The quilt patch titled
Subject: mm: initialize zeromap to NULL at swapon and set it to NULL at swapoff
has been removed from the -mm tree. Its filename was
mm-initialize-zeromap-to-null-at-swapon-and-set-it-to-null-at-swapoff.patch
This patch was dropped because an updated version will be issued
------------------------------------------------------
From: Usama Arif <usamaarif642@xxxxxxxxx>
Subject: mm: initialize zeromap to NULL at swapon and set it to NULL at swapoff
Date: Wed Jul 10 11:21:56 2024 +0100
If swapon fails before zeromap is initialized, kvfree should operate on a
NULL pointer.
Link: https://lkml.kernel.org/r/053bd429-ae19-4beb-a733-a7a838b1e010@xxxxxxxxx
Fixes: 127f851ba92f ("mm: store zero pages to be swapped out in a bitmap")
Signed-off-by: Usama Arif <usamaarif642@xxxxxxxxx>
Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
Closes: https://lore.kernel.org/oe-lkp/202407101031.c6c3c651-lkp@xxxxxxxxx
Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Cc: Chengming Zhou <chengming.zhou@xxxxxxxxx>
Cc: David Hildenbrand <david@xxxxxxxxxx>
Cc: Huang Ying <ying.huang@xxxxxxxxx>
Cc: Hugh Dickins <hughd@xxxxxxxxxx>
Cc: Johannes Weiner <hannes@xxxxxxxxxxx>
Cc: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
Cc: Nhat Pham <nphamcs@xxxxxxxxx>
Cc: Shakeel Butt <shakeel.butt@xxxxxxxxx>
Cc: Yosry Ahmed <yosryahmed@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
mm/swapfile.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
--- a/mm/swapfile.c~mm-initialize-zeromap-to-null-at-swapon-and-set-it-to-null-at-swapoff
+++ a/mm/swapfile.c
@@ -2524,6 +2524,7 @@ SYSCALL_DEFINE1(swapoff, const char __us
struct address_space *mapping;
struct inode *inode;
struct filename *pathname;
+ unsigned long *zeromap;
int err, found = 0;
if (!capable(CAP_SYS_ADMIN))
@@ -2641,6 +2642,8 @@ SYSCALL_DEFINE1(swapoff, const char __us
p->max = 0;
swap_map = p->swap_map;
p->swap_map = NULL;
+ zeromap = p->zeromap;
+ p->zeromap = NULL;
cluster_info = p->cluster_info;
p->cluster_info = NULL;
spin_unlock(&p->lock);
@@ -2653,7 +2656,7 @@ SYSCALL_DEFINE1(swapoff, const char __us
free_percpu(p->cluster_next_cpu);
p->cluster_next_cpu = NULL;
vfree(swap_map);
- kvfree(p->zeromap);
+ kvfree(zeromap);
kvfree(cluster_info);
/* Destroy swap account information */
swap_cgroup_swapoff(p->type);
@@ -3105,6 +3108,7 @@ SYSCALL_DEFINE2(swapon, const char __use
struct page *page = NULL;
struct inode *inode = NULL;
bool inced_nr_rotate_swap = false;
+ unsigned long *zeromap = NULL;
if (swap_flags & ~SWAP_FLAGS_VALID)
return -EINVAL;
@@ -3181,15 +3185,16 @@ SYSCALL_DEFINE2(swapon, const char __use
}
/*
- * Use kvmalloc_array instead of bitmap_zalloc as the allocation order might
- * be above MAX_PAGE_ORDER incase of a large swap file.
+ * Use kvmalloc_array instead of bitmap_zalloc as the allocation order
+ * might be above MAX_PAGE_ORDER incase of a large swap file.
*/
- p->zeromap = kvmalloc_array(BITS_TO_LONGS(maxpages), sizeof(long),
- GFP_KERNEL | __GFP_ZERO);
- if (!p->zeromap) {
+ zeromap = kvmalloc_array(BITS_TO_LONGS(maxpages), sizeof(long),
+ GFP_KERNEL | __GFP_ZERO);
+ if (!zeromap) {
error = -ENOMEM;
goto bad_swap_unlock_inode;
}
+ p->zeromap = zeromap;
if (p->bdev && bdev_stable_writes(p->bdev))
p->flags |= SWP_STABLE_WRITES;
@@ -3345,7 +3350,7 @@ bad_swap:
p->flags = 0;
spin_unlock(&swap_lock);
vfree(swap_map);
- kvfree(p->zeromap);
+ kvfree(zeromap);
kvfree(cluster_info);
if (inced_nr_rotate_swap)
atomic_dec(&nr_rotate_swap);
_
Patches currently in -mm which might be from usamaarif642@xxxxxxxxx are
