From: Liew Rui Yan <aethernet65535@gmail.com>
To: aethernet65535@gmail.com
Cc: damon@lists.linux.dev, linux-mm@kvack.org, sj@kernel.org,
stable@vger.kernel.org, yanquanmin1@huawei.com
Subject: Re: (sashiko review) [PATCH v3 1/2] mm/damon/lru_sort: validate min_region_size to be power of 2
Date: Fri, 3 Apr 2026 16:31:25 +0800 [thread overview]
Message-ID: <20260403083125.5654-1-aethernet65535@gmail.com> (raw)
In-Reply-To: <20260403052837.58063-2-aethernet65535@gmail.com>
Forwarding Sashiko review for doing discussions via mails.
# review url: https://sashiko.dev/#/patchset/20260403052837.58063-2-aethernet65535@gmail.com
# start of sashiko.dev inline review
commit 525a0116b6d91612e679b30ae84e489a7540edbf
Author: Liew Rui Yan <aethernet65535@gmail.com>
mm/damon/lru_sort: validate min_region_size to be power of 2
This commit adds an early check in damon_lru_sort_apply_parameters() to
ensure min_region_sz is a power of 2. This prevents kdamond from unexpectedly
terminating when given an invalid addr_unit.
> diff --git a/mm/damon/lru_sort.c b/mm/damon/lru_sort.c
> index 554559d729760..3fd176ef9d9c1 100644
> --- a/mm/damon/lru_sort.c
> +++ b/mm/damon/lru_sort.c
> @@ -294,6 +294,11 @@ static int damon_lru_sort_apply_parameters(void)
> param_ctx->addr_unit = addr_unit;
> param_ctx->min_region_sz = max(DAMON_MIN_REGION_SZ / addr_unit, 1);
>
> + if (!is_power_of_2(param_ctx->min_region_sz)) {
> + err = -EINVAL;
> + goto out;
> + }
> +
Instead of adding this early check here, could this be resolved by fixing
the stateless validation in damon_commit_ctx() directly?
Looking at damon_commit_ctx(), it currently sets dst->maybe_corrupted = true
before checking if src->min_region_sz is a power of 2:
int damon_commit_ctx(struct damon_ctx *dst, struct damon_ctx *src)
{
int err;
dst->maybe_corrupted = true;
if (!is_power_of_2(src->min_region_sz))
return -EINVAL;
...
}
When this validation fails, it leaves the active context marked as corrupted
without making any state changes, which causes the kdamond thread to terminate
permanently. Moving the stateless is_power_of_2() check above
dst->maybe_corrupted = true would resolve the regression for all current and
future callers without requiring duplicated validation logic at every
call site.
Does this missing validation also affect mm/damon/sysfs.c?
When a user starts DAMON via state_store() -> damon_sysfs_turn_damon_on(),
the code calls damon_sysfs_build_ctx(). This calculates min_region_sz and
then directly calls damon_start(), bypassing damon_commit_ctx() entirely.
Because this bypasses the is_power_of_2() checks, kdamond can actively run
with a non-power-of-2 min_region_sz. Core DAMON operations like
damon_set_regions() use ALIGN() and ALIGN_DOWN() with min_region_sz, which
perform bitwise masking that requires the alignment parameter to be a
power of 2.
Could this allow userspace to trigger incorrect address boundaries, massive
unsigned underflows, or infinite loops during region splitting?
> if (!damon_lru_sort_mon_attrs.sample_interval) {
> err = -EINVAL;
> goto out;
# end of sashiko.dev inline review
# review url: https://sashiko.dev/#/patchset/20260403052837.58063-2-aethernet65535@gmail.com
#
# hkml [1] generated a draft of this mail. It can be regenerated
# using below command:
#
# hkml patch sashiko_dev --for_forwarding \
# 20260403052837.58063-2-aethernet65535@gmail.com
#
# [1] https://github.com/sjp38/hackermail
next prev parent reply other threads:[~2026-04-03 8:31 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-03 5:23 [PATCH v3 0/2] mm/damon: validate min_region_size to be power of 2 Liew Rui Yan
2026-04-03 5:23 ` [PATCH v3 1/2] mm/damon/lru_sort: " Liew Rui Yan
2026-04-03 8:31 ` Liew Rui Yan [this message]
2026-04-03 15:55 ` (sashiko review) " SeongJae Park
2026-04-04 9:09 ` Liew Rui Yan
2026-04-04 20:18 ` SeongJae Park
2026-04-03 8:59 ` Quanmin Yan
2026-04-03 9:50 ` Liew Rui Yan
2026-04-03 16:19 ` SeongJae Park
2026-04-04 9:11 ` Liew Rui Yan
2026-04-04 20:30 ` SeongJae Park
2026-04-06 9:41 ` Liew Rui Yan
2026-04-06 15:50 ` SeongJae Park
2026-04-03 5:23 ` [PATCH v3 2/2] mm/damon/reclaim: " Liew Rui Yan
2026-04-03 8:33 ` (sashiko review) " Liew Rui Yan
2026-04-03 16:07 ` SeongJae Park
2026-04-03 16:20 ` SeongJae Park
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260403083125.5654-1-aethernet65535@gmail.com \
--to=aethernet65535@gmail.com \
--cc=damon@lists.linux.dev \
--cc=linux-mm@kvack.org \
--cc=sj@kernel.org \
--cc=stable@vger.kernel.org \
--cc=yanquanmin1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox