From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=VA16=XW=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 481E3C388F3
	for <linux-mm@archiver.kernel.org>; Fri, 27 Sep 2019 22:17:39 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 0A3EC2075D
	for <linux-mm@archiver.kernel.org>; Fri, 27 Sep 2019 22:17:38 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WBUhkiFO"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0A3EC2075D
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 9B8DB8E0005; Fri, 27 Sep 2019 18:17:38 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 96A478E0001; Fri, 27 Sep 2019 18:17:38 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 8312B8E0005; Fri, 27 Sep 2019 18:17:38 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0171.hostedemail.com [216.40.44.171])
	by kanga.kvack.org (Postfix) with ESMTP id 62E088E0001
	for <linux-mm@kvack.org>; Fri, 27 Sep 2019 18:17:38 -0400 (EDT)
Received: from smtpin07.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with SMTP id D801F824CA38
	for <linux-mm@kvack.org>; Fri, 27 Sep 2019 22:17:37 +0000 (UTC)
X-FDA: 75982113354.07.twist24_5faedf5eba83a
X-HE-Tag: twist24_5faedf5eba83a
X-Filterd-Recvd-Size: 4686
Received: from mail-io1-f65.google.com (mail-io1-f65.google.com [209.85.166.65])
	by imf40.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Fri, 27 Sep 2019 22:17:37 +0000 (UTC)
Received: by mail-io1-f65.google.com with SMTP id r26so20417632ioh.8
        for <linux-mm@kvack.org>; Fri, 27 Sep 2019 15:17:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=jtdpHWdaOzBJG1l11wjunhszkLf4m5dPyPl2qjcAnbY=;
        b=WBUhkiFOSjclrVig0cBN8oFEn7WORx06MoPzAkReZqA4s9NLdOxOjA184PpWetX+hG
         vjH4N8eLkTzK+BAJdLsabMGt6SaKXm3ne1YXkk3w1Ch+N5+4Qj6wtkHV9Zk+HIvd1pii
         ITF/tPOYgfzQJmybTYQss+F3rDkrSD+V1BA01d7xjx+mlxblCcG+aK1VCqllwHJJJPhm
         EkdpBgjzFF+GfG0y/lfUM1oD8c84SDdjN4+TZncxdl3r9kYv8L+TRdY4d8Jc/BXWr9h4
         AXmM3vQw3JzMA3JxVDwcxraHQ1bj6GEx97yQ9sHiVvE7GtBlpXAGF6YLqbcTmUNzT3P+
         o27Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=jtdpHWdaOzBJG1l11wjunhszkLf4m5dPyPl2qjcAnbY=;
        b=ONrtNOsq6nvt7jJsirA7DpBYlZqxgq5jrDamD6tP+s2Fpwr/LWNJ1RKsqdhFQcDVwM
         2XS9nFHSgOb9GXcwgVxuqP7RO8vcnR8Ol456XqC0QQISktGEjDIqXCuF3vyYiRMJKkrg
         DAY0EZJyV6ObTKVRuvGj3Ic3GU/UMNM2GvG0Nuyd1dAsR7mLhGZgQ9G5VXHNiRvSCfDY
         qiPOzLZm93KvYpQgQ9Z8F24xRRT++wFp/gZ1IH3NtVu7ZMCr4tYlVcSZ92m5QcwEZzvG
         AUYetjPv1lsjKhUr6J+fQvA5ci1kW7TNDKcwyZM+3K3HtZw/JhO9C4FOKXmXTguRNxpP
         oJjg==
X-Gm-Message-State: APjAAAUeb5+unRNFbfijrqeNA149HK0wDCmQoYmn2fyWpIDKhwa6IZwD
	ZjeZ0XNCI0DJZucbAU/5cQWnWeHzD00LdjFxsXE=
X-Google-Smtp-Source: APXvYqyHXEisUqb2a6eJK99BhNByQ1sbKF2JLQs5QtBQUj8A/zZmvp28P35HAZXoXXuArHOuS1WS37fHaTbcvNmAkr4=
X-Received: by 2002:a92:d110:: with SMTP id a16mr6993851ilb.97.1569622656548;
 Fri, 27 Sep 2019 15:17:36 -0700 (PDT)
MIME-Version: 1.0
References: <1569613623-16820-1-git-send-email-cai@lca.pw> <20190927140222.6f7d0a41b9e734053ee911b9@linux-foundation.org>
 <1569619686.5576.242.camel@lca.pw> <20190927145945.846a3f3405d3af066827d3f5@linux-foundation.org>
In-Reply-To: <20190927145945.846a3f3405d3af066827d3f5@linux-foundation.org>
From: Alexander Duyck <alexander.duyck@gmail.com>
Date: Fri, 27 Sep 2019 15:17:25 -0700
Message-ID: <CAKgT0UfZBNmn1aZdvRT6Yvki3LBi_Nr5hjkYeSnpA7S8kY58-Q@mail.gmail.com>
Subject: Re: [PATCH] mm/page_alloc: fix a crash in free_pages_prepare()
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Qian Cai <cai@lca.pw>, Heiko Carstens <heiko.carstens@de.ibm.com>, gor@linux.ibm.com, 
	David Hildenbrand <david@redhat.com>, borntraeger@de.ibm.com, linux-s390@vger.kernel.org, 
	linux-mm <linux-mm@kvack.org>, LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Bogosity: Ham, tests=bogofilter, spamicity=0.011127, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Sep 27, 2019 at 2:59 PM Andrew Morton <akpm@linux-foundation.org> wrote:
>
> On Fri, 27 Sep 2019 17:28:06 -0400 Qian Cai <cai@lca.pw> wrote:
>
> > >
> > > So I think you've moved the arch_free_page() to be after the final
> > > thing which can access page contents, yes?  If so, we should have a
> > > comment in free_pages_prepare() to attmept to prevent this problem from
> > > reoccurring as the code evolves?
> >
> > Right, something like this above arch_free_page() there?
> >
> > /*
> >  * It needs to be just above kernel_map_pages(), as s390 could mark those
> >  * pages unused and then trigger a fault when accessing.
> >  */
>
> I did this.
>
> --- a/mm/page_alloc.c~mm-page_alloc-fix-a-crash-in-free_pages_prepare-fix
> +++ a/mm/page_alloc.c
> @@ -1179,7 +1179,13 @@ static __always_inline bool free_pages_p
>                 kernel_init_free_pages(page, 1 << order);
>
>         kernel_poison_pages(page, 1 << order, 0);
> +       /*
> +        * arch_free_page() can make the page's contents inaccessible.  s390
> +        * does this.  So nothing which can access the page's contents should
> +        * happen after this.
> +        */
>         arch_free_page(page, order);
> +
>         if (debug_pagealloc_enabled())
>                 kernel_map_pages(page, 1 << order, 0);
>

So the question I would have is what is the state of the page after it
has been marked unused and then pulled back in? I'm assuming it will
be all 0s.

I know with the work I am still doing on marking pages as unused this
ends up being an additional item that we will need to pay attention
to, however in our case we will just be initializing the page as zero
if we end up evicting it from the guest.