Commit 0e81922d authored May 25, 2024 by Zi Yan Committed by Kefeng Wang May 25, 2024

mm/huge_memory: skip invalid debugfs new_order input for folio split

mainline inclusion
from mainline-v6.9-rc1
commit 2394aef616cf38fbf2e797c6845ccd35d76ce256
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I9S4Z4
CVE: NA

-------------------------------------------------

User can put arbitrary new_order via debugfs for folio split test.
Although new_order check is added to split_huge_page_to_list_order() in
the prior commit, these two additional checks can avoid unnecessary folio
locking and split_folio_to_order() calls.

Link: https://lkml.kernel.org/r/20240307181854.138928-2-zi.yan@sent.com


Signed-off-by: Zi Yan <ziy@nvidia.com>
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/linux-mm/7dda9283-b437-4cf8-ab0d-83c330deb9c0@moroto.mountain/


Cc: David Hildenbrand <david@redhat.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Yang Shi <shy828301@gmail.com>
Cc: Yu Zhao <yuzhao@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 2394aef616cf38fbf2e797c6845ccd35d76ce256)
Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com>

parent 451f5528

mm/huge_memory.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -3604,6 +3604,9 @@ static int split_huge_pages_pid(int pid, unsigned long vaddr_start,
		if (!is_transparent_hugepage(folio))
		goto next;

		if (new_order >= folio_order(folio))
		goto next;

		total++;
		/*
		* For folios with private, split_huge_page_to_list_to_order()
		@@ -3671,6 +3674,9 @@ static int split_huge_pages_in_file(const char *file_path, pgoff_t off_start,
		total++;
		nr_pages = folio_nr_pages(folio);

		if (new_order >= folio_order(folio))
		goto next;

		if (!folio_trylock(folio))
		goto next;