From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7FD6DC61DA4 for ; Tue, 14 Feb 2023 08:04:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EB8306B0073; Tue, 14 Feb 2023 03:04:15 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E67F7280002; Tue, 14 Feb 2023 03:04:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D564F280001; Tue, 14 Feb 2023 03:04:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id C72096B0073 for ; Tue, 14 Feb 2023 03:04:15 -0500 (EST) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 6DAA7140D3B for ; Tue, 14 Feb 2023 08:04:15 +0000 (UTC) X-FDA: 80465159670.28.54D9663 Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by imf08.hostedemail.com (Postfix) with ESMTP id 684A1160003 for ; Tue, 14 Feb 2023 08:04:13 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=none; dmarc=none; spf=none (imf08.hostedemail.com: domain of alex@ghiti.fr has no SPF policy when checking 217.70.183.197) smtp.mailfrom=alex@ghiti.fr ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676361853; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/lpFVfQ726TTeW1GXkzOwzgb21ly1lrK6EDPg93v/ok=; b=yQ4YzfQ4lcm1c6WWNtZwU38aKr0UlFw90K8P7sIxbXitdj8MbFGupbelI7ZVe0kJ3UTvKz 0Gcx4EHAkf/WTEkbqBe2sW3CltTAIXRtZVm9NpOe1QU1uhG1lG5A4CEVkciDLtBGkTG93C Wlo4cK5UfCgIAikj35LZTya0Fnoz6Sc= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=none; dmarc=none; spf=none (imf08.hostedemail.com: domain of alex@ghiti.fr has no SPF policy when checking 217.70.183.197) smtp.mailfrom=alex@ghiti.fr ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1676361853; a=rsa-sha256; cv=none; b=20nuSBYGuPFRSnSFPpdsAuLoCQ2W4+t4S0bPAKCuBHKRNZd6lK4wwfHXtkqIOxXQ8RUCAD NOQM2nZsTw8AVgNhs1OO42FRUcPRa9xXup2v4Nfz4btTkfzyjMIpxyKDpg6X1ohTNdUAgo JLQoJKENBtoiNiMaN5jklFNhtfLOum8= Received: (Authenticated sender: alex@ghiti.fr) by mail.gandi.net (Postfix) with ESMTPSA id DEED21C000B; Tue, 14 Feb 2023 08:04:09 +0000 (UTC) Message-ID: <4a54bd34-ea10-788b-351e-c0f6cc3cab78@ghiti.fr> Date: Tue, 14 Feb 2023 09:04:08 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1 Subject: Re: [PATCH] mm/khugepaged: Fix invalid page access in release_pte_pages() Content-Language: en-US To: Marek Szyprowski , "Vishal Moola (Oracle)" , akpm@linux-foundation.org Cc: willy@infradead.org, linux-mm@kvack.org References: <20230213214324.34215-1-vishal.moola@gmail.com> <3d27e26e-3f76-4b2f-ff5d-6576da2ab406@samsung.com> From: Alexandre Ghiti In-Reply-To: <3d27e26e-3f76-4b2f-ff5d-6576da2ab406@samsung.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 684A1160003 X-Stat-Signature: cchybo83st9gpiirmfadkkpdyaumyekr X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1676361853-90142 X-HE-Meta: