| Message ID | 20211117012059.141450-4-pasha.tatashin@soleen.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show
Return-Path: <SRS0=rmuZ=QE=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
by smtp.lore.kernel.org (Postfix) with ESMTP id CDEDAC433EF
for <linux-mm@archiver.kernel.org>; Wed, 17 Nov 2021 01:22:51 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
by mail.kernel.org (Postfix) with ESMTP id 7109661BFE
for <linux-mm@archiver.kernel.org>; Wed, 17 Nov 2021 01:22:51 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 7109661BFE
Authentication-Results: mail.kernel.org;
dmarc=none (p=none dis=none) header.from=soleen.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org
Received: by kanga.kvack.org (Postfix)
id B23856B0078; Tue, 16 Nov 2021 20:21:15 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
id AD33E6B007B; Tue, 16 Nov 2021 20:21:15 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
id 925EC6B007D; Tue, 16 Nov 2021 20:21:15 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0243.hostedemail.com
[216.40.44.243])
by kanga.kvack.org (Postfix) with ESMTP id 851946B0078
for <linux-mm@kvack.org>; Tue, 16 Nov 2021 20:21:15 -0500 (EST)
Received: from smtpin24.hostedemail.com (10.5.19.251.rfc1918.com
[10.5.19.251])
by forelay04.hostedemail.com (Postfix) with ESMTP id 4B4F57BE67
for <linux-mm@kvack.org>; Wed, 17 Nov 2021 01:21:05 +0000 (UTC)
X-FDA: 78816668490.24.E22D116
Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com
[209.85.219.51])
by imf28.hostedemail.com (Postfix) with ESMTP id 09A5590000B2
for <linux-mm@kvack.org>; Wed, 17 Nov 2021 01:21:04 +0000 (UTC)
Received: by mail-qv1-f51.google.com with SMTP id gu12so860567qvb.6
for <linux-mm@kvack.org>; Tue, 16 Nov 2021 17:21:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=soleen.com; s=google;
h=from:to:subject:date:message-id:in-reply-to:references:mime-version
:content-transfer-encoding;
bh=m0gNmNzkZWVRv6w7da8Aeqi7F4kIW5gL+hhpZ/Xzv/o=;
b=Oml9J9TSmBupcaKreQn7f7AaxiWOab9NqOgMSRpCdwFjKq1vRO8SFVw0xCjUWh36fK
ID7GeDWAFEyp6QTjWUO6Qd6yhs7maVhCTbEkQe6x5surd5bOuYo77KnXiy/Xwxb1lsGo
QBoQjhym9uLxUbMyJyD3SH3A0aYwk3aPdoJjF8EL25b60dEtFQPVSAr6dLSkjZ5VhW6m
1FnrlUSLA8LCLK2ltFKulS1YGN8F3gb0rxE5DTlo8s4UERjVa9RBGHcEuN9Nu5SY9yas
1WrwtxT5KJY5a3AJFmMBjRLZ+WUZdGwRoyWgkVqHWyXCO2OZLxghzqSw7oxBkjQJCnDV
jZoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=m0gNmNzkZWVRv6w7da8Aeqi7F4kIW5gL+hhpZ/Xzv/o=;
b=W3PI+xN+y11WEmEq/kZdirfPEWOnT4A3BuwwPm4i3/DCBrIJu2SXm2fcCvLSP1H3id
q1Fuc2I+rlHTPN9gWuS5ZqeBSmq/LF4XBh90Fe7yNYZ7CCaPPdziRCVJp0XFSo0jU9uG
Cwy0QSfYehUs3fJT03Qh4/cEEpIMiNMd3anf3Ih/soCOx1jCYSXRRa7ZeNc95w+KKy6y
Em6uCONUfLzI8AttkbcY/V2X1WAlWPTJW7JAgWZQ32DrNKyTCf1HKWcuq5AJArHMt2aL
DWLYd6Fo0dtekn+3ZidnX+xCedvssFFpN7zkfMHoTaCWHNJhKMCGn3sskbQnkf84O/N6
1G/A==
X-Gm-Message-State: AOAM532Y+lOpoxyvPRSEwX9o3+CsoxCqS4NyV0lTL8RMpajmQ1uhifpm
SorRe6jM5w6a8ubwmpCua03u+A==
X-Google-Smtp-Source:
ABdhPJw0PBEl5FXxtC6aW72AUuzKgaD7PgHuWSgRVC63Pfy75/BltIYhkTIJgkOC+07BHxbZsDURzg==
X-Received: by 2002:ad4:54ca:: with SMTP id j10mr50057319qvx.2.1637112064465;
Tue, 16 Nov 2021 17:21:04 -0800 (PST)
