Received: by 10.223.185.116 with SMTP id b49csp1254089wrg; Fri, 16 Feb 2018 15:39:19 -0800 (PST) X-Google-Smtp-Source: AH8x2260ZZd1HF9RsdtbrBHa7MX/nHjaNT49IsMS0pkl8kkDPl+b2jDWhNtzBTBdW06V2gEtmV72 X-Received: by 10.99.175.3 with SMTP id w3mr6387896pge.328.1518824359366; Fri, 16 Feb 2018 15:39:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518824359; cv=none; d=google.com; s=arc-20160816; b=pc4AbjsjsapdiedFocsVssy0hwYwvxltQBiAwl1WljRPzocfD8S5mif/hBQBMCdbqa krCkqQxUc3rhyfrAvC/sKYBjlidHTq3l+uP2KImh17kIodCgL+EMa9XBkH2mn3q9Z7c9 /wLDgR0IlLaHWwQqFT7kvqFqrO1XPjq66ZBhmRG+6zH+wjRIH5+He0iOEjTKL+ZFD7TR p6QQMSe4xqisViI88yjp/n8tgIcOBz6faxpogsgCJ/z+24bhwkDFNVYl3K+nS+QCpRBX PRKidpou3fzLNucYuatCvztmCoBkKqKHeKDtYiie1MYXssGVyMNhlc8sfgsJzS4UdwZm sX+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :arc-authentication-results; bh=SsBKHYLrqwzj9SIBO9LOYY79eMcTXZSDaO6eUbHngEw=; b=eelLwNeqbskFCnvNYTU0BwRVz7hKcidcxHzJzgucRxnzxLAEn7xl4m1RnLqpuMaeB8 g6bEoz6bjczwS/OCxhoTL5XY2DCsKFShc/auxPPors1f4av+RFcttbm3zjM8K1nisjRB X5j43HyoJgAgRtrKJ+P61C11gnKCU3OQfBu9jSfDNiH/CdSIXb6QqM4y7t+153OHTDBQ z9iVZU2bRZtX1VRTqozatpQiifc4kKhOGUX3bM/zmsT9vMSytKrHncE0tEHmx3y5/DQZ maayPG3a4S9KZlMPnuD9ReM4QCtrR/JRYslaAMCnoUP0MDvuzrdAeZ78M3+3zr/DQ8Ms QEMA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y5si2948579pgs.359.2018.02.16.15.39.04; Fri, 16 Feb 2018 15:39:19 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750899AbeBPXi0 (ORCPT + 99 others); Fri, 16 Feb 2018 18:38:26 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:59328 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750787AbeBPXiZ (ORCPT ); Fri, 16 Feb 2018 18:38:25 -0500 Received: from akpm3.svl.corp.google.com (unknown [104.133.9.92]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 86DE51152; Fri, 16 Feb 2018 23:38:24 +0000 (UTC) Date: Fri, 16 Feb 2018 15:38:23 -0800 From: Andrew Morton To: "Huang\, Ying" Cc: , , Hugh Dickins , "Paul E . McKenney" , Minchan Kim , Johannes Weiner , "Tim Chen" , Shaohua Li , Mel Gorman , jglisse@redhat.com, Michal Hocko , Andrea Arcangeli , David Rientjes , Rik van Riel , Jan Kara , Dave Jiang , Aaron Lu Subject: Re: [PATCH -mm -v5 RESEND] mm, swap: Fix race between swapoff and some swap operations Message-Id: <20180216153823.ad74f1d2c157adc67ed2c970@linux-foundation.org> In-Reply-To: <87fu64jthz.fsf@yhuang-dev.intel.com> References: <20180213014220.2464-1-ying.huang@intel.com> <20180213154123.9f4ef9e406ea8365ca46d9c5@linux-foundation.org> <87fu64jthz.fsf@yhuang-dev.intel.com> X-Mailer: Sylpheed 3.4.1 (GTK+ 2.24.23; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 14 Feb 2018 08:38:00 +0800 "Huang\, Ying" wrote: > Andrew Morton writes: > > > On Tue, 13 Feb 2018 09:42:20 +0800 "Huang, Ying" wrote: > > > >> From: Huang Ying > >> > >> When the swapin is performed, after getting the swap entry information > >> from the page table, system will swap in the swap entry, without any > >> lock held to prevent the swap device from being swapoff. This may > >> cause the race like below, > > > > Sigh. In terms of putting all the work into the swapoff path and > > avoiding overheads in the hot paths, I guess this is about as good as > > it will get. > > > > It's a very low-priority fix so I'd prefer to keep the patch in -mm > > until Hugh has had an opportunity to think about it. > > > >> ... > >> > >> +/* > >> + * Check whether swap entry is valid in the swap device. If so, > >> + * return pointer to swap_info_struct, and keep the swap entry valid > >> + * via preventing the swap device from being swapoff, until > >> + * put_swap_device() is called. Otherwise return NULL. > >> + */ > >> +struct swap_info_struct *get_swap_device(swp_entry_t entry) > >> +{ > >> + struct swap_info_struct *si; > >> + unsigned long type, offset; > >> + > >> + if (!entry.val) > >> + goto out; > >> + type = swp_type(entry); > >> + if (type >= nr_swapfiles) > >> + goto bad_nofile; > >> + si = swap_info[type]; > >> + > >> + preempt_disable(); > > > > This preempt_disable() is later than I'd expect. If a well-timed race > > occurs, `si' could now be pointing at a defunct entry. If that > > well-timed race include a swapoff AND a swapon, `si' could be pointing > > at the info for a new device? > > struct swap_info_struct pointed to by swap_info[] will never be freed. > During swapoff, we only free the memory pointed to by the fields of > struct swap_info_struct. And when swapon, we will always reuse > swap_info[type] if it's not NULL. So it should be safe to dereference > swap_info[type] with preemption enabled. That's my point. If there's a race window during which there is a parallel swapoff+swapon, this swap_info_struct may now be in use for a different device?