From: wei.guo.simon@gmail.com To: linux-mm@kvack.org Cc: Alexey Klimov <klimov.linux@gmail.com>, Andrew Morton <akpm@linux-foundation.org>, Eric B Munson <emunson@akamai.com>, Geert Uytterhoeven <geert@linux-m68k.org>, "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Mel Gorman <mgorman@techsingularity.net>, Michal Hocko <mhocko@suse.com>, Shuah Khan <shuah@kernel.org>, Simon Guo <wei.guo.simon@gmail.com>, Thierry Reding <treding@nvidia.com>, Vlastimil Babka <vbabka@suse.cz> Subject: [PATCH 2/4] mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) Date: Tue, 30 Aug 2016 18:59:39 +0800 [thread overview] Message-ID: <1472554781-9835-3-git-send-email-wei.guo.simon@gmail.com> (raw) In-Reply-To: <1472554781-9835-1-git-send-email-wei.guo.simon@gmail.com> From: Simon Guo <wei.guo.simon@gmail.com> When one vma was with flag VM_LOCKED|VM_LOCKONFAULT (by invoking mlock2(,MLOCK_ONFAULT)), it can again be populated with mlock() with VM_LOCKED flag only. There is a hole in mlock_fixup() which increase mm->locked_vm twice even the two operations are on the same vma and both with VM_LOCKED flags. The issue can be reproduced by following code: mlock2(p, 1024 * 64, MLOCK_ONFAULT); //VM_LOCKED|VM_LOCKONFAULT mlock(p, 1024 * 64); //VM_LOCKED Then check the increase VmLck field in /proc/pid/status(to 128k). When vma is set with different vm_flags, and the new vm_flags is with VM_LOCKED, it is not necessarily be a "new locked" vma. This patch corrects this bug by prevent mm->locked_vm from increment when old vm_flags is already VM_LOCKED. Signed-off-by: Simon Guo <wei.guo.simon@gmail.com> --- mm/mlock.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/mlock.c b/mm/mlock.c index 9283187..df29aad 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -516,6 +516,7 @@ static int mlock_fixup(struct vm_area_struct *vma, struct vm_area_struct **prev, int nr_pages; int ret = 0; int lock = !!(newflags & VM_LOCKED); + vm_flags_t old_flags = vma->vm_flags; if (newflags == vma->vm_flags || (vma->vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm)) @@ -550,6 +551,8 @@ success: nr_pages = (end - start) >> PAGE_SHIFT; if (!lock) nr_pages = -nr_pages; + else if (old_flags & VM_LOCKED) + nr_pages = 0; mm->locked_vm += nr_pages; /* -- 1.8.3.1
WARNING: multiple messages have this Message-ID (diff)
From: wei.guo.simon@gmail.com To: linux-mm@kvack.org Cc: Alexey Klimov <klimov.linux@gmail.com>, Andrew Morton <akpm@linux-foundation.org>, Eric B Munson <emunson@akamai.com>, Geert Uytterhoeven <geert@linux-m68k.org>, "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Mel Gorman <mgorman@techsingularity.net>, Michal Hocko <mhocko@suse.com>, Shuah Khan <shuah@kernel.org>, Simon Guo <wei.guo.simon@gmail.com>, Thierry Reding <treding@nvidia.com>, Vlastimil Babka <vbabka@suse.cz> Subject: [PATCH 2/4] mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) Date: Tue, 30 Aug 2016 18:59:39 +0800 [thread overview] Message-ID: <1472554781-9835-3-git-send-email-wei.guo.simon@gmail.com> (raw) In-Reply-To: <1472554781-9835-1-git-send-email-wei.guo.simon@gmail.com> From: Simon Guo <wei.guo.simon@gmail.com> When one vma was with flag VM_LOCKED|VM_LOCKONFAULT (by invoking mlock2(,MLOCK_ONFAULT)), it can again be populated with mlock() with VM_LOCKED flag only. There is a hole in mlock_fixup() which increase mm->locked_vm twice even the two operations are on the same vma and both with VM_LOCKED flags. The issue can be reproduced by following code: mlock2(p, 1024 * 64, MLOCK_ONFAULT); //VM_LOCKED|VM_LOCKONFAULT mlock(p, 1024 * 64); //VM_LOCKED Then check the increase VmLck field in /proc/pid/status(to 128k). When vma is set with different vm_flags, and the new vm_flags is with VM_LOCKED, it is not necessarily be a "new locked" vma. This patch corrects this bug by prevent mm->locked_vm from increment when old vm_flags is already VM_LOCKED. Signed-off-by: Simon Guo <wei.guo.simon@gmail.com> --- mm/mlock.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/mlock.c b/mm/mlock.c index 9283187..df29aad 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -516,6 +516,7 @@ static int mlock_fixup(struct vm_area_struct *vma, struct vm_area_struct **prev, int nr_pages; int ret = 0; int lock = !!(newflags & VM_LOCKED); + vm_flags_t old_flags = vma->vm_flags; if (newflags == vma->vm_flags || (vma->vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm)) @@ -550,6 +551,8 @@ success: nr_pages = (end - start) >> PAGE_SHIFT; if (!lock) nr_pages = -nr_pages; + else if (old_flags & VM_LOCKED) + nr_pages = 0; mm->locked_vm += nr_pages; /* -- 1.8.3.1 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-08-30 11:01 UTC|newest] Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-08-30 10:59 [PATCH 0/4] mm: mlock: fix some locked_vm counting issues wei.guo.simon 2016-08-30 10:59 ` wei.guo.simon 2016-08-30 10:59 ` [PATCH 1/4] mm: mlock: check against vma for actual mlock() size wei.guo.simon 2016-08-30 10:59 ` wei.guo.simon 2016-08-30 11:35 ` Kirill A. Shutemov 2016-08-30 11:35 ` Kirill A. Shutemov 2016-08-30 10:59 ` wei.guo.simon [this message] 2016-08-30 10:59 ` [PATCH 2/4] mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) wei.guo.simon 2016-08-30 11:36 ` Kirill A. Shutemov 2016-08-30 11:36 ` Kirill A. Shutemov 2016-08-30 10:59 ` [PATCH 3/4] selftest: split mlock2_ funcs into separate mlock2.h wei.guo.simon 2016-08-30 10:59 ` wei.guo.simon 2016-08-30 10:59 ` [PATCH 4/4] selftests/vm: add test for mlock() when areas are intersected wei.guo.simon 2016-08-30 10:59 ` wei.guo.simon 2016-08-31 23:14 ` David Rientjes 2016-08-31 23:14 ` David Rientjes 2016-09-01 7:14 ` Simon Guo 2016-09-01 7:14 ` Simon Guo
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1472554781-9835-3-git-send-email-wei.guo.simon@gmail.com \ --to=wei.guo.simon@gmail.com \ --cc=akpm@linux-foundation.org \ --cc=emunson@akamai.com \ --cc=geert@linux-m68k.org \ --cc=kirill.shutemov@linux.intel.com \ --cc=klimov.linux@gmail.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-kselftest@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=mgorman@techsingularity.net \ --cc=mhocko@suse.com \ --cc=shuah@kernel.org \ --cc=treding@nvidia.com \ --cc=vbabka@suse.cz \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.