@@ -767,6 +767,9 @@ copy_nonpresent_pte(struct mm_struct *dst_mm, struct mm_struct *src_mm,
pte = pte_swp_mkuffd_wp(pte);
set_pte_at(src_mm, addr, src_pte, pte);
}
+ } else if (is_hwpoison_entry(entry)) {
+ page = hwpoison_entry_to_page(entry);
+ get_page(page);
}
set_pte_at(dst_mm, addr, dst_pte, pte);
return 0;
@@ -1305,6 +1308,9 @@ static unsigned long zap_pte_range(struct mmu_gather *tlb,
page = migration_entry_to_page(entry);
rss[mm_counter(page)]--;
+
+ } else if (is_hwpoison_entry(entry)) {
+ put_page(hwpoison_entry_to_page(entry));
}
if (unlikely(!free_swap_and_cache(entry)))
print_bad_pte(vma, addr, ptent, NULL);
@@ -1575,7 +1575,7 @@ static bool try_to_unmap_one(struct page *page, struct vm_area_struct *vma,
dec_mm_counter(mm, mm_counter(page));
set_pte_at(mm, address, pvmw.pte, pteval);
}
-
+ get_page(page);
} else if (pte_unused(pteval) && !userfaultfd_armed(vma)) {
/*
* The guest indicated that the page content is of no
On migration we drop referece to a page once PTE gets replaced with a migration entry. Migration code keeps the last reference on the page that gets dropped once migration is complete. We do the same for hwpoison entries, but it doesn't work: nobody keeps the reference once page is remapped with hwpoison entries. Keep page referenced on setting up hwpoison entries, copy the reference on fork() and return on zap(). Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> --- mm/memory.c | 6 ++++++ mm/rmap.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-)