From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25C92E77197 for ; Thu, 9 Jan 2025 19:01:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 96E636B0092; Thu, 9 Jan 2025 14:01:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 91DCD6B00A4; Thu, 9 Jan 2025 14:01:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6FC8A6B009F; Thu, 9 Jan 2025 14:01:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 418778D0002 for ; Thu, 9 Jan 2025 14:01:41 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 96A7143800 for ; Thu, 9 Jan 2025 19:01:40 +0000 (UTC) X-FDA: 82988832360.14.578B7AB Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by imf10.hostedemail.com (Postfix) with ESMTP id CFCFCC001D for ; Thu, 9 Jan 2025 19:01:36 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=oracle.com header.s=corp-2023-11-20 header.b=iaoEZ7Jf; dkim=pass header.d=oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=II9wTvNF; dmarc=pass (policy=reject) header.from=oracle.com; spf=pass (imf10.hostedemail.com: domain of steven.sistare@oracle.com designates 205.220.165.32 as permitted sender) smtp.mailfrom=steven.sistare@oracle.com; arc=pass ("microsoft.com:s=arcselector10001:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736449297; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Ws/+a1cttTG4vwFmDHm4vKorut+9oZ6RDw/OFHADdTc=; b=GltpR9VqBRCIpoujPHwwDRLnclB6CmLLUmQwVu+bK9TVRAPTHoQ3rIMciyXNbfqedu3OOe TJX4noH7WpJ43Bz9SzRIrJIuRBmKKDaV0eFqilybVGZza88pNC3uEl6Cl74GESs/7yeSc4 a9G7Y6M/Yq809uoSla1fsVOkuM1jLHI= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1736449297; a=rsa-sha256; cv=pass; b=P3KScXtW1LcxGLiC4K6ZSj1M/QMSKvloA7aQi3xCs09obGHNL+vcFYvf02sIVNhIFQm7+A 9Co308m1Cun/pUkSIkW/xTyYuVY7Oag1SVnWQZNjDMV4QuI9V/xIRdmTWlvu+w/jwhCQH1 8Y6VRl1L/eNY6sBNvWWfU93WWVlU3yk= ARC-Authentication-Results: i=2; imf10.hostedemail.com; dkim=pass header.d=oracle.com header.s=corp-2023-11-20 header.b=iaoEZ7Jf; dkim=pass header.d=oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=II9wTvNF; dmarc=pass (policy=reject) header.from=oracle.com; spf=pass (imf10.hostedemail.com: domain of steven.sistare@oracle.com designates 205.220.165.32 as permitted sender) smtp.mailfrom=steven.sistare@oracle.com; arc=pass ("microsoft.com:s=arcselector10001:i=1") Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 509GY023003884; Thu, 9 Jan 2025 19:01:35 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= corp-2023-11-20; bh=Ws/+a1cttTG4vwFmDHm4vKorut+9oZ6RDw/OFHADdTc=; b= iaoEZ7JfuyD16PCfJYY8wk30jdFhC6Wcr6DHur0P6esJ9c/0I9yADo1N+HHxplCi 2ornPt525Yj2AzC9drkaTagdlQOnQ3UapR6WvcvRUky6QPCx22frr7cvkmFmHzKZ JrHmMy7+g2mtsmfUJ4a6HX97ab4yCBXWvThrwum5uduSq/NzwJdTMIcm4B4yOBVY