On 11/27/2018 09:50 PM, Oscar Salvador wrote: > From: Oscar Salvador <osalvador@xxxxxxxx> > > This tries to address another issue about accessing > unitiliazed pages. > > Jonathan reported a problem [1] where we can access steal pages > in case we hot-remove memory without onlining it first. > > This time is in unregister_mem_sect_under_nodes. > This function tries to get the nid from the pfn and then > tries to remove the symlink between mem_blk <-> nid and vice versa. > > Since we already know the nid in remove_memory(), we can pass > it down the chain to unregister_mem_sect_under_nodes. > There we can just remove the symlinks without the need > to look into the pages. > > This also allows us to cleanup unregister_mem_sect_under_nodes. > > [1] https://www.spinics.net/lists/linux-mm/msg161316.html > > Signed-off-by: Oscar Salvador <osalvador@xxxxxxx> > Tested-by: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx> > --- > drivers/base/memory.c | 9 ++++----- > drivers/base/node.c | 39 ++++++--------------------------------- > include/linux/memory.h | 2 +- > include/linux/node.h | 9 ++++----- > mm/memory_hotplug.c | 2 +- > 5 files changed, 16 insertions(+), 45 deletions(-) > > diff --git a/drivers/base/memory.c b/drivers/base/memory.c > index 0e5985682642..3d8c65d84bea 100644 > --- a/drivers/base/memory.c > +++ b/drivers/base/memory.c > @@ -744,8 +744,7 @@ unregister_memory(struct memory_block *memory) > device_unregister(&memory->dev); > } > > -static int remove_memory_section(unsigned long node_id, > - struct mem_section *section, int phys_device) > +static int remove_memory_section(unsigned long nid, struct mem_section *section) > { > struct memory_block *mem; > > @@ -759,7 +758,7 @@ static int remove_memory_section(unsigned long node_id, > if (!mem) > goto out_unlock; > > - unregister_mem_sect_under_nodes(mem, __section_nr(section)); > + unregister_mem_sect_under_nodes(nid, mem); > > mem->section_count--; > if (mem->section_count == 0) > @@ -772,12 +771,12 @@ static int remove_memory_section(unsigned long node_id, > return 0; > } > > -int unregister_memory_section(struct mem_section *section) > +int unregister_memory_section(int nid, struct mem_section *section) > { > if (!present_section(section)) > return -EINVAL; > > - return remove_memory_section(0, section, 0); > + return remove_memory_section(nid, section); > } > #endif /* CONFIG_MEMORY_HOTREMOVE */ > > diff --git a/drivers/base/node.c b/drivers/base/node.c > index 86d6cd92ce3d..0858f7f3c7cd 100644 > --- a/drivers/base/node.c > +++ b/drivers/base/node.c > @@ -453,40 +453,13 @@ int register_mem_sect_under_node(struct memory_block *mem_blk, void *arg) > return 0; > } > > -/* unregister memory section under all nodes that it spans */ > -int unregister_mem_sect_under_nodes(struct memory_block *mem_blk, > - unsigned long phys_index) > +/* Remove symlink between node <-> mem_blk */ > +void unregister_mem_sect_under_nodes(int nid, struct memory_block *mem_blk) > { > - NODEMASK_ALLOC(nodemask_t, unlinked_nodes, GFP_KERNEL); > - unsigned long pfn, sect_start_pfn, sect_end_pfn; > - > - if (!mem_blk) { > - NODEMASK_FREE(unlinked_nodes); > - return -EFAULT; > - } > - if (!unlinked_nodes) > - return -ENOMEM; > - nodes_clear(*unlinked_nodes); > - > - sect_start_pfn = section_nr_to_pfn(phys_index); > - sect_end_pfn = sect_start_pfn + PAGES_PER_SECTION - 1; > - for (pfn = sect_start_pfn; pfn <= sect_end_pfn; pfn++) { > - int nid; > - > - nid = get_nid_for_pfn(pfn); > - if (nid < 0) > - continue; > - if (!node_online(nid)) > - continue; > - if (node_test_and_set(nid, *unlinked_nodes)) > - continue; > - sysfs_remove_link(&node_devices[nid]->dev.kobj, > - kobject_name(&mem_blk->dev.kobj)); > - sysfs_remove_link(&mem_blk->dev.kobj, > - kobject_name(&node_devices[nid]->dev.kobj)); > - } > - NODEMASK_FREE(unlinked_nodes); > - return 0; > + sysfs_remove_link(&node_devices[nid]->dev.kobj, > + kobject_name(&mem_blk->dev.kobj)); > + sysfs_remove_link(&mem_blk->dev.kobj, > + kobject_name(&node_devices[nid]->dev.kobj)); Hello Oscar, Passing down node ID till unregister_mem_sect_under_nodes() solves the problem of querying struct page for nid but the current code assumes that the pfn range for any given memory section can have different node IDs. Hence it scans over the section and try to remove all possible node <---> memory block sysfs links. I am just wondering is that assumption even correct ? Can we really have a memory section which belongs to different nodes ? Is that even possible. - Anshuman
