmYWX7J28X0WNUVmhrVYIlewzHPAXJYyo8h8EHv9+0I4jIfZITI7MjXlJi+n04Cy23JERS4V7SbAiJJXgxEBaOJAde8UdKAlp9E4H5kDYvcvrPUOatOhztvSZ0iri6QdgxJogat68aeNqmo3Pt019C+aVtAjryWZIs5CmdFonEtrU5cFUnTgbN4SxFLaMakK4RtGQn6daUzlf/mziR6cQ+/HMTHsa3y30j58Fz89FEOxQwcJwZr+MOiOTLwcuHmTo9LFM9S9Fs4CiYdGzcxqOPB/mIQh3Y1N2wXWsZ+I8KhauviuvSdHMI+Xf4hn1N7LQr96szk1fwvc2zjx/E5IpF74dCJ0v9oHUJ/hDUrE3QKQ3kIoa9P7sGA33tkatCu5Q4ShxNiB+b5AicEqjbuLcxAf/b73N3vVWuOD7DDSjnFyJZ9FPLmztkVVMY/28SY2Kd/Vx0jMv0BZnTvhUzjnu0UAphmO9AGU1yX3UlAd4Fmi6rjlRf7RrSVVhvGHUIYbqDyGKucQoMVpCsVXGKBZG8d82LlE7Kd4Cg5mPcM61lFkebU+Q6PNDC998E/yudIGHn5enXWLGe3srbevrEQNfiP7kU/Qx7qxQe5CAifiFmQ4Zq1CgWho231d76QXLoR834IJpWf1NkMX3 5PHf4tG1 oo00bLWzGekf98YId7tddNAUMXDi8bWje3oOlWm5jEWh6Y9LDPVFSY1qJxhzRNrffwZslUZuYGkNjXJ+XbKd2olVvD0MTzQCKtlc4WkC8YV2fFfRfMOHaxQLzUO77zs15SGEJLXaJNraAWMa0pnUAR03XRxduyKAn4bTxQkahTeB1CnGN8FdtOIhNFh94fZWnKW4hIhNteBq/gZxaZckhDqoOFsMhX+hy93ZhhPpjbJDBeSFdmho2m55Ax0AHiNCKRCNR25Y4QPq1i1ka/a2hYQCYDCYuV9LZT8JUGz0uY1bCjUV4lwtnzaJM5zTuLnc+WwofpY85eOf6YXuS+UK6m8kdEUz/4cCrBp0bBROVN6L1OKEaw1q9rUornKltS6DnYalWnjdowQ0yFv/QjlKdT2A7Oxa6pWMJ7WLrpYaRmy/Apqr+LfyLHfwQlPIl9aIyVtcRYzskhmsgw9A3oZgDLLI6wYtjpFxN2uqPRV7fqJXvMyXsIkuWhJwHy+tWyRbInHEWousC1R+gHXptfuijUykzjdSSIt8HNazaP2+nd/I6T0y51JO5B70DMvDgXKLsLDOJUP8ZUYB+fCRUGb8K3oKZTA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Mar 18, 2024 at 4:12=E2=80=AFPM Barry Song <21cnbao@gmail.com> wrot= e: > > On Tue, Mar 19, 2024 at 12:06=E2=80=AFPM Yosry Ahmed wrote: > > > > On Mon, Mar 18, 2024 at 4:00=E2=80=AFPM Barry Song <21cnbao@gmail.com> = wrote: > > > > > > From: Barry Song > > > > > > sg_init_one() relies on linearly mapped low memory for the safe > > > utilization of virt_to_page(). Consequently, we have two choices: > > > either employ kmap_to_page() alongside sg_set_page(), or resort to > > > copying high memory contents to a temporary buffer residing in low > > > memory. However, considering the introduction of the WARN_ON_ONCE > > > in commit ef6e06b2ef870 ("highmem: fix kmap_to_page() for > > > kmap_local_page() addresses"), which specifically addresses high > > > memory concerns, it appears that memcpy remains the sole viable > > > option. > > > > > > Reported-and-tested-by: syzbot+adbc983a1588b7805de3@syzkaller.appspot= mail.com > > > Closes: https://lore.kernel.org/all/000000000000bbb3d80613f243a6@goog= le.com/ > > > Fixes: 270700dd06ca ("mm/zswap: remove the memcpy if acomp is not sle= epable") > > > Signed-off-by: Barry Song > > > --- > > > mm/zswap.c | 5 +++-- > > > 1 file changed, 3 insertions(+), 2 deletions(-) > > > > > > diff --git a/mm/zswap.c b/mm/zswap.c > > > index 9dec853647c8..17bf6d87b274 100644 > > > --- a/mm/zswap.c > > > +++ b/mm/zswap.c > > > @@ -1080,7 +1080,8 @@ static void zswap_decompress(struct zswap_entry= *entry, struct page *page) > > > mutex_lock(&acomp_ctx->mutex); > > > > > > src =3D zpool_map_handle(zpool, entry->handle, ZPOOL_MM_RO); > > > - if (acomp_ctx->is_sleepable && !zpool_can_sleep_mapped(zpool)= ) { > > > + if ((acomp_ctx->is_sleepable && !zpool_can_sleep_mapped(zpool= )) || > > > + !virt_addr_valid(src)) { > > > > > > Would it be better to explicitly check is_kmap_addr() here? I am > > particularly worried about hiding a bug where the returned address > > from zpool_map_handle() is not a kmap address, but also not a valid > > linear mapping address. > > > > If we use is_kmap_addr() here, then the virt_addr_valid() check in > > sg_init_one() will catch any non-kmap non-linear mapping addresses. > > WDYT? Am I being paranoid? :) > > we have a possibility that a userspace buffer or vmalloc address is given= to > sg_init_one, then it is non-kmap non-linear. but is it possible someday s= ome > people return a vmalloc/vmap address from zpool_map_handle() in the futur= e? > then we still need !virt_addr_valid(). Hmm I guess if zpool_map_handle() ever returns a vmalloc/vmap address we would need to copy the data to the buffer in zswap code, at least until we enlighten the code to deal with them directly. So I guess we can keep virt_addr_valid(). Ideally the comment will clarify this. Thanks!