mpkhKsVpSLjpC1zEQX1H7/ma/IaT+NOqciTLXEiLevGuU7erR/eJMgvrY2jMbFSe FI1wcN7k1R7gkTvpyGEcY190ftsNoOJyBoI79c2wHsNJA1HiqbgWLsRxnMx5bAeb Ny8d71eLQ0z/y86gGmmCvg== Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.appoci.oracle.com [147.154.18.20]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 442gy5rf13-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 09 Jan 2025 19:01:34 +0000 (GMT) Received: from pps.filterd (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 509HLIQ8020171; Thu, 9 Jan 2025 19:01:33 GMT Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2170.outbound.protection.outlook.com [104.47.57.170]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 43xuehuk8p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 09 Jan 2025 19:01:33 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QFmwHcLQx0SyiGJQRwK0kQoZ1SZRFzu5EaZEYCwy/Tr4FVA6ZW3Wi6SUhFMsDcZcKfKsbvxorEL9QCJahvCxI5/7kmJQ9OAZ7MB2YL9WsoqN8ZnbmpP6ViWTuB3o2SfHrzWWbeJb+/ApBVC55/NRjO7xgjpUh7TzCkzDGlA5ERmHYT8qPJ0WL6UNmz+wlUwHq4Y/En6ArZH5JTPft0g8dWZKDMWRH/eAOvorjig1lgDtk/d3j01verkFgBUw45/+QNjsGfeyc+hNmldBYY22LH38xH0d2WzJ5F5BiJRkufQ3zo693cbVHbjrwJ233J6hVYwVfeTtFzfmjdrc6EkLnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ws/+a1cttTG4vwFmDHm4vKorut+9oZ6RDw/OFHADdTc=; b=na6O58TGLBsCmDrJxpRZmcLzIjXyf61ZSAnDgxBl/I2eMNBgnBEn6Z+87KTExD+AnYLmAZ+5WdLVNVgfoxY0nOnK94rrcgefrpiuq8MHDmW0sbUrmOqIGn3CzElkp9pGUjL++3+jnt/uA/1ynNooFAvPxUnH9h4DJJHPc6xUbLcRr8XothQ7wg9jDtL3q6nowNPSNFZs+CqUHPoLLFZ9H5Xe+6lvY/j37gsqIvzuclDiln3IwSWsm4ksh4rz7V7I7+xmHVugd7iPfm9cdVnBXDK34aPNzHId5p5bpMTuft7AANSOhbqbTAF0J91SkNuBVx8nuxpDOVZg5fFS/5MSyA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ws/+a1cttTG4vwFmDHm4vKorut+9oZ6RDw/OFHADdTc=; b=II9wTvNFGTLQQIdVuPXWi1B0NaeRm3Qx7kROX3703z9pywERbkFNv53O0RDpY2e6h+526plTJfENySSAeDVx07EgUDtZS0zGXL1P/n27SETuPLwnhgNtFj+eVga8QBwMh0tl9npvxZJ7I57Hxnbxd1pOMS395vVfrgNblyPfoIg= Received: from IA1PR10MB7447.namprd10.prod.outlook.com (2603:10b6:208:44c::10) by PH8PR10MB6671.namprd10.prod.outlook.com (2603:10b6:510:217::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8335.10; Thu, 9 Jan 2025 19:01:30 +0000 Received: from IA1PR10MB7447.namprd10.prod.outlook.com ([fe80::f2fe:d6c6:70c4:4572]) by IA1PR10MB7447.namprd10.prod.outlook.com ([fe80::f2fe:d6c6:70c4:4572%3]) with mapi id 15.20.8335.012; Thu, 9 Jan 2025 19:01:30 +0000 Message-ID: <7631067f-0a5f-4ba5-b630-d434a3ed2f72@oracle.com> Date: Thu, 9 Jan 2025 14:01:25 -0500 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] mm/memfd: reserve hugetlb folios before allocation To: "Kasireddy, Vivek" , "linux-mm@kvack.org" Cc: "syzbot+a504cb5bae4fe117ba94@syzkaller.appspotmail.com" , Muchun Song , David Hildenbrand , Andrew Morton References: <20250107072517.2089633-1-vivek.kasireddy@intel.com> <12795c8f-11b6-4e31-aa1e-b3b4d3108c53@oracle.com> Content-Language: en-US From: Steven Sistare In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-ClientProxiedBy: SJ0PR03CA0104.namprd03.prod.outlook.com (2603:10b6:a03:333::19) To IA1PR10MB7447.namprd10.prod.outlook.com (2603:10b6:208:44c::10) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: IA1PR10MB7447:EE_|PH8PR10MB6671:EE_ X-MS-Office365-Filtering-Correlation-Id: a09c9b55-5eb9-4156-0862-08dd30e00714 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?utf-8?B?Y05EOVYvQkd4TTBXZ2dOYXhHaWZIaE5oSUdSL29qY0tySzhQU3BhSXgwVXlQ?= =?utf-8?B?dE8xb01hR2kwNlYyeHFHc2pXcjNWZjZqMXYxWHFoVkZhSXd5cTBudThmb2pq?= =?utf-8?B?bzdkZExaVHlrOWE0L0plR3NmS3l1ZW5qejJ5bnJBMGU0dlpNajVuYUlkQlNY?= =?utf-8?B?ZVZiSzZxRmpTZWZ6RmdmS1czNEdqbmk5Ny9OcldZcmQxMmtob0RZdnVENi9Y?= =?utf-8?B?NGcvTXMrMG9BbGk0YlNjVUhkM1k4NmtpWTZuMHI2VUdRR2RFUVdFSVRoTTAy?= =?utf-8?B?ZjM5RlJsdDc5djl1SXFCNkxsZ1ZrSHFzRjBMNGV0QkhZNWpnRHo1SEc2dnNa?= =?utf-8?B?ME5HcUREN1lsUHI4RUN1aTRuTU1PWk9MS0Y2UnB1a25SeDBhajZMOXg1NGNM?= =?utf-8?B?UDlVOE9YTEV0aDVraWZ4bEp1SUJlZzRtaFVaVTdoUzVKRkNpbHVQMDRQUjE4?= =?utf-8?B?Q0JOOUh5cmhJZlhmV1VVMDdVWjdSVFpJK05uR1dKM1locnNnSFdOTkhlcWg3?= =?utf-8?B?VzJBZ0Eybk9kTWFtUDQ4Tm5pdHAwMVRJcGJjKzV4Z0VtakR6aDBzcHIzRVpC?= =?utf-8?B?cFFTSytveGphT1pJL1FkdUN0QjVuZldzL1hublVHcUo5ZzVPYXJxSjB4ekpi?= =?utf-8?B?ZUxJK2tUbnFqMVZRSmpybmVERmkxeVlYUkdkb3VMTUdIWHV6Rm5xb2xhZUMw?= =?utf-8?B?WVJXQmFsZjE0NGtlMlpkbWFNZVFqaVUrVnpDRUJINi9oSGdjK2U0enlIdDlE?= =?utf-8?B?dWNRSmowdEtKUFQySDRZWnA2cDdXczN1T3lZQ2RFRDZwTXU5WklwRFg1YUFZ?= =?utf-8?B?enV4a2ZFaWRSblBHclFDVW4zSkdYVUVOOVFmcmdlaDJ3S1FzdWlnNC9Vc1JR?= =?utf-8?B?RjdIdVREUDhRZVhMQUYxczdLSmNXaWYxLzVKSmZROEpLKzQzNHJOQVFvcFdN?= =?utf-8?B?M1JybDBQMEFheWdhMlRHbTU0dmptaEZLWU9peHNMN3N6REpxVlBiaFhwOVk2?= =?utf-8?B?enoyS3B4RTV5OXpsaGNiS1BYOEh5QmpIVVRSakhhWDkxNHdyT0ZZbU50NXM5?= =?utf-8?B?aTFhR1NkeEZNbG1pWnhkNTNWMTdYb25jZzh3NXQ3Um1ia08yd0FtRXBFQlBz?= =?utf-8?B?MnNEdXRIdXZuQTk3REJGMkFNM0NIb0ppUDNQQmwvZWo3SlBGYis2dUVIV2xM?= =?utf-8?B?SzNib0tQcStrT0VJWWxnRGZidldiN3NMMWNVRnNza0Rjd1Z3RVUzMzBaVFZ1?= =?utf-8?B?cUUrZTNEaXB0Nm40OWR1a2FuNFo0U1NyQUpWUlRSaHZsdWxFWVMwU0ROcTll?= =?utf-8?B?cVp2TE1zSWJMTGNZcFZvRkVFWnRxalJFYzIyUHA4K0o5b3RIT0k3dGZGanp4?= =?utf-8?B?aGUxb1BQQ2RBeiszQnpFdTErV2RPZ2Yrb096MmVlVVgwNHpJQmlXRWg2Q01T?= =?utf-8?B?cFN3blY1Tnh5SVAwak1jbGlqQkpUM3R2NUFPeHcwZEVrVk44bHpwSEJDMk9N?= =?utf-8?B?aElRVWpsU05TR3BDZUtpWWk2RGFBS1pwUXR5MlRhUDdCa1RFLzM2bDBQaXhZ?= =?utf-8?B?NlNOM0orWUJTRjlFMlZSWTRFci9OTkFkUEJCeUpvYlUzcVNlSzJhVWN1Ukoy?= =?utf-8?B?RTNsbTdUOHh6bkwvck9ON01NQitzWHNTUkNpeTVqdzhBQVFTMzJlMHU3SFg3?