Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1182299pxf; Fri, 9 Apr 2021 02:01:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzYo0NxW9ShX/nKcIdwKJTVSriFRFhDFa6zud8b/8Ud9JuyNo0j+gxjsiM3pmm1TWGN5/5/ X-Received: by 2002:a17:90a:c3:: with SMTP id v3mr13389517pjd.55.1617958878950; Fri, 09 Apr 2021 02:01:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617958878; cv=none; d=google.com; s=arc-20160816; b=u9+f5vc80lp8PWYBrsLZgAOU0bfwpQzNUIJMwcWfnfFcSQMhHS5Z9TAlaIgJj57AiB B1jW4lCfzPJf8LpiHge4yBV65JxG2mpu2D4yAQiT6pNY5L/b6xRa7Kgv0ykSnUXhYbJD 9BMzm1ludb10NKjp4b8XqJpjO1cbhlvHCH9cBonoQ4f7dAgK6I555P5JAJnzsLM3dWEJ ebHlMa5o05v41VKEY72lfNVpJyX7wkEt5KBd57yc8yJLJemqMtaGKCGoc+qwJQNDDhOv jXW5hG5TyfAyaDXw6K+RJrv9gaP/QOCEFlStOuo69B0LgXawkh/arDTLtcLIj552MtCh tdTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=0R5wuR08uIiBqhHSRiCw/W7SApItT0bGKTjjth8xPnk=; b=ZFpNAx3xw20KLmEuooIUPFR6x31E16okNxLdqTKi7Nk+RpFoTijBGcp47KkH9TGJe8 LHeftwCDNh8lK/nFAHhN6vWwi2EItfYvAPeJ2qZP0dcgzpPb8sbgN1VYjthCbnBOkGIr Yiusc96FK0+J3On+WkYz6LuHEM0SY+OSv8hjA2XGZB+cY2JlAdHE45xDzamFssXPgKU5 ICJ22wUr7ELyjnmExlhbfq6QDnWUuaMZpLeHoPRtQBSHlTQAUoJU2cwk2bnckEeg4TEt qB9bQU63kpTkJoCukVva/jgqC0gVfO7uS8IOdgE3Sq8snkXcE3e7Z5fqBhAKjaQ/ynWP Zv3g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p9si2258357plq.382.2021.04.09.02.01.05; Fri, 09 Apr 2021 02:01:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232042AbhDIJAZ (ORCPT + 99 others); Fri, 9 Apr 2021 05:00:25 -0400 Received: from szxga05-in.huawei.com ([45.249.212.191]:15996 "EHLO szxga05-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231954AbhDIJAW (ORCPT ); Fri, 9 Apr 2021 05:00:22 -0400 Received: from DGGEMS406-HUB.china.huawei.com (unknown [172.30.72.58]) by szxga05-in.huawei.com (SkyGuard) with ESMTP id 4FGsTw1VVxzvS3c; Fri, 9 Apr 2021 16:57:56 +0800 (CST) Received: from [10.174.179.9] (10.174.179.9) by DGGEMS406-HUB.china.huawei.com (10.3.19.206) with Microsoft SMTP Server id 14.3.498.0; Fri, 9 Apr 2021 17:00:03 +0800 Subject: Re: [PATCH 4/5] mm/swap_state: fix potential faulted in race in swap_ra_info() To: "Huang, Ying" CC: , , , , , , , , , , , , References: <20210408130820.48233-1-linmiaohe@huawei.com> <20210408130820.48233-5-linmiaohe@huawei.com> <874kgfyh85.fsf@yhuang6-desk1.ccr.corp.intel.com> From: Miaohe Lin Message-ID: Date: Fri, 9 Apr 2021 17:00:02 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: <874kgfyh85.fsf@yhuang6-desk1.ccr.corp.intel.com> Content-Type: text/plain; charset="windows-1252" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.174.179.9] X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2021/4/9 16:50, Huang, Ying wrote: > Miaohe Lin writes: > >> While we released the pte lock, somebody else might faulted in this pte. >> So we should check whether it's swap pte first to guard against such race >> or swp_type would be unexpected. And we can also avoid some unnecessary >> readahead cpu cycles possibly. >> >> Fixes: ec560175c0b6 ("mm, swap: VMA based swap readahead") >> Signed-off-by: Miaohe Lin >> --- >> mm/swap_state.c | 13 +++++++++---- >> 1 file changed, 9 insertions(+), 4 deletions(-) >> >> diff --git a/mm/swap_state.c b/mm/swap_state.c >> index 709c260d644a..3bf0d0c297bc 100644 >> --- a/mm/swap_state.c >> +++ b/mm/swap_state.c >> @@ -724,10 +724,10 @@ static void swap_ra_info(struct vm_fault *vmf, >> { >> struct vm_area_struct *vma = vmf->vma; >> unsigned long ra_val; >> - swp_entry_t entry; >> + swp_entry_t swap_entry; >> unsigned long faddr, pfn, fpfn; >> unsigned long start, end; >> - pte_t *pte, *orig_pte; >> + pte_t *pte, *orig_pte, entry; >> unsigned int max_win, hits, prev_win, win, left; >> #ifndef CONFIG_64BIT >> pte_t *tpte; >> @@ -742,8 +742,13 @@ static void swap_ra_info(struct vm_fault *vmf, >> >> faddr = vmf->address; >> orig_pte = pte = pte_offset_map(vmf->pmd, faddr); >> - entry = pte_to_swp_entry(*pte); >> - if ((unlikely(non_swap_entry(entry)))) { >> + entry = *pte; >> + if (unlikely(!is_swap_pte(entry))) { >> + pte_unmap(orig_pte); >> + return; >> + } >> + swap_entry = pte_to_swp_entry(entry); >> + if ((unlikely(non_swap_entry(swap_entry)))) { >> pte_unmap(orig_pte); >> return; >> } > > This isn't a real issue. entry or swap_entry isn't used in this Agree. It seems the entry or swap_entry here is just used for check whether pte is still valid swap_entry. > function. And we have enough checking when we really operate the PTE > entries later. But I admit it's confusing. So I suggest to just remove > the checking. We will check it when necessary. Sounds reasonable. Will do it in v2. Many thanks for review and reply! > > Best Regards, > Huang, Ying > . >