Message ID | alpine.LSU.2.11.2106011409390.2148@eggly.anvils (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | mm/thp: fix THP splitting unmap BUGs and related | expand |
On Tue, Jun 01, 2021 at 02:11:22PM -0700, Hugh Dickins wrote: > From: Jue Wang <juew@google.com> > > Anon THP tails were already supported, but memory-failure may need to use > page_address_in_vma() on file THP tails, which its page->mapping check did > not permit: fix it. > > hughd adds: no current usage is known to hit the issue, but this does fix > a subtle trap in a general helper: best fixed in stable sooner than later. > > Fixes: 800d8c63b2e9 ("shmem: add huge pages support") > Signed-off-by: Jue Wang <juew@google.com> > Signed-off-by: Hugh Dickins <hughd@google.com> > Cc: <stable@vger.kernel.org> Reviewed-by: Matthew Wilcox (Oracle) <willy@infradead.org>
On Tue, Jun 1, 2021 at 2:11 PM Hugh Dickins <hughd@google.com> wrote: > > From: Jue Wang <juew@google.com> > > Anon THP tails were already supported, but memory-failure may need to use > page_address_in_vma() on file THP tails, which its page->mapping check did > not permit: fix it. > > hughd adds: no current usage is known to hit the issue, but this does fix > a subtle trap in a general helper: best fixed in stable sooner than later. > > Fixes: 800d8c63b2e9 ("shmem: add huge pages support") > Signed-off-by: Jue Wang <juew@google.com> > Signed-off-by: Hugh Dickins <hughd@google.com> > Cc: <stable@vger.kernel.org> Reviewed-by: Yang Shi <shy828301@gmail.com> > --- > mm/rmap.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/mm/rmap.c b/mm/rmap.c > index 144de54efc1c..e05c300048e6 100644 > --- a/mm/rmap.c > +++ b/mm/rmap.c > @@ -716,11 +716,11 @@ unsigned long page_address_in_vma(struct page *page, struct vm_area_struct *vma) > if (!vma->anon_vma || !page__anon_vma || > vma->anon_vma->root != page__anon_vma->root) > return -EFAULT; > - } else if (page->mapping) { > - if (!vma->vm_file || vma->vm_file->f_mapping != page->mapping) > - return -EFAULT; > - } else > + } else if (!vma->vm_file) { > + return -EFAULT; > + } else if (vma->vm_file->f_mapping != compound_head(page)->mapping) { > return -EFAULT; > + } > > return vma_address(page, vma); > } > -- > 2.32.0.rc0.204.g9fa02ecfa5-goog > >
On Tue, Jun 01, 2021 at 02:11:22PM -0700, Hugh Dickins wrote: > From: Jue Wang <juew@google.com> > > Anon THP tails were already supported, but memory-failure may need to use > page_address_in_vma() on file THP tails, which its page->mapping check did > not permit: fix it. > > hughd adds: no current usage is known to hit the issue, but this does fix > a subtle trap in a general helper: best fixed in stable sooner than later. > > Fixes: 800d8c63b2e9 ("shmem: add huge pages support") > Signed-off-by: Jue Wang <juew@google.com> > Signed-off-by: Hugh Dickins <hughd@google.com> > Cc: <stable@vger.kernel.org> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
diff --git a/mm/rmap.c b/mm/rmap.c index 144de54efc1c..e05c300048e6 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -716,11 +716,11 @@ unsigned long page_address_in_vma(struct page *page, struct vm_area_struct *vma) if (!vma->anon_vma || !page__anon_vma || vma->anon_vma->root != page__anon_vma->root) return -EFAULT; - } else if (page->mapping) { - if (!vma->vm_file || vma->vm_file->f_mapping != page->mapping) - return -EFAULT; - } else + } else if (!vma->vm_file) { + return -EFAULT; + } else if (vma->vm_file->f_mapping != compound_head(page)->mapping) { return -EFAULT; + } return vma_address(page, vma); }