= =?utf-8?B?ejl5SHNlS2JoS0dRZlJrWEQvMFhtS3FZaDE5cEhPbnN2SVVGZU9aZWV6Tm4r?= =?utf-8?B?ZEwvRFlOSEFBMlk0RU9Gejg2S3NwbUNWQ1F0RHZKaW5MaXFWdnNjdTZYZ1Ez?= =?utf-8?B?MDBFOWU2TkhtVWxKUUxnbGhWQVJ1eFJNRFJqL055NmpSYTArTHdzOU9CblpO?= =?utf-8?Q?1P+Uf1i9aDd41?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:IA1PR10MB7447.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MTJDR2NWS3pNZUc2TkRZV3dCbzd5UXZWKzdhWWlaOFdSdTI5ZytRVXZmTlBW?= =?utf-8?B?d1pEQ3h5VDc5MTNTNnNZRVBBYkJtK3NBT2M2dFZVVzVBdFg1MCtyeWhqS3Rv?= =?utf-8?B?bHhpMEZ6cFJWTDRYWHN2dkNHSXZud2k4ZkxQMEg0bCtrME9uS0Qxak13N3p6?= =?utf-8?B?MFcrQXMyemNySmgrNzhHeHJ1cHd1Mjg2OGFsS0FkVjJzV0VUQzRMenI4K1Zs?= =?utf-8?B?UGVKYmpGSmVYdlh0VDB1dExUTnZsS2tFTkVmQkxXQ2w0VG1GR0NMRkVQMG9R?= =?utf-8?B?UHBZUzF0UWw2Z1N6Wk1aUFBMVEh5S3crci9XR2FPYkpuR1VZZ0VmL0VaemNU?= =?utf-8?B?aUM5TXdZc0RBTk91UEhtQnJGQ2ZIVW9mbDZ1MFNVQUc1Q0tSZGdndjBkcDNR?= =?utf-8?B?bjJkRmFYRTVyRHdyR0YwK3BTVE14aUYxaUMyL0owQ0x0WjZkSDdsT2p4c1F5?= =?utf-8?B?ZFNXekIrc3ZrbkJtL0k1ZTRkNGYvaldLeHZ5aFo4OHNNczQzUXdjcWUzOXpt?= =?utf-8?B?bUxGMkpGZlpnbXkvMmxTZm5RNUhPS2hCb3FlTzd6SURaR0tWQVVrWEJIODNv?= =?utf-8?B?aU53UmZPc0wwY3dZd1NGNDN0MlpFTkVyQVVqNGl4U1JWYTlER0tSWXg4aXVn?= =?utf-8?B?UHlMbjl5TnowcjB1c0J4ejVDN0FKNXo5bjdMbVMrM1BCdlFycElUN3hWTUlQ?= =?utf-8?B?ZURzUTJQN0dROGo2S0x3YzV2QWdNWmdGdlh4WkVOcm4wRlNTeWhUb08wTGxG?= =?utf-8?B?SUFvcEd4NkwySTNUSitOQVVtTDFmT01qNnNOdFc2RkRhZGJETk9EWXRHR3pu?= =?utf-8?B?bkJFQnA5M1lrVFhZQ0ZTd1VBUUtuc1BUTTFRbjFxbWtoRW1WSy9rekNYVUJO?= =?utf-8?B?VWFDMWdhTGlqdTFxaDZzU1pCbDduUnhiQkRVRXEySS95YXAvVy9kZTdZSUF2?= =?utf-8?B?VElPSkZzUzVJdWxZdXVjcnpJMTRsSWVrMHJENGt6SklkQTdvME82aDY3RFo2?= =?utf-8?B?Wm9zLzBiTVMzWkhKOUt6UFo3STZUZlhVaU45MjVGeFpLT21QUWJxUUdUd1RN?= =?utf-8?B?dDdPQ21CT1VXM05CTi9zaVRKNG1aa2dLdlJFNVg1Q1YranhYZWt0UVdXQXJB?= =?utf-8?B?cHpnRW9qUUhvUDl5a0pSNjRHUE1JaFU4eXhKM25iZ3pYS3FLTXErOE1RUVhx?= =?utf-8?B?eGh1RjdZUGoyZ1o1NmVrVGJzMTVtNThxblFyVSs5czNzL1BRMGVJUy9YREVl?= =?utf-8?B?dElONFZld0tPWUZCYkVXdmJBRk14YUw1Zm5mZTlBRUtzY29ZZGM4VUF5NnNM?= =?utf-8?B?c0xmU2g1Mml2T3hKeTNzcVdNOFFVVE1HcXZPU3piQThWcjIwWHYvdTNWMGkx?= =?utf-8?B?T2djSnpBM0o2aEFURFlHMVZqVEFlSDV6bXgyQWczYU0zMGtKOTEreVdEQ1Q4?= =?utf-8?B?UFRlM3RHVWs5cnRGRWc3YnVNUGtuSWlhRm83QXozUDVSRmNscUJuZURNbEVv?= =?utf-8?B?T3hFaU1nUUNnR1ptYU5yK0tNQUZGbUQxWDBTbEN5TDRpK3RjVkxSN2d6Tnlh?= =?utf-8?B?ZjkxZVZ4Tm5OWTBVZFE3d1JUK1pEazd3RGhCK2Nibk16OThJbEdPR1ZKc3d2?= =?utf-8?B?UjJBUVFvRFBISzY3VWZReXBrZEJNa2dTQ2FvcFR0NWQzM3lGWGQ0cndXeTJO?= =?utf-8?B?L1JUVDUzczEzcWdralhESVFxWU5XSmRrcmoxQXBlTG1uMnUwb21DVms3NFZH?= =?utf-8?B?enJSdWxOTGtrWjlJQVFHb1Z5TExPMnF2SUdUalIxdWx1MjY5b3BFQy9UbC9z?= =?utf-8?B?T2hkaUh1OURnWS9XakEwR25PQU9BV1RUUzVSdVROQ1JBNEV5UzcxcXh6UmlT?= =?utf-8?B?SkwrNGpvR1RiV0kwUEJrVE05WWdFa1FheWlVT1dseW1leHM1bE1yWk5OeElt?= =?utf-8?B?d0ZCMUNWTWdPRDB5b0RNa001U2tLZXNhRHcyaDQybTVrS3ViNENvVTg4bGpN?= =?utf-8?B?dTdaOGpqUHJpN3NlTmllUVM1azJjSjJhSXVwQUFFREp3ZUtsQkdvcVNodnZu?= =?utf-8?B?bHBiYUVwQlFJdFFLNzJPTVdqdXNFSnBkaEJBdGRLWVlVVnBsMzlwak1sTzlq?= =?utf-8?B?bGF3aVY3RkZWejE2aWU3WFpjZWM0SUVQWm41ekliaGlzb1dUVzQwaFY1Rkcv?= =?utf-8?B?VXc9PQ==?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: SZN5Q0YxdsjRxMUd4BbnCHvMbsggACRV6NRpFRtaT7oDNdcWB/MFAmCgqZp7RkEf34D64JE+Pa4dN9/5mnglca3xBUQWNi5gi9xjrQhs0qZCb2wtoIN3JzdRhXIIgNAdtF9lswhmMxnLAq4OFUCcc1G1WTjU+qETLNw8st4Gk2prZph9jOt2fwaoVNkzS9e8d8/FfBAGK1T2821vOJQQ3Q1TiRk6F5evCer+cXH3hBX3V+Tgk3jVp1Z5pQGKzWFVQR0BYT18O8TAhfHyl+FduC3jQ0SrFa593dpNNItu1Lz3sCvL18X4fsMjLlbZpekv10yxPPK8Z49/qDbe/jf8VjBz6CyKdRipZD/R+QnR7DkRgcxxDPEH5vrH/VoMAYa165laoOPjzxo6VMl/IG5KL5aDNNH56QtPQDEIt2dYZh2RDx+A9VwgVWlxgW2ACNCDseJgiGK+nx9o5AnkwuLH5GB8IG6WLe2vQCYx1kMkUlaSRgr9Q3zttIihWbnmkzyoKGUGd+O72Z9h3FXGK8CZDDx9HQ2ului9Zx5pCxxA5OEe/22E891mxi6aV2SKu0sTgKH4OdwVcX5t/eIOjUGtZ4HWZo+CMVzeMTOS03RA9p4= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: a09c9b55-5eb9-4156-0862-08dd30e00714 X-MS-Exchange-CrossTenant-AuthSource: IA1PR10MB7447.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Jan 2025 19:01:30.8130 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: jsQzL56rqk569vwuRIIsOQosS5Xfhybk4elbIUVxMVyut6HYawf6CFu3dISvFSO0g372fFRD6FDEb8+s+euQMez6/TgAQV7gfNH8GLBVy9g= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR10MB6671 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-01-09_09,2025-01-09_01,2024-11-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 adultscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2411120000 definitions=main-2501090150 X-Proofpoint-GUID: afWUw3RsOBB_Am3qpqBDR1C30GFgaXjz X-Proofpoint-ORIG-GUID: afWUw3RsOBB_Am3qpqBDR1C30GFgaXjz X-Stat-Signature: z5mzofpxtpfaf1tbbqmcq6sdr5gw1yc7 X-Rspamd-Queue-Id: CFCFCC001D X-Rspam-User: X-Rspamd-Server: rspam01 X-HE-Tag: 1736449296-248966 X-HE-Meta: U2FsdGVkX193uLV3/2+jjvHRzlHNQnhkBCyXuqxwBja+mp+PPRKpA4MvQiIO6delz88r56YnR1wnZHRJc6K8B/JKxyt1jS0TyE9IobweazR5CdCuICHNi+Dd46tay3qK9IoBEAz+q7rjXCdfAFNvDV2aNjlEISRDixYG/HF/6etDHXNRJYZGdtTMbtb+/teREeHM90Fvivb7LXvUFD79UD2nXx4P3oR9XgY9/TSeyOlmNLsqVmfhSQM7HC7HRdc2dLixHxZPIIo3m4tbLxsQEyi9YLdaHhY2JOmhWzkpojdmregntdxPWdCDp6SuTPAQ2LNib9wJvXq+tsSpNRfwGNGghclsKfzPhuW++rvTMDYlFDqFk+ad3lJLFmy+VjMPNc3gFJ8BHt7xV8IFkpUzKo/BqW42Px/Qbt+tFonRhFhY3XVEU63SBr+Hmj72Gkrz99tSEea2Z4CT17vcIYrT9OQ+dxVw8ga8VNE+8HiXXjj4nqyXwZ6LvJPTSaCMBjHxbWEBlP8T4gT8R3EgoHWfptFfaueyol2qnaTNixBxpvuWHuCwvu29iPpmROG9l4dyfNnc45sCS+9s2MpUNyuNDAbM0ZJg21I6pP56Ox/cVOtwggH3ISezCDaVgWif1w4Mjch4lvUbGcDSmVfqeJ+nrUPAAo25PlbBS2vRpA9OGZkvrF/z0HIkcpYRfyLqi3K/Xmxq8F5JwbNOu1JvxnfDOu8lZZyg6kqVqei2NaRHSb2/M6RpkQcsj1l/J1IJAMmJuHPOLSzna7BquOGCBDImnY9w+zt1mwsIkc8quym5tQVvY9fViN1qIOFaaElMgRf3Ild2A2w++sfEinJh7p98pyD2pgp1LW33VeniYfaqwWXLQbngpfV0wDpTUQj348MhnOes8rFlNOx7Cc2WHtJoSoxPnnzqp47Oi2aloljeYIFzN0p896EXA/KZpoqA18V2WSx1B7Ze2WpAlYCEsXj TM6bjPva leaoJ34lcwGAx0fKAe+1EnGK+pmj8/JaXaHHqJxh5wMnKw58kIuiZ984zI+wS92rl41M8rWMje0vNR8jOAbh8JhGf92F77ubzXeUMaz3fAjWkEgqe5+LxHPVoLLEer12ZCPLBEpE0zNh/2rhPhYIhWcbt1o3UruiTg5mNLiACQ/I4tYy2G+oDRE1uBp2GCFn4bfgnWZUddobwOAA/riJDLEkoXJYXWK3lNMZ2ehPckRJPzY1UGEr1MXR73rSN8ZpX2Ks1s42oj63rU6QwAwf3iOX7kdq8VCKTolyulLgizHdT3CiDSXSv+t0u7/iuKbpP/+MhB5Kd2t3nmru9grrLpNdR+stx7Y3U8z+t3ZTIIVX18c/fJ7n2MLsq2Xnh0TtpTpnRsElekMqdKUGGaei19aT0h+Cy3mazIfvB4TObICR+hBuAVoPuPh6etyieq1JHXG7mGCoqtEz0M/jKO46tzGW//4hwFWRfLYwLgGMsBjNUnxcOy98di7ajWClWNr8LzdxIkMrmohDc1sV55wKlDyIRg/j3+6WT7Nzsv2CYL1E7QwrUphsKukE6idvsXJgu4iCWC5x4pQZDQNUdWJLuZT+pyfCHe5x7mrGxnjIuibjrBI8LoLW9N3kfoBlVXzPCZMfscTd0Vy8Rj+eN1fwrm30hKPdWxtjhux2DFHX9BNMM/dWRFHNFgmmHvhCUgLOHC4pMA+0KqLNOKB41M4EY6nT5QETpQAYnb00kvRBVTqpNnuUyDOEk1XWoJ7ASXdjR/nWKIPX101PcvhfZOq6pJZhbLUBFmJDAoQPBC0uNvHwtgFPEB57q288PCKk8UPo7nQMIc4i8UBJwWKqBSqKSF3ab3TklTfn2ZWYeoQ9lCiPEc7Lk3NFFzFNjDzKzRdJ/lDkC2dBD2sprXhv7AiATQ6+jASCYYKvbF1n2 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 1/8/2025 2:24 AM, Kasireddy, Vivek wrote: > Hi Steve, > >>> There are cases when we try to pin a folio but discover that it has >>> not been faulted-in. So, we try to allocate it in memfd_alloc_folio() >>> but there is a chance that we might encounter a crash/failure >>> (VM_BUG_ON(!h->resv_huge_pages)) if there are no active reservations >>> at that instant. This issue was reported by syzbot: >>> >>> kernel BUG at mm/hugetlb.c:2403! >>> Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI >>> CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted >>> 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 >>> Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS >>> 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 >>> RIP: 0010:alloc_hugetlb_folio_reserve+0xbc/0xc0 mm/hugetlb.c:2403 >>> Code: 1f eb 05 e8 56 18 a0 ff 48 c7 c7 40 56 61 8e e8 ba 21 cc 09 4c 89 >>> f0 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc e8 35 18 a0 ff 90 <0f> 0b 66 >>> 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f >>> RSP: 0018:ffffc9000d3d77f8 EFLAGS: 00010087 >>> RAX: ffffffff81ff6beb RBX: 0000000000000000 RCX: 0000000000100000 >>> RDX: ffffc9000e51a000 RSI: 00000000000003ec RDI: 00000000000003ed >>> RBP: 1ffffffff34810d9 R08: ffffffff81ff6ba3 R09: 1ffffd4000093005 >>> R10: dffffc0000000000 R11: fffff94000093006 R12: dffffc0000000000 >>> R13: dffffc0000000000 R14: ffffea0000498000 R15: ffffffff9a4086c8 >>> FS: 