Received: by 10.223.164.200 with SMTP id h8csp718713wrb; Sun, 5 Nov 2017 19:38:47 -0800 (PST) X-Google-Smtp-Source: ABhQp+RjI/nMONfd3aeEn0i1Ncsu5QQVh0e8NHD/2SCVY33Krqhr8ODES7hjlHXi/zGsbo878WLv X-Received: by 10.84.160.204 with SMTP id v12mr13211146plg.206.1509939527085; Sun, 05 Nov 2017 19:38:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1509939527; cv=none; d=google.com; s=arc-20160816; b=ncr4TCI4pRY/JB3RXiQTVLrnnb0n6rFlmyGFWyaXwrtmw3olse7oIBZu0QKxtLqkHi 8fA/XPCV56ffN9k3hIYwqfwO3AhmCWlLEtzQ3xAqjgsDt4MbnLCzewtri+K9OO2jrM+A QhsH7KcUoKe6/3QJjPCR1wG0Bz2bDy7juWirZEm8U243QCEnSb6yNFNDhVY1oN9OqZhN 3gjEqTcNZL13hpe+vY3nKS/sb3B+/eC0KCFnoi06qb2f47Rm/trOH4/wK18qdS3nElrG YA6eY5QthYaeY/WUyno3B3g4YtbmSV/shNFiP+oGbaAbQXw/MxxDnJOWWRoRD8DFVaBN N49w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:cc :to:from:arc-authentication-results; bh=mEKEPwTLluZn/4eDB+PPA/wuEJydu0kTrB/yxw/RnKI=; b=NLnm6clQi2X7DaWklCgjYjSGaQqJndcpXF5w5qu7+t4kceS0Su2muIpMB51FQ9shbr JO1xb4zoiEPNNxM4XelloObIaeII8RhzMzve2af0pFNUELr45JaHrgmaHq3KtYUn1Gi2 XUO8pny1XBp9n0FURLkY/OU9qLxLi6owPzmMj8zV5bs4sw8BmMnhYncCl5fgHrQ844xk mjHePo2hOlv8v+OaaKdm6Zh8MqbSSZqwOHMHAOnlfzIMrpG44AuaAz8r265yLILVAakz GaJQd4UheOBliq5gqpHF9B/T58yLeWijfX3TU5vYfPy2CnhTYGrVRTvjMYA6lRyuLv+o /acA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g6si9558158plj.391.2017.11.05.19.38.33; Sun, 05 Nov 2017 19:38:47 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751530AbdKFDh5 (ORCPT + 96 others); Sun, 5 Nov 2017 22:37:57 -0500 Received: from szxga06-in.huawei.com ([45.249.212.32]:46566 "EHLO huawei.com" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1750817AbdKFDh4 (ORCPT ); Sun, 5 Nov 2017 22:37:56 -0500 Received: from DGGEMS413-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id AD30FC483D693; Mon, 6 Nov 2017 11:37:43 +0800 (CST) Received: from linux-4hy3.site (10.107.193.248) by DGGEMS413-HUB.china.huawei.com (10.3.19.213) with Microsoft SMTP Server id 14.3.361.1; Mon, 6 Nov 2017 11:37:30 +0800 From: Wang Nan To: , CC: Wang Nan , Bob Liu , Michal Hocko , Andrew Morton , David Rientjes , Ingo Molnar , Roman Gushchin , Konstantin Khlebnikov , "Andrea Arcangeli" Subject: [RFC PATCH] mm, oom_reaper: gather each vma to prevent leaking TLB entry Date: Mon, 6 Nov 2017 03:36:51 +0000 Message-ID: <20171106033651.172368-1-wangnan0@huawei.com> X-Mailer: git-send-email 2.10.1 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.107.193.248] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org tlb_gather_mmu(&tlb, mm, 0, -1) means gathering all virtual memory space. In this case, tlb->fullmm is true. Some archs like arm64 doesn't flush TLB when tlb->fullmm is true: commit 5a7862e83000 ("arm64: tlbflush: avoid flushing when fullmm == 1"). Which makes leaking of tlb entries. For example, when oom_reaper selects a task and reaps its virtual memory space, another thread in this task group may still running on another core and access these already freed memory through tlb entries. This patch gather each vma instead of gathering full vm space, tlb->fullmm is not true. The behavior of oom reaper become similar to munmapping before do_exit, which should be safe for all archs. Signed-off-by: Wang Nan Cc: Bob Liu Cc: Michal Hocko Cc: Andrew Morton Cc: Michal Hocko Cc: David Rientjes Cc: Ingo Molnar Cc: Roman Gushchin Cc: Konstantin Khlebnikov Cc: Andrea Arcangeli --- mm/oom_kill.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/mm/oom_kill.c b/mm/oom_kill.c index dee0f75..18c5b35 100644 --- a/mm/oom_kill.c +++ b/mm/oom_kill.c @@ -532,7 +532,6 @@ static bool __oom_reap_task_mm(struct task_struct *tsk, struct mm_struct *mm) */ set_bit(MMF_UNSTABLE, &mm->flags); - tlb_gather_mmu(&tlb, mm, 0, -1); for (vma = mm->mmap ; vma; vma = vma->vm_next) { if (!can_madv_dontneed_vma(vma)) continue; @@ -547,11 +546,13 @@ static bool __oom_reap_task_mm(struct task_struct *tsk, struct mm_struct *mm) * we do not want to block exit_mmap by keeping mm ref * count elevated without a good reason. */ - if (vma_is_anonymous(vma) || !(vma->vm_flags & VM_SHARED)) + if (vma_is_anonymous(vma) || !(vma->vm_flags & VM_SHARED)) { + tlb_gather_mmu(&tlb, mm, vma->vm_start, vma->vm_end); unmap_page_range(&tlb, vma, vma->vm_start, vma->vm_end, NULL); + tlb_finish_mmu(&tlb, vma->vm_start, vma->vm_end); + } } - tlb_finish_mmu(&tlb, 0, -1); pr_info("oom_reaper: reaped process %d (%s), now anon-rss:%lukB, file-rss:%lukB, shmem-rss:%lukB\n", task_pid_nr(tsk), tsk->comm, K(get_mm_counter(mm, MM_ANONPAGES)), -- 2.10.1 From 1583389783059530692@xxx Tue Nov 07 07:02:48 +0000 2017 X-GM-THRID: 1583375598865723607 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread