From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0677DC433E0 for ; Fri, 26 Feb 2021 01:18:14 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 837B064EE1 for ; Fri, 26 Feb 2021 01:18:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 837B064EE1 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 168026B0078; Thu, 25 Feb 2021 20:18:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 119988D0009; Thu, 25 Feb 2021 20:18:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 02E568D0003; Thu, 25 Feb 2021 20:18:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0152.hostedemail.com [216.40.44.152]) by kanga.kvack.org (Postfix) with ESMTP id E32846B0078 for ; Thu, 25 Feb 2021 20:18:12 -0500 (EST) Received: from smtpin17.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id ADBCBD215 for ; Fri, 26 Feb 2021 01:18:12 +0000 (UTC) X-FDA: 77858658024.17.A728B60 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf13.hostedemail.com (Postfix) with ESMTP id B706CE0011C5 for ; Fri, 26 Feb 2021 01:18:09 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 64F1A64F13; Fri, 26 Feb 2021 01:18:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1614302291; bh=GRz/YDUGpemyDjkFpfiVFZidIphaGUxJBjg6+Wjonhw=; h=Date:From:To:Subject:In-Reply-To:From; b=LgsI/MbdEYVnoVaWCWPOLAzYhklnRYMywZojkF7CfaK1ruR7gths5pxrdmN89pR4x hH9qpjjT61UfIwlX80Zm8klVZ/kwTEGrmKhl3X9aS7HykBr7aehxxq+spcqTXrwLE8 Llt1zAPagqGc1hIjZnOHylrI7Vo63HK+MhqWZ2es= Date: Thu, 25 Feb 2021 17:18:09 -0800 From: Andrew Morton To: 0x7f454c46@gmail.com, akpm@linux-foundation.org, bgeffon@google.com, hannes@cmpxchg.org, keescook@chromium.org, kirill.shutemov@linux.intel.com, linmiaohe@huawei.com, linux-mm@kvack.org, louhongxiang@huawei.com, mike.kravetz@oracle.com, mm-commits@vger.kernel.org, natechancellor@gmail.com, ndesaulniers@google.com, richard.weiyang@linux.alibaba.com, sedat.dilek@gmail.com, shakeelb@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, walken@google.com Subject: [patch 045/118] mm/rmap: fix potential pte_unmap on an not mapped pte Message-ID: <20210226011809.ybM2-WPA7%akpm@linux-foundation.org> In-Reply-To: <20210225171452.713967e96554bb6a53e44a19@linux-foundation.org> User-Agent: s-nail v14.8.16 X-Stat-Signature: wqr5d7jdiuu8bmapd58n4n6zoubpo8d8 X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: B706CE0011C5 Received-SPF: none (linux-foundation.org>: No applicable sender policy available) receiver=imf13; identity=mailfrom; envelope-from=""; helo=mail.kernel.org; client-ip=198.145.29.99 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1614302289-46916 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Miaohe Lin Subject: mm/rmap: fix potential pte_unmap on an not mapped pte For PMD-mapped page (usually THP), pvmw->pte is NULL. For PTE-mapped THP, pvmw->pte is mapped. But for HugeTLB pages, pvmw->pte is not mapped and set to the relevant page table entry. So in page_vma_mapped_walk_done(), we may do pte_unmap() for HugeTLB pte which is not mapped. Fix this by checking pvmw->page against PageHuge before trying to do pte_unmap(). Link: https://lkml.kernel.org/r/20210127093349.39081-1-linmiaohe@huawei.com Fixes: ace71a19cec5 ("mm: introduce page_vma_mapped_walk()") Signed-off-by: Hongxiang Lou Signed-off-by: Miaohe Lin Tested-by: Sedat Dilek Cc: Kees Cook Cc: Nathan Chancellor Cc: Mike Kravetz Cc: Shakeel Butt Cc: Johannes Weiner Cc: Vlastimil Babka Cc: Michel Lespinasse Cc: Nick Desaulniers Cc: "Kirill A. Shutemov" Cc: Wei Yang Cc: Dmitry Safonov <0x7f454c46@gmail.com> Cc: Brian Geffon Signed-off-by: Andrew Morton --- include/linux/rmap.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/include/linux/rmap.h~mm-rmap-fix-potential-pte_unmap-on-an-not-mapped-pte +++ a/include/linux/rmap.h @@ -213,7 +213,8 @@ struct page_vma_mapped_walk { static inline void page_vma_mapped_walk_done(struct page_vma_mapped_walk *pvmw) { - if (pvmw->pte) + /* HugeTLB pte is set to the relevant page table entry without pte_mapped. */ + if (pvmw->pte && !PageHuge(pvmw->page)) pte_unmap(pvmw->pte); if (pvmw->ptl) spin_unlock(pvmw->ptl); _