00007f77ac12e6c0(0000) GS:ffff88801fc00000(0000) >>> knlGS:0000000000000000 >>> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 >>> CR2: 00007f77ab54b170 CR3: 0000000040b70000 CR4: 0000000000352ef0 >>> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 >>> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 >>> Call Trace: >>> >>> memfd_alloc_folio+0x1bd/0x370 mm/memfd.c:88 >>> memfd_pin_folios+0xf10/0x1570 mm/gup.c:3750 >>> udmabuf_pin_folios drivers/dma-buf/udmabuf.c:346 [inline] >>> udmabuf_create+0x70e/0x10c0 drivers/dma-buf/udmabuf.c:443 >>> udmabuf_ioctl_create drivers/dma-buf/udmabuf.c:495 [inline] >>> udmabuf_ioctl+0x301/0x4e0 drivers/dma-buf/udmabuf.c:526 >>> vfs_ioctl fs/ioctl.c:51 [inline] >>> __do_sys_ioctl fs/ioctl.c:906 [inline] >>> __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892 >>> do_syscall_x64 arch/x86/entry/common.c:52 [inline] >>> do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 >>> entry_SYSCALL_64_after_hwframe+0x77/0x7f >>> >>> Therefore, to avoid this situation and fix this issue, we just need >>> to make a reservation before we try to allocate the folio. While at >>> it, also remove the VM_BUG_ON() as there is no need to crash the >>> system in this scenario and instead we could just fail the allocation. >>> >>> Fixes: 26a8ea80929c ("mm/hugetlb: fix memfd_pin_folios resv_huge_pages >> leak") >>> Reported-by: syzbot+a504cb5bae4fe117ba94@syzkaller.appspotmail.com >>> Signed-off-by: Vivek Kasireddy >>> Cc: Steve Sistare >>> Cc: Muchun Song >>> Cc: David Hildenbrand >>> Cc: Andrew Morton >>> --- >>> mm/hugetlb.c | 9 ++++++--- >>> mm/memfd.c | 5 +++++ >>> 2 files changed, 11 insertions(+), 3 deletions(-) >>> >>> diff --git a/mm/hugetlb.c b/mm/hugetlb.c >>> index c498874a7170..e46c461210a4 100644 >>> --- a/mm/hugetlb.c >>> +++ b/mm/hugetlb.c >>> @@ -2397,12 +2397,15 @@ struct folio *alloc_hugetlb_folio_reserve(struct >> hstate *h, int preferred_nid, >>> struct folio *folio; >>> >>> spin_lock_irq(&hugetlb_lock); >>> + if (!h->resv_huge_pages) { >>> + spin_unlock_irq(&hugetlb_lock); >>> + return NULL; >>> + } >> >> This should be the entire fix, plus deleting the VM_BUG_ON. See below. >> >>> + >>> folio = dequeue_hugetlb_folio_nodemask(h, gfp_mask, >> preferred_nid, >>> nmask); >>> - if (folio) { >>> - VM_BUG_ON(!h->resv_huge_pages); >>> + if (folio) >>> h->resv_huge_pages--; >>> - } >>> >>> spin_unlock_irq(&hugetlb_lock); >>> return folio; >>> diff --git a/mm/memfd.c b/mm/memfd.c >>> index 35a370d75c9a..a3012c444285 100644 >>> --- a/mm/memfd.c >>> +++ b/mm/memfd.c >>> @@ -85,6 +85,10 @@ struct folio *memfd_alloc_folio(struct file *memfd, >> pgoff_t idx) >>> gfp_mask &= ~(__GFP_HIGHMEM | __GFP_MOVABLE); >>> idx >>= huge_page_order(h); >>> >>> + if (!hugetlb_reserve_pages(file_inode(memfd), >>> + idx, idx + 1, NULL, 0)) >>> + return ERR_PTR(-ENOMEM); >> >> I believe it is wrong to force a reservation here. > Is there any particular reason why you believe a reservation here would be wrong? > AFAICS, at the moment, we are not doing any region/subpool accounting before > our folio allocation and this gets flagged in the form of elevated resv_huge_pages > value (hugetlb_acct_memory() elevates it based on the return value of region_del()) > when hugetlb_unreserve_pages() eventually gets called. > >> Pages should have already been >> reserved at this point, eg by calls from hugetlbfs_file_mmap or hugetlb_file_setup. > hugetlb_file_setup() does not reserve any pages as it passes in VM_NORESERVE. > And, the case we are trying to address is exactly when hugetlbfs_file_mmap() does > not get called before pinning. But you must not break the case where hugetlbfs_file_mmap was called first, which reserves, then memfd_alloc_folio is called, which reserves again with your fix. Does that work correctly, or do the counts go bad? > So, when hugetlbfs_file_mmap() does eventually > get called, I don't see any problem if it calls hugetlb_reserve_pages() again for the > same range or overlapping ranges. Does that work correctly, or do the counts go bad? Please try those scenarios with your test program: mmap + memfd_alloc_folio, and memfd_alloc_folio + mmap. - Steve >> syzcaller has forced its way down this path without calling those pre-requisites, >> doing weird stuff as it should. > This issue is not very hard to reproduce. If we have free_huge_pages > 0 and > resv_huge_pages = 0, and then we call memfd_pin_folios() before mmap()/ > hugetlbfs_file_mmap() we can easily encounter this issue. Furthermore, we > should be able to allocate a folio in this scenario (as available_huge_pages > 0), > which we would not be able to do if we don't call hugetlb_reserve_pages(). > Note that hugetlb_reserve_pages() actually elevates resv_huge_pages in > this case and kind of gives a go-ahead for the allocation. > > I have used a slightly modified udmabuf selftest to reproduce this issue which > I'll send out as part of v2. > > Thanks, > Vivek > >> >> To fix, I suggest you simply fix alloc_hugetlb_folio_reserve as above. >> >> - Steve >> >>> + >>> folio = alloc_hugetlb_folio_reserve(h, >>> numa_node_id(), >>> NULL, >>> @@ -100,6 +104,7 @@ struct folio *memfd_alloc_folio(struct file *memfd, >> pgoff_t idx) >>> folio_unlock(folio); >>> return folio; >>> } >>> + hugetlb_unreserve_pages(file_inode(memfd), idx, idx + 1, 1); >>> return ERR_PTR(-ENOMEM); >>> } >>> #endif >