On 21.04.22 15:51, Miaohe Lin wrote:
> When trying to offline pages, HWPoisoned hugepage is migrated without
> checking PageHWPoison first. So corrupted data could be consumed. Fix
> it by deferring isolate_huge_page until PageHWPoison is handled.
>
CCing Oscar, Mike and Naoya
> Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
> ---
> mm/memory_hotplug.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c
> index 4c6065e5d274..093f85ec5c5c 100644
> --- a/mm/memory_hotplug.c
> +++ b/mm/memory_hotplug.c
> @@ -1600,11 +1600,9 @@ do_migrate_range(unsigned long start_pfn, unsigned long end_pfn)
> folio = page_folio(page);
> head = &folio->page;
>
> - if (PageHuge(page)) {
> + if (PageHuge(page))
> pfn = page_to_pfn(head) + compound_nr(head) - 1;
> - isolate_huge_page(head, &source);
> - continue;
> - } else if (PageTransHuge(page))
> + else if (PageTransHuge(page))
> pfn = page_to_pfn(head) + thp_nr_pages(page) - 1;
>
> /*
> @@ -1622,6 +1620,11 @@ do_migrate_range(unsigned long start_pfn, unsigned long end_pfn)
> continue;
> }
>
> + if (PageHuge(page)) {
> + isolate_huge_page(head, &source);
> + continue;
> + }
> +
> if (!get_page_unless_zero(page))
> continue;
> /*
The problem statement makes sense to me but I am not sure about the
details if we run into the "PageHWPoison" path with a huge page. I have
the gut feeling that we have to do more for huge pages in the
PageHWPoison() path, because we might be dealing with a free huge page
after unmap succeeds. I might be wrong.
--
Thanks,
David / dhildenb
