Received: by 2002:a05:7412:2a8a:b0:fc:a2b0:25d7 with SMTP id u10csp636331rdh; Wed, 7 Feb 2024 15:43:18 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUNnMeVkbtiB+f1qKMJPH1mV7uacMbbYsAAXguMlXQGMiAbl3+IVxlaCdisHyYBemnsWYj1y1KcPnFvpaIWZbh8kAnTYgITK9v8CoeFLQ== X-Google-Smtp-Source: AGHT+IG0mlnwXfHkn+/btL+wykfrq/Yh6lC/DJHb+Vq40qVv0ve4ikPC4QVkQWRTzXt7OcH4r8qY X-Received: by 2002:a05:6402:290:b0:560:f9e2:322f with SMTP id l16-20020a056402029000b00560f9e2322fmr696684edv.7.1707349397889; Wed, 07 Feb 2024 15:43:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707349397; cv=pass; d=google.com; s=arc-20160816; b=anxVkkFI5FlPtcUZAY/mvfQDwzoLFd49gNSaf0eUe3KdW90SCzWzlrvHIwDLm9+JCs GlsKgvfbjK1aEmSc0jwDeb+vcWkzCU6nAVfeY1X5li2mKmwHM2YJueSjWQ1wNHtbH1U9 sncM9D8ZwPD3FPspHDv+e8d/FsljOPOax1mH7kuB4Kpenn28uPtymwu2A4YCByecBpNr xZrJHLcg6TRnOc2u0NYwc2tlqxL0CDRvnAWDB5NhT9j3Ywlj26wEhHwNJEE/gFXn7ZlH /cMa3Grp+RHeUjE7Ei8alUqmYPiFfIbnv5/Vs4GNNbtNaMotnClBvd9XPriVYEWo8EvA fRcw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :subject:cc:to:from:date:dkim-signature; bh=0iM23qnBpv+lSUgdocRnmVdN+EkF2H3efvBc64mLjhc=; fh=aV5Z3o898iVFPe4p217DqzyU/j/hr1URbJSKgCN1gdQ=; b=b1x81zDTqjIVDzBTbJ3f2bcUH109C/qb3eiSXxbF4g1WYmZ3YlOFPpdxUuSJNRR8jU cMcOFU7xZuVSPRpRc4Ti618lX6VNCcr/XAnvq+xCW/ems8hgl342UbnaP21k9PWH0QZA mlyZs822x6SskcqXeGPBdpM2JtbQkQKFNWz++80rzmjPIcgBD4xfyNRIaRrUTPYpUC2Q oCBYpYUglxFzwZG6MDq0DXrJnbf6nHlkmNQ1EmgMooDqg0MDQV1UOyaJ07ax0vZgESnF hhmrbkgyECkBShiTZHh1+kGU2QvuxgTKynS1NaHEwM7HRsy658e2An+HvC3uSMtc6FL2 xEmA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=oHUa2w9M; arc=pass (i=1 dkim=pass dkdomain=linux-foundation.org); spf=pass (google.com: domain of linux-kernel+bounces-57301-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-57301-linux.lists.archive=gmail.com@vger.kernel.org" X-Forwarded-Encrypted: i=2; AJvYcCUWw6CWhvju1NN+MoEYrxhSihlRxnxcvzm3o7ENeFqho20L3eT/5+SIm65QUG7DNMvNO4eQj7mQTrQYPANhpfJEo8QX81+2YAFr8QOnbA== Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id b1-20020a50ccc1000000b0055a1e7baedbsi223861edj.579.2024.02.07.15.43.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Feb 2024 15:43:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-57301-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=oHUa2w9M; arc=pass (i=1 dkim=pass dkdomain=linux-foundation.org); spf=pass (google.com: domain of linux-kernel+bounces-57301-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-57301-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 9E7A11F22E47 for ; Wed, 7 Feb 2024 23:43:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0EE19535C4; Wed, 7 Feb 2024 23:43:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="oHUa2w9M" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D3A25200D9; Wed, 7 Feb 2024 23:43:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707349390; cv=none; b=RXlDCIQWzMbs9NMHa0ljfmEFfWg/TwtDZJlUbTiEki8c9BdL1GxQpsoWyoUJ0igAOJ/t0tv14w4axHStC5hLYef3mMbBsk9TcOUj5oSBtZWuYwb5/YseedBVh0x7ShHFQqcu9ZEn2/3QUM7yWMyFAMwwZ+luDZ/pC95bEui6i7w= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707349390; c=relaxed/simple; bh=MSFIzvdxYtXmQVrYnhwiJReGuZF/2JziUGpHlCPhyaw=; h=Date:From:To:Cc:Subject:Message-Id:In-Reply-To:References: