Received: by 2002:a05:6a10:eb17:0:0:0:0 with SMTP id hx23csp488718pxb; Fri, 3 Sep 2021 06:40:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwmQ6/p2RRq/mURJHCCKrr1iu0Ly3HM69lEDPMJnk1w4nfVHErM/Ce1naE/y3vaW4tKfyqk X-Received: by 2002:a92:903:: with SMTP id y3mr2604787ilg.29.1630676400777; Fri, 03 Sep 2021 06:40:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630676400; cv=none; d=google.com; s=arc-20160816; b=GzZbQfmZ6zSwXTRjCkj3u8NDDZul9Enw6oM345Ij71umXD+O7T6gi3FtcWQcpZ4Zje NZbMw6BRvND/mIsgfWYevaxdWBa3FMoMJ/c/Mlf/VmoipA9gMCSGT5cqQ9TbjuvKyAkP P/MWc+heFTp0Uni+VrRQClXSNbMP02BcSxwslNT8hQRWMH5fGqZ88ZRzM9WLosnJDfv0 7sKCZV+bVE/3HvhbixMiC9jMvdSFHjh/lqx/4D/90WSPVtTfffRC/EaSEnnRpcH9TzXT GQo4s79uS/+99KEGv6Ix07eMIeKL1K2Xy7QtfoiWn8jvfxmkm2oF2VTqA1AG4j9nhPhf VvZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=VfAx4578eKO6ywPf0rOdh/3/SGLIJXIZHm6hFxGY/Wo=; b=oXGhcu2hxLrhygQKRDv2+1X9HWA7JfF+u3hYP0d/fs9Aj4F2gGN2UAEN9ZAtSnUU7o MsegZ3j5AwbBCQL4uYOm6wl3TxhFhUtXBJ4KFzbHGeInRyPTzzB3Bsw6WfDqn9iIeeQl Tpgf/1rbCs/Rc65WdOrXNwza5je7KkcQhQwSIECbJ9h4TUvlENSr1UiifrONfCzUbxVI PVHGpk4h6Ib0emRus5oBl6rRxpGl/9n3qEBDnmX9rZomaapW9mFOOuzJ62fb3sdFEXmf J9K32A0dulRsyRPyxLZbpeuhWBMadCanEvReZeCDbquTaaEHtDELwJscgZxTgVeFafV/ /XYg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=jIxthijM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x22si5648120iow.31.2021.09.03.06.39.28; Fri, 03 Sep 2021 06:40:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=jIxthijM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349326AbhICLuK (ORCPT + 99 others); Fri, 3 Sep 2021 07:50:10 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:50590 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1349322AbhICLuJ (ORCPT ); Fri, 3 Sep 2021 07:50:09 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id 870801FD7C; Fri, 3 Sep 2021 11:49:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1630669748; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=VfAx4578eKO6ywPf0rOdh/3/SGLIJXIZHm6hFxGY/Wo=; b=jIxthijMtzQRiBd9X04NvrXa4xjN0DmTCz8VK6V20CtXdSkT5hWK2bjFKThlBBIxIYpYBs XVuq0BMkNXLHVaexin+1yL3VQ7y/QJ6t8VyFxBSZkKS0tTrgKZAJSxyUhfWO32ry+EXJgQ Vv1bPyvpdPTSlRsCCtivoNs5juTxt58= Received: from suse.cz (unknown [10.100.201.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 8CEBDA3BB6; Fri, 3 Sep 2021 11:49:06 +0000 (UTC) Date: Fri, 3 Sep 2021 13:49:01 +0200 From: Michal Hocko To: Suren Baghdasaryan Cc: Andrew Morton , Colin Cross , Sumit Semwal , Dave Hansen , Kees Cook , Matthew Wilcox , "Kirill A . Shutemov" , Vlastimil Babka , Johannes Weiner , Jonathan Corbet , Al Viro , Randy Dunlap , Kalesh Singh , Peter Xu , rppt@kernel.org, Peter Zijlstra , Catalin Marinas , vincenzo.frascino@arm.com, Chinwen Chang =?utf-8?B?KOW8temMpuaWhyk=?= , Axel Rasmussen , Andrea Arcangeli , Jann Horn , apopple@nvidia.com, John Hubbard , Yu Zhao , Will Deacon , fenghua.yu@intel.com, thunder.leizhen@huawei.com, Hugh Dickins , feng.tang@intel.com, Jason Gunthorpe , Roman Gushchin , Thomas Gleixner , krisman@collabora.com, chris.hyser@oracle.com, Peter Collingbourne , "Eric W. Biederman" , Jens Axboe , legion@kernel.org, Rolf Eike Beer , Muchun Song , Viresh Kumar , Thomas Cedeno , sashal@kernel.org, cxfcosmos@gmail.com, Rasmus Villemoes , LKML , linux-fsdevel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm , kernel-team Subject: Re: [PATCH v8 2/3] mm: add a field to store names for private anonymous memory Message-ID: References: <20210827191858.2037087-1-surenb@google.com> <20210827191858.2037087-3-surenb@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed 01-09-21 08:42:29, Suren Baghdasaryan wrote: > On Wed, Sep 1, 2021 at 1:10 AM 'Michal Hocko' via kernel-team > wrote: > > > > On Fri 27-08-21 12:18:57, Suren Baghdasaryan wrote: > > [...] > > > +static void replace_vma_anon_name(struct vm_area_struct *vma, const char *name) > > > +{ > > > + if (!name) { > > > + free_vma_anon_name(vma); > > > + return; > > > + } > > > + > > > + if (vma->anon_name) { > > > + /* Should never happen, to dup use dup_vma_anon_name() */ > > > + WARN_ON(vma->anon_name == name); > > > > What is the point of this warning? > > I wanted to make sure replace_vma_anon_name() is not used from inside > vm_area_dup() or some similar place (does not exist today but maybe in > the future) where "new" vma is a copy of "orig" vma and > new->anon_name==orig->anon_name. If someone by mistake calls > replace_vma_anon_name(new, orig->anon_name) and > new->anon_name==orig->anon_name then they will keep pointing to the > same name pointer, which breaks an assumption that ->anon_name > pointers are not shared among vmas even if the string is the same. > That would eventually lead to use-after-free error. After the next > patch implementing refcounting, the similar situation would lead to > both new and orig vma pointing to the same anon_vma_name structure > without raising the refcount, which would also lead to use-after-free > error. That's why the above comment asks to use dup_vma_anon_name() if > this warning ever happens. > I can remove the warning but I thought the problem is subtle enough to > put some safeguards. This to me sounds very much like a debugging code that shouldn't make it to the final patch to be merged. I do see your point of an early diagnostic but we are talking about an internal MM code and that is not really designed to be robust against its own failures so I do not see why this should be any special. -- Michal Hocko SUSE Labs