Received: from soleen.c.googlers.com.com
(189.216.85.34.bc.googleusercontent.com. [34.85.216.189])
by smtp.gmail.com with ESMTPSA id
i6sm3482289qti.40.2021.11.16.17.21.03
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 16 Nov 2021 17:21:04 -0800 (PST)
From: Pasha Tatashin <pasha.tatashin@soleen.com>
To: pasha.tatashin@soleen.com,
linux-kernel@vger.kernel.org,
linux-mm@kvack.org,
linux-m68k@lists.linux-m68k.org,
anshuman.khandual@arm.com,
willy@infradead.org,
akpm@linux-foundation.org,
william.kucharski@oracle.com,
mike.kravetz@oracle.com,
vbabka@suse.cz,
geert@linux-m68k.org,
schmitzmic@gmail.com,
rostedt@goodmis.org,
mingo@redhat.com,
hannes@cmpxchg.org,
guro@fb.com,
songmuchun@bytedance.com,
weixugc@google.com,
gthelen@google.com,
rientjes@google.com,
pjt@google.com
Subject: [RFC v2 03/10] mm: Avoid using set_page_count() in
set_page_recounted()
Date: Wed, 17 Nov 2021 01:20:52 +0000
Message-Id: <20211117012059.141450-4-pasha.tatashin@soleen.com>
X-Mailer: git-send-email 2.34.0.rc1.387.gb447b232ab-goog
In-Reply-To: <20211117012059.141450-1-pasha.tatashin@soleen.com>
References: <20211117012059.141450-1-pasha.tatashin@soleen.com>
MIME-Version: 1.0
X-Rspamd-Server: rspam11
X-Rspamd-Queue-Id: 09A5590000B2
X-Stat-Signature: oyo4y6rjpwypi6agf1wau1r15sfqbmr8
Authentication-Results: imf28.hostedemail.com;
dkim=pass header.d=soleen.com header.s=google header.b=Oml9J9TS;
spf=pass (imf28.hostedemail.com: domain of pasha.tatashin@soleen.com
designates 209.85.219.51 as permitted sender)
smtp.mailfrom=pasha.tatashin@soleen.com;
dmarc=none
X-HE-Tag: 1637112064-4255
Content-Transfer-Encoding: quoted-printable
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
|
| Series |
Hardening page _refcount
|
expand
|
diff --git a/mm/internal.h b/mm/internal.h index 3b79a5c9427a..f601575b7e5a 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -132,9 +132,11 @@ static inline bool page_evictable(struct page *page) */ static inline void set_page_refcounted(struct page *page) { + int refcnt; + VM_BUG_ON_PAGE(PageTail(page), page); - VM_BUG_ON_PAGE(page_ref_count(page), page); - set_page_count(page, 1); + refcnt = page_ref_inc_return(page); + VM_BUG_ON_PAGE(refcnt != 1, page); } extern unsigned long highest_memmap_pfn;
set_page_refcounted() converts a non-refcounted page that has (page->_refcount == 0) into a refcounted page by setting _refcount to 1. The current apporach uses the following logic: VM_BUG_ON_PAGE(page_ref_count(page), page); set_page_count(page, 1); However, if _refcount changes from 0 to 1 between the VM_BUG_ON_PAGE() and set_page_count() we can break _refcount, which can cause other problems such as memory corruptions. Instead, use a safer method: increment _refcount first and verify that at increment time it was indeed 1. refcnt = page_ref_inc_return(page); VM_BUG_ON_PAGE(refcnt != 1, page); Use page_ref_inc_return() to avoid unconditionally overwriting the _refcount value with set_page_count(), and check the return value. Signed-off-by: Pasha Tatashin <pasha.tatashin@soleen.com> --- mm/internal.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)