The patch titled
Subject: mm/hugetlb: guard dequeue_hugetlb_folio_nodemask against NUMA_NO_NODE uses
has been added to the -mm mm-unstable branch. Its filename is
mm-hugetlb-guard-dequeue_hugetlb_folio_nodemask-against-numa_no_node-uses.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patches/mm-hugetlb-guard-dequeue_hugetlb_folio_nodemask-against-numa_no_node-uses.patch
This patch will later appear in the mm-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Oscar Salvador <osalvador@xxxxxxx>
Subject: mm/hugetlb: guard dequeue_hugetlb_folio_nodemask against NUMA_NO_NODE uses
Date: Wed, 12 Jun 2024 10:29:36 +0200
dequeue_hugetlb_folio_nodemask() expects a preferred node where to get the
hugetlb page from. It does not expect, though, users to pass
NUMA_NO_NODE, otherwise we will get trash when trying to get the zonelist
from that node. All current users are careful enough to not pass
NUMA_NO_NODE, but it opens the door for new users to get this wrong since
it is not documented [0].
Guard against this by getting the local nid if NUMA_NO_NODE was passed.
[0] https://lore.kernel.org/linux-mm/0000000000004f12bb061a9acf07@xxxxxxxxxx/
Closes: https://lore.kernel.org/linux-mm/0000000000004f12bb061a9acf07@xxxxxxxxxx/
Link: https://lkml.kernel.org/r/20240612082936.10867-1-osalvador@xxxxxxx
Signed-off-by: Oscar Salvador <osalvador@xxxxxxx>
Reported-by: syzbot+569ed13f4054f271087b@xxxxxxxxxxxxxxxxxxxxxxxxx
Tested-by: syzbot+569ed13f4054f271087b@xxxxxxxxxxxxxxxxxxxxxxxxx
Reviewed-by: Muchun Song <muchun.song@xxxxxxxxx>
Acked-by: Vivek Kasireddy <vivek.kasireddy@xxxxxxxxx>
Cc: Oscar Salvador <osalvador@xxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
mm/hugetlb.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/mm/hugetlb.c~mm-hugetlb-guard-dequeue_hugetlb_folio_nodemask-against-numa_no_node-uses
+++ a/mm/hugetlb.c
@@ -1355,6 +1355,10 @@ static struct folio *dequeue_hugetlb_fol
struct zoneref *z;
int node = NUMA_NO_NODE;
+ /* 'nid' should not be NUMA_NO_NODE. Try to catch any misuse of it and rectifiy. */
+ if (nid == NUMA_NO_NODE)
+ nid = numa_node_id();
+
zonelist = node_zonelist(nid, gfp_mask);
retry_cpuset:
_
Patches currently in -mm which might be from osalvador@xxxxxxx are
mm-hugetlb-drop-node_alloc_noretry-from-alloc_fresh_hugetlb_folio.patch
arch-x86-do-not-explicitly-clear-reserved-flag-in-free_pagetable.patch
mm-hugetlb-guard-dequeue_hugetlb_folio_nodemask-against-numa_no_node-uses.patch
