From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40E23C25B0E for ; Mon, 15 Aug 2022 15:27:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BBB5E6B0074; Mon, 15 Aug 2022 11:27:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B6ADE8D0002; Mon, 15 Aug 2022 11:27:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A5A498D0001; Mon, 15 Aug 2022 11:27:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 972A66B0074 for ; Mon, 15 Aug 2022 11:27:04 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 515B81C5B5D for ; Mon, 15 Aug 2022 15:27:04 +0000 (UTC) X-FDA: 79802205168.09.6D4E583 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf03.hostedemail.com (Postfix) with ESMTP id 49B35201B3 for ; Mon, 15 Aug 2022 15:27:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=OgmVgkZQ4f9j8kJY1JYsGRyh8hUz7pYvx+5nxAbDqPw=; b=d6RBhnrKAtZIAE2UNvwWOW320t 9WqbrT8nU2ZOLrj3UtbYrXC5Ir9wv3WItoyYZTj8yNquxvxEhGzaHzXz4aREJJXQk166X7EzzcedI l0/olwqn69GsH2OqYJy7bpuu7QuVMd8DkyCfSuQsmWt64vXEn48gCUDSp17+fqHGhhFD7epJJtCjm dN04Q0wWU29eCyhDTIrpuZ4HjE3M2LAm/cBNo9NpjWD9TGI5QY0ZdiEGNcTTre0mOVI/DCKIPd84/ H7p9kBC4HcQccJ+ktCHTlNb88T/tE7IQJVzJ2phFt6A+KhsbHuQ3dIrw2USKz6958+Hzf7u0qI8HL wOmSMtcg==; Received: from willy by casper.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1oNbzK-005pDP-3A; Mon, 15 Aug 2022 15:26:46 +0000 Date: Mon, 15 Aug 2022 16:26:46 +0100 From: Matthew Wilcox To: Michal Hocko Cc: Charan Teja Kalla , akpm@linux-foundation.org, david@redhat.com, pasha.tatashin@soleen.com, sieberf@amazon.com, shakeelb@google.com, sjpark@amazon.de, dhowells@redhat.com, quic_pkondeti@quicinc.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCH V3] mm: fix use-after free of page_ext after race with memory-offline Message-ID: References: <1660056403-20894-1-git-send-email-quic_charante@quicinc.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1660577223; a=rsa-sha256; cv=none; b=6H8S8UXOXPEptUqyi682e42pAftwRfFcJQOFwQaH9BK11FdBqAGZYssNRv0MiEWqwop4hY jyb2wug19xD8KbJvp+tB/piaGmLG/WyOogFpHI+sGSkzYp5qoFJgyjHVBHonw0Qrdhi+jL M1ZKVpokFmsIu681Q4v/3ZJpzCfZzS4= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=d6RBhnrK; dmarc=none; spf=none (imf03.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1660577223; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=OgmVgkZQ4f9j8kJY1JYsGRyh8hUz7pYvx+5nxAbDqPw=; b=neypT7iAcgEBvCdFD/YiGxfjucRCHOh1Uw+Q+P5E9zJ7wUhFrkVkgy3zwzly9QlTs1wwSM gmUwOWsDcVMepjSOtMv71465tK8qX8oBY2TvxeO1eC5z8vGAWT9oj7LpmYGoZ7/1Ea6iQA adEaxcshoOGUy2vbehrPQZfhwk8u6QA= X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 49B35201B3 X-Rspam-User: Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=d6RBhnrK; dmarc=none; spf=none (imf03.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org X-Stat-Signature: utsnubketuhto8k8fzdxb3gbfpftjist X-HE-Tag: 1660577223-697904 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Aug 15, 2022 at 05:06:18PM +0200, Michal Hocko wrote: > > + * This function gives proper page_ext of a memory section > > + * during race with the offline operation on a memory block > > + * this section falls into. Not using this function to get > > + * page_ext of a page, in code paths where extra refcount > > + * is not taken on that page eg: pfn walking, can lead to > > + * use-after-free access of page_ext. > > I do not think this is really useful comment, it goes into way too much > detail about memory hotplug yet not enough to actually understand the > interaction because there are no references to the actual > synchronization scheme. I would go with something like: > > /* > * Get a page_ext associated with the given page. Returns NULL if > * no such page_ext exists otherwise ensures that the page_ext will > * stay alive until page_ext_put is called. > * This implies a non-sleeping context. > */ I'd go further and turn this into kernel-doc: /** * page_ext_get() - Get the extended information for a page. * @page: The page we're interested in. * * Ensures that the page_ext will remain valid until page_ext_put() * is called. * * Return: NULL if no page_ext exists for this page. * Context: Any context. Caller may not sleep until they have called * page_ext_put(). */