Re: WARNING in memtype_reserve

From: Alan Stern
Date: Sat May 09 2020 - 09:42:12 EST

Next message: Eric W. Biederman: "Re: [PATCH 5/6] exec: Move handling of the point of no return to the top level"
Previous message: Paolo Bonzini: "Re: [PATCH v2 8/9] KVM: x86, SVM: isolate vcpu->arch.dr6 from vmcb->save.dr6"
In reply to: Thomas Gleixner: "Re: WARNING in memtype_reserve"
Next in thread: Thomas Gleixner: "Re: WARNING in memtype_reserve"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 9 May 2020, Thomas Gleixner wrote:

> Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> writes:
> > On Sat, May 09, 2020 at 12:20:14AM -0700, syzbot wrote:
> >> memtype_reserve failed: [mem 0xffffffffff000-0x00008fff], req write-back
> >> WARNING: CPU: 1 PID: 7025 at arch/x86/mm/pat/memtype.c:589 memtype_reserve+0x69f/0x820 arch/x86/mm/pat/memtype.c:589
> >
> > So should memtype_reserve() not do a WARN if given invalid parameters as
> > it can be triggered by userspace requests?
> >
> > A normal "invalid request" debug line is probably all that is needed,
> > right?
>
> I disagree. The callsite espcially if user space triggerable should not
> attempt to ask for a reservation where start > end:
>
> >> memtype_reserve failed: [mem 0xffffffffff000-0x00008fff], req write-back
>
> The real question is which part of the call chain is responsible for
> this. That needs to be fixed.

What about all the other ways in which a reservation request could be
invalid? The MM core already checks for these; what point is there in
duplicating these checks in many places higher up the call chain?

Alan Stern

Next message: Eric W. Biederman: "Re: [PATCH 5/6] exec: Move handling of the point of no return to the top level"
Previous message: Paolo Bonzini: "Re: [PATCH v2 8/9] KVM: x86, SVM: isolate vcpu->arch.dr6 from vmcb->save.dr6"
In reply to: Thomas Gleixner: "Re: WARNING in memtype_reserve"
Next in thread: Thomas Gleixner: "Re: WARNING in memtype_reserve"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]