From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91B87C32772 for ; Tue, 23 Aug 2022 22:45:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9B9F96B0073; Tue, 23 Aug 2022 18:45:31 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9687D940007; Tue, 23 Aug 2022 18:45:31 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 830486B0075; Tue, 23 Aug 2022 18:45:31 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 705396B0073 for ; Tue, 23 Aug 2022 18:45:31 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 47C3C405EB for ; Tue, 23 Aug 2022 22:45:31 +0000 (UTC) X-FDA: 79832340462.24.009F4BC Received: from mail-vk1-f178.google.com (mail-vk1-f178.google.com [209.85.221.178]) by imf05.hostedemail.com (Postfix) with ESMTP id F2CA210000D for ; Tue, 23 Aug 2022 22:45:29 +0000 (UTC) Received: by mail-vk1-f178.google.com with SMTP id w129so7819903vkg.10 for ; Tue, 23 Aug 2022 15:45:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=lKR1LPWV5JYNJ2MF97LLJcPqSX2EDVC07cmQNstoLM8=; b=FKfVx2kFpiXPjaveiV3/KqPqJ90UUq8BDS+B6Q6meDoFBSZYDPP7LzvMNFRtnr8IKu yqk2TZFqw3e+lPU4trDjsvjvpgOhc5Y2QnDlMKR54ZONC4O2056A4zSi5EBYG43hbClf 2xFqt9E3rMprMaaLWA3ru/F/ZJL+8R8la6+gfQ7yPyDo2iBbkk8l0J+uhr8m1CbMSz+w 1oC9axEZJjyZrBGOzVCTLEpcy+AhBX3VlEss8NzshQXPeFLFcgzJLI0rwa8ZKa7xo+9f O/EHt9cgK2Q14ci/Jkz3VLCX21cUSwfqX92if5pnl6vwadDAN2SfKQbycvjP4iDf6nE0 4Aiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=lKR1LPWV5JYNJ2MF97LLJcPqSX2EDVC07cmQNstoLM8=; b=jOjvfizZ3IwOy/ElnpGyyc5pzjfEgko7Z+4Owe0zldNaobNhrQjG/svBEjgbx9gJQ1 2vA1UG3jouafww/j9T6sT0eV0Za5N23xVD4U0vVwIf59AYXM1QLQmdwv3xKP6QTRSUf3 9CRP8ExowKvwN1PyawI1/ZvPUHVOYEmFfcmw2YM3aRdpoNdXhPxpOf/1bpG11JmMJas6 JY9L/a9i1nHNAbEKUL2kLK5I16BVVuB5gj6L9XG+0RuLEzW8+tQosMGAEtwWQ3uiyKVX Wbu1OZ+iooUpEtIP4SbvYyQLuKIkc4gLXvBlXOioEnKCsiVkdEkxNq8vulm1ipvssgIL mD/A== X-Gm-Message-State: ACgBeo1M5Mhr0ifMnWPY2Bxb9eIhmBJswmY5+/8GQl5fk7H91jSvx4Eh 6cJ7NIetg351Hoi4JEGRg4WLkuXDya2G+5UFW/JaxQ== X-Google-Smtp-Source: AA6agR4hnPm8HQUZjP3vxa46EViMW812XPaXdP3DMiFa61+rBxn3KXQ9a+ZX8y+EYAVxlMVrlvOJ72psvNRw7Yr8NBY= X-Received: by 2002:a1f:2ad4:0:b0:38c:5a9c:2d98 with SMTP id q203-20020a1f2ad4000000b0038c5a9c2d98mr6090772vkq.24.1661294729024; Tue, 23 Aug 2022 15:45:29 -0700 (PDT) MIME-Version: 1.0 References: <20220823221138.45602-1-peterx@redhat.com> In-Reply-To: <20220823221138.45602-1-peterx@redhat.com> From: Yu Zhao Date: Tue, 23 Aug 2022 16:44:51 -0600 Message-ID: Subject: Re: [PATCH] mm/mprotect: Only reference swap pfn page if type match To: Peter Xu Cc: linux-kernel , Linux-MM , Andrew Morton , Huang Ying , David Hildenbrand , stable Content-Type: text/plain; charset="UTF-8" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1661294730; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=lKR1LPWV5JYNJ2MF97LLJcPqSX2EDVC07cmQNstoLM8=; b=7ukBOCGgv58C9q5q+e4+3g3dZhE2TNXL+kEKD1qf53t3t+y5jSl9zSuVcAL79ksmlhfutT