On 13 Sep 2023, at 16:12, Zi Yan wrote:
> From: Zi Yan <ziy@xxxxxxxxxx>
>
> When dealing with hugetlb pages, manipulating struct page pointers
> directly can get to wrong struct page, since struct page is not guaranteed
> to be contiguous on SPARSEMEM without VMEMMAP. Use nth_page() to handle
> it properly.
>
> Fixes: 57a196a58421 ("hugetlb: simplify hugetlb handling in follow_page_mask")
> Cc: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Zi Yan <ziy@xxxxxxxxxx>
> Reviewed-by: Muchun Song <songmuchun@xxxxxxxxxxxxx>
> ---
> mm/hugetlb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> index af74e83d92aa..8e68e6c53e66 100644
> --- a/mm/hugetlb.c
> +++ b/mm/hugetlb.c
> @@ -6469,7 +6469,7 @@ struct page *hugetlb_follow_page_mask(struct vm_area_struct *vma,
> }
> }
>
> - page += ((address & ~huge_page_mask(h)) >> PAGE_SHIFT);
> + page = nth_page(page, ((address & ~huge_page_mask(h)) >> PAGE_SHIFT));
>
> /*
> * Note that page may be a sub-page, and with vmemmap
> --
> 2.40.1
A wrong or non-existing page might be tried to be grabbed, either leading to
a non freeable page or kernel memory access errors. No bug is reported.
It comes from code inspection.
--
Best Regards,
Yan, Zi
Attachment:
signature.asc
Description: OpenPGP digital signature
