Re: [PATCH v6] mm/hwpoison: fix race between hugetlb free/demotion and memory_failure_hugetlb()

[Andrew Morton]

On Tue, 5 Apr 2022 01:45:45 +0000 HORIGUCHI NAOYA(堀口　直也) <naoya.horiguchi@xxxxxxx> wrote:

> On Mon, Apr 04, 2022 at 11:53:33AM -0700, Andrew Morton wrote:
> > On Mon,  4 Apr 2022 18:21:31 +0900 Naoya Horiguchi <naoya.horiguchi@xxxxxxxxx> wrote:
> > 
> > > There is a race condition between memory_failure_hugetlb() and hugetlb
> > > free/demotion, which causes setting PageHWPoison flag on the wrong page.
> > > The one simple result is that wrong processes can be killed, but another
> > > (more serious) one is that the actual error is left unhandled, so no one
> > > prevents later access to it, and that might lead to more serious results
> > > like consuming corrupted data.
> > 
> > Should this fix be backported into stable kernels?
> 
> This is a bug fix, so eligible to send to stable. But I thought that this
> patch is larger than 100 lines (and hard to separeter to finer patches),
> which seems to violate the rule stated in
> Documentation/process/stable-kernel-rules.rst.
> 
> But actually this rule might not be strictly applied (some patches in
> v5.16.y do have more than 100 lines diff...). So if we can ignore this rule
> exceptionally, that's OK and I'll add CC to stable again.

I never actually knew about that rule ;)

Thanks, I added the cc:stable.

> The target commit of Fixed: tag is 761ad8d7c7b5 ("mm: hwpoison: introduce
> memory_failure_hugetlb()") which was introduced in 4.13, so most of active
> stable trees are affected.

Oh. That's good to know.  The original patch didn't have a Fixes: line.
I added that as well.