Mime-Version:Content-Type; b=s9nhjsYRvOZUcbEEPcfZAokjgsTMp+cfxu6K4dAOUD7li3E2vbzsFadrqSX0N18pHhm1wFVnk86UsszkudEz2/BDAmS1zA+nP05uIFwokBCxaidx+bOswRIRtWbh2y7aFcLbLokNFYzdLXe6T3akhZiEhDofc+WgTgQc3gbAGSM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b=oHUa2w9M; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0EF0EC433C7; Wed, 7 Feb 2024 23:43:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1707349389; bh=MSFIzvdxYtXmQVrYnhwiJReGuZF/2JziUGpHlCPhyaw=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=oHUa2w9MenXTtmVIymyF4c5sKPZHCruv1r9X4zN9BxrNK/80ZmTF2ddMarPHIJVAY 0SiUeiabq6KSm+T3IJtbVXgdFxwgARuxz0vN7UK7gp6ym2mr0TD/Fk/k3sy0Lfvbxj YkyjE9akdJHBxBwa0bTmyvsbjOVR3RZ7cfHfpcPs= Date: Wed, 7 Feb 2024 15:43:08 -0800 From: Andrew Morton To: chengming.zhou@linux.dev Cc: hannes@cmpxchg.org, yosryahmed@google.com, nphamcs@gmail.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Chengming Zhou , stable@vger.kernel.org, Chris Li Subject: Re: [PATCH v4] mm/zswap: invalidate old entry when store fail or !zswap_enabled Message-Id: <20240207154308.bc275f3e72ec1c1fd06cf5a2@linux-foundation.org> In-Reply-To: <20240207115406.3865746-1-chengming.zhou@linux.dev> References: <20240207115406.3865746-1-chengming.zhou@linux.dev> X-Mailer: Sylpheed 3.8.0beta1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Wed, 7 Feb 2024 11:54:06 +0000 chengming.zhou@linux.dev wrote: > From: Chengming Zhou > > We may encounter duplicate entry in the zswap_store(): > > 1. swap slot that freed to per-cpu swap cache, doesn't invalidate > the zswap entry, then got reused. This has been fixed. > > 2. !exclusive load mode, swapin folio will leave its zswap entry > on the tree, then swapout again. This has been removed. > > 3. one folio can be dirtied again after zswap_store(), so need to > zswap_store() again. This should be handled correctly. > > So we must invalidate the old duplicate entry before insert the > new one, which actually doesn't have to be done at the beginning > of zswap_store(). And this is a normal situation, we shouldn't > WARN_ON(1) in this case, so delete it. (The WARN_ON(1) seems want > to detect swap entry UAF problem? But not very necessary here.) > > The good point is that we don't need to lock tree twice in the > store success path. > > Note we still need to invalidate the old duplicate entry in the > store failure path, otherwise the new data in swapfile could be > overwrite by the old data in zswap pool when lru writeback. > > We have to do this even when !zswap_enabled since zswap can be > disabled anytime. If the folio store success before, then got > dirtied again but zswap disabled, we won't invalidate the old > duplicate entry in the zswap_store(). So later lru writeback > may overwrite the new data in swapfile. > > Fixes: 42c06a0e8ebe ("mm: kill frontswap") > Cc: We have a patch ordering issue. As a cc:stable hotfix, this should be merged into 6.8-rcX and later backported into -stable trees. So it will go mm-hotfixes-unstable->mm-hotfixes-stable->mainline. So someone has to make this patch merge and work against latest mm-hotfixes-unstable. The patch you sent appears to be based on linux-next, so it has dependencies upon mm-unstable patches which won't be merged into mainline until the next merge window. So can you please redo and retest this against mm.git's mm-hotfixes-unstable branch? Then I'll try to figure out how to merge the gigentic pile of mm-unstable zswap changes on top of that. Thanks.