Received: by 10.223.185.116 with SMTP id b49csp63507wrg; Tue, 13 Feb 2018 16:39:05 -0800 (PST) X-Google-Smtp-Source: AH8x227npTL+JrXjv8ZBlFxbeeMbIx1DR7p4HgjskKTXF8CSWddYjFKvwRUW8D1iXlDSkDG1NH3x X-Received: by 2002:a17:902:a617:: with SMTP id u23-v6mr2719431plq.201.1518568745695; Tue, 13 Feb 2018 16:39:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518568745; cv=none; d=google.com; s=arc-20160816; b=mwqLuA+6hkpJ3Ws1GlInb+qdKedsd12jK/QDcR4lwGgbx9n0qhMvsRnaMHlmkJfcb5 8V65ikgbxF1mwP3H08w6GfGhsmwqzYwTFPZawnxI7fJXmzwXEyih6azGpiojxogGBlQl taGDpGvvZ0MJnbE/u2rEEVJf6mFzBHRECh9yA6VJYP3G4dQr61d0JD7x2OvFqELo4HJ9 i0+f0AE+3H0P8MzzLRhWwUTqTGDKUx0rxqZMPIJOu3s3v1IhL/zykckJoveIr8ngExr8 ODqe0p2d3vV6dtqUXEspNHmKTW4jAAF5FvWiNffl3E7l+KFkAB3y6O4ojV0qVO8GfSJP YC2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:user-agent :references:in-reply-to:subject:cc:to:from :arc-authentication-results; bh=2Q7bXVWxIWLRzMOsooc5wXmlUO3KOutctvWTXncuQt4=; b=HElKv0x8+4r6Kfo9G5lKqug0eK6NQ3Go0D+GNWsbRe9YZNpkxSJESZe/MOXg6ZA5Kt vGvMh0LtcdrprSgaAzTkRW2VOWi4yswJNKpNSCmYBujkHWmYE3btc+EBoxTQowQykwaJ t1smjWL+Sqi6Pv5yv8ur9Ih/XYL7sSerqsk+6V+uSZWo3umTq/KXSmfxXBMlpcf2wt+2 Mr3vcUocANBLPBya8IIWjvpxPQicEN+DN7/P909XwZx2zWAGfpIIWPiA/8AmOt4DZ7nF WYPPg+V+01B+WBXYqIYCYREPHYnukjab1V4TM3ilQB9pqUbKEGIECyTPF7Omd4ZRNsyS tSDg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g22si6993349pfe.387.2018.02.13.16.38.50; Tue, 13 Feb 2018 16:39:05 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966297AbeBNAiJ (ORCPT + 99 others); Tue, 13 Feb 2018 19:38:09 -0500 Received: from mga07.intel.com ([134.134.136.100]:6251 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S966207AbeBNAiG (ORCPT ); Tue, 13 Feb 2018 19:38:06 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Feb 2018 16:38:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,509,1511856000"; d="scan'208";a="203987077" Received: from yhuang-dev.sh.intel.com (HELO yhuang-dev) ([10.239.13.10]) by fmsmga006.fm.intel.com with ESMTP; 13 Feb 2018 16:38:01 -0800 From: "Huang\, Ying" To: Andrew Morton Cc: , , Hugh Dickins , "Paul E . McKenney" , Minchan Kim , Johannes Weiner , "Tim Chen" , Shaohua Li , Mel Gorman , jglisse@redhat.com, Michal Hocko , Andrea Arcangeli , David Rientjes , Rik van Riel , Jan Kara , Dave Jiang , Aaron Lu Subject: Re: [PATCH -mm -v5 RESEND] mm, swap: Fix race between swapoff and some swap operations In-Reply-To: <20180213154123.9f4ef9e406ea8365ca46d9c5@linux-foundation.org> (Andrew Morton's message of "Tue, 13 Feb 2018 15:41:23 -0800") References: <20180213014220.2464-1-ying.huang@intel.com> <20180213154123.9f4ef9e406ea8365ca46d9c5@linux-foundation.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) Date: Wed, 14 Feb 2018 08:38:00 +0800 Message-ID: <87fu64jthz.fsf@yhuang-dev.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ascii Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Andrew Morton writes: > On Tue, 13 Feb 2018 09:42:20 +0800 "Huang, Ying" wrote: > >> From: Huang Ying >> >> When the swapin is performed, after getting the swap entry information >> from the page table, system will swap in the swap entry, without any >> lock held to prevent the swap device from being swapoff. This may >> cause the race like below, > > Sigh. In terms of putting all the work into the swapoff path and > avoiding overheads in the hot paths, I guess this is about as good as > it will get. > > It's a very low-priority fix so I'd prefer to keep the patch in -mm > until Hugh has had an opportunity to think about it. > >> ... >> >> +/* >> + * Check whether swap entry is valid in the swap device. If so, >> + * return pointer to swap_info_struct, and keep the swap entry valid >> + * via preventing the swap device from being swapoff, until >> + * put_swap_device() is called. Otherwise return NULL. >> + */ >> +struct swap_info_struct *get_swap_device(swp_entry_t entry) >> +{ >> + struct swap_info_struct *si; >> + unsigned long type, offset; >> + >> + if (!entry.val) >> + goto out; >> + type = swp_type(entry); >> + if (type >= nr_swapfiles) >> + goto bad_nofile; >> + si = swap_info[type]; >> + >> + preempt_disable(); > > This preempt_disable() is later than I'd expect. If a well-timed race > occurs, `si' could now be pointing at a defunct entry. If that > well-timed race include a swapoff AND a swapon, `si' could be pointing > at the info for a new device? struct swap_info_struct pointed to by swap_info[] will never be freed. During swapoff, we only free the memory pointed to by the fields of struct swap_info_struct. And when swapon, we will always reuse swap_info[type] if it's not NULL. So it should be safe to dereference swap_info[type] with preemption enabled. Best Regards, Huang, Ying >> + if (!(si->flags & SWP_VALID)) >> + goto unlock_out; >> + offset = swp_offset(entry); >> + if (offset >= si->max) >> + goto unlock_out; >> + >> + return si; >> +bad_nofile: >> + pr_err("%s: %s%08lx\n", __func__, Bad_file, entry.val); >> +out: >> + return NULL; >> +unlock_out: >> + preempt_enable(); >> + return NULL; >> +}