U2FsdGVkX1+b4WnSMmrt0BSYAz0RsjzN2QrCWoiPEbyOFkZ7RhV/JnRohtf7IhCzognapEgXid/Ilnq9a2sB1hEv/CTwtHfRbcJDkf4u13P8BYOqbDBhBASYsr0Z6ZiMdN2YVN7y2O2kzUi7APPZNSsIKKC0JqjioXWIC4tOGsRmqCEdbR6hXtVBmH2ss94aDaLWQkG6TTfJ1YsVOf9ET9sM+zNmBZ3OPyxjsjLfT9VCzZ1ThczzySQQN13w/j/LuZao6fxHFxoOG18xtnpyE/rXfNMY3gocAdMcuYOB+HY9F+IhXKOJ8jqNLehbHpSIN2zQR/9C3JoAn7DhHjpCZiZPKKA0+qYMz5azcTLkl03oWlrC+dcUax6MbB74d+Ok2kJdUN60JyPMW3eAJSgxVycOi6D/bJKcAjYe7NgDEzBoG73PTeWUukfkgtkN5BDKmviKgJXQI7uteIByWwmQru2XFmy9rYbQ2e+j+ePpWBxoa4MWHr72+1Ml541APUBa6lsuSfCoIKKghgkSt185l6k7qX/7Qc7APHqQephfbTcBjWVNFtt8bfVKh8Nn7tYHt4Ifv9222/y3pg3x2DkN5RtKLlAENpoZ16sE6g/uY6/EGLKR9EK98xrjHar1r86GkzTGKxkZS/OOgGbkTYHwF/EtoVWyt2z7jEKh50uPRXLCiFrQl4tnfOxdaqZxjQwuQDpxgZXYo87fCfMucZEvQyWzjUIEyqYsDyW9Wug/S65KMmjn/Nlx+0FfGDef1a1k6Yl/oxceLfEy7EBzoDTuBy3HcRJXpqAqFoV25MFSESR1I01g2Qh6xqGYVpCwX2dyLT6O1Cyge1BPCTUu1iUxrh2FZ2a+0HYmNUAQcXQ9AuUeBc5weZK8U55YJoE6gOXoH9X2XdnnQ7Twl94b1wKw0TYoqsnZ4zDsYs8zc7KDDJ+CIPdMj260LHwBE+BKbsaX33Y7jvVMJWsa/Mh6tFp 21jfr964 4+KQqrQG1wO6KDLQvpQ1CmnIos9pTRCDIo5trV5WgBB7fGTHyzmUJxanODgKAx2dzJNMYMz7KSCy9E+vAd4y0Gkb3chHhwZnylR8NaqQfgS0YVE6liW3CrZQL0e4k5iqwnPbSyDzkg076dcpTIZIMaQztN6R6vXdDkZU9No6KksP38jhAkgk10+OKj0DWGPRw1fBL1px9ap1SI3d2fk1kJzsKPNPtKvSswSq73DM7jq57rM+FyoDnrRBR5QwHfZbJzKHSvfh+1qfQBiErdg3MeOWX6xutiE73eSdhrZLYOvnR+JZ57etqvu25srVNlZjE9+TA6njWmUclaNTeaHJjBSwAVk/j+jw0JWMEBItXcnLahQv5i+qeklpS76Ta108g7fVPqWI5Eomz2SlEbaSMewem+cztU1vJv15f X-Bogosity: Ham, tests=bogofilter, spamicity=0.000002, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2/13/23 23:56, Marek Szyprowski wrote: > On 13.02.2023 22:43, Vishal Moola (Oracle) wrote: >> release_pte_pages() converts from a pfn to a folio by using pfn_folio(). >> If the pte is not mapped, pfn_folio() will result in undefined behavior >> which ends up causing a kernel panic[1]. >> >> Only call pfn_folio() once we have validated that the pte is both valid >> and mapped to fix the issue. >> >> [1] https://lore.kernel.org/linux-mm/ff300770-afe9-908d-23ed-d23e0796e899@samsung.com/ >> >> Fixes: 9bdfeea46f49 ("mm/khugepaged: convert release_pte_pages() to use folios") >> Reported-by: Marek Szyprowski >> Debugged-by: Alexandre Ghiti >> Cc: Matthew Wilcox >> Signed-off-by: Vishal Moola (Oracle) > Tested-by: Marek Szyprowski Reviewed-by: Alexandre Ghiti Tested-by: Alexandre Ghiti Thanks! Alex > >> --- >> mm/khugepaged.c | 14 ++++++++++---- >> 1 file changed, 10 insertions(+), 4 deletions(-) >> >> diff --git a/mm/khugepaged.c b/mm/khugepaged.c >> index b39ab219d5b7..bd54b957f69a 100644 >> --- a/mm/khugepaged.c >> +++ b/mm/khugepaged.c >> @@ -511,11 +511,17 @@ static void release_pte_pages(pte_t *pte, pte_t *_pte, >> >> while (--_pte >= pte) { >> pte_t pteval = *_pte; >> + unsigned long pfn; >> >> - folio = pfn_folio(pte_pfn(pteval)); >> - if (!pte_none(pteval) && !is_zero_pfn(pte_pfn(pteval)) && >> - !folio_test_large(folio)) >> - release_pte_folio(folio); >> + if (pte_none(pteval)) >> + continue; >> + pfn = pte_pfn(pteval); >> + if (is_zero_pfn(pfn)) >> + continue; >> + folio = pfn_folio(pfn); >> + if (folio_test_large(folio)) >> + continue; >> + release_pte_folio(folio); >> } >> >> list_for_each_entry_safe(folio, tmp, compound_pagelist, lru) { > Best regards