eKPjkR3Yq/vGliPmdoduhSE9ix9JgwGies2Vl30/lzoBE6W8OYu07zNYd05dZVx4LvDnmJ rADD6eIrS7/ZAnhRUL3YzSipcW5yi/k= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=FKfVx2kF; spf=pass (imf05.hostedemail.com: domain of yuzhao@google.com designates 209.85.221.178 as permitted sender) smtp.mailfrom=yuzhao@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1661294730; a=rsa-sha256; cv=none; b=4d2Rk77F9BOsI9qF8y2ABWqAZEJFJ3XSxom/XqMwwKjVAa26CHs5nFGApQATKkM8fSo7o6 ANXxxEJHWyiZt7JurFxRPvQl792x4CAEANCXzETAvAHMQzUHygMYSs2i5Nvh2ahVIpo/zH PR+0jKRH3MzSvAp7k4FktmVR5w3LGyA= X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: F2CA210000D X-Rspam-User: Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=FKfVx2kF; spf=pass (imf05.hostedemail.com: domain of yuzhao@google.com designates 209.85.221.178 as permitted sender) smtp.mailfrom=yuzhao@google.com; dmarc=pass (policy=reject) header.from=google.com X-Stat-Signature: ojdudh6uqao6qhxf3mhnowxs3p877kgn X-HE-Tag: 1661294729-928390 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Aug 23, 2022 at 4:11 PM Peter Xu wrote: > > Yu Zhao reported a bug after the commit "mm/swap: Add swp_offset_pfn() to > fetch PFN from swap entry" added a check in swp_offset_pfn() for swap type [1]: > > kernel BUG at include/linux/swapops.h:117! > CPU: 46 PID: 5245 Comm: EventManager_De Tainted: G S O L 6.0.0-dbg-DEV #2 > RIP: 0010:pfn_swap_entry_to_page+0x72/0xf0 > Code: c6 48 8b 36 48 83 fe ff 74 53 48 01 d1 48 83 c1 08 48 8b 09 f6 > c1 01 75 7b 66 90 48 89 c1 48 8b 09 f6 c1 01 74 74 5d c3 eb 9e <0f> 0b > 48 ba ff ff ff ff 03 00 00 00 eb ae a9 ff 0f 00 00 75 13 48 > RSP: 0018:ffffa59e73fabb80 EFLAGS: 00010282 > RAX: 00000000ffffffe8 RBX: 0c00000000000000 RCX: ffffcd5440000000 > RDX: 1ffffffffff7a80a RSI: 0000000000000000 RDI: 0c0000000000042b > RBP: ffffa59e73fabb80 R08: ffff9965ca6e8bb8 R09: 0000000000000000 > R10: ffffffffa5a2f62d R11: 0000030b372e9fff R12: ffff997b79db5738 > R13: 000000000000042b R14: 0c0000000000042b R15: 1ffffffffff7a80a > FS: 00007f549d1bb700(0000) GS:ffff99d3cf680000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 0000440d035b3180 CR3: 0000002243176004 CR4: 00000000003706e0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > > change_pte_range+0x36e/0x880 > change_p4d_range+0x2e8/0x670 > change_protection_range+0x14e/0x2c0 > mprotect_fixup+0x1ee/0x330 > do_mprotect_pkey+0x34c/0x440 > __x64_sys_mprotect+0x1d/0x30 > > It triggers because pfn_swap_entry_to_page() could be called upon e.g. a > genuine swap entry. > > Fix it by only calling it when it's a write migration entry where the page* > is used. > > [1] https://lore.kernel.org/lkml/CAOUHufaVC2Za-p8m0aiHw6YkheDcrO-C3wRGixwDS32VTS+k1w@mail.gmail.com/ > > Fixes: 6c287605fd56 ("mm: remember exclusively mapped anonymous pages with PG_anon_exclusive") > Cc: David Hildenbrand > Cc: > Reported-by: Yu Zhao > Signed-off-by: Peter Xu Thanks for the quick turnaround! Tested-by: Yu Zhao