Skip to content
Snippets Groups Projects
Select Git revision
  • objtool
  • master default protected
  • v5.9
  • v5.9-rc8
  • v5.9-rc7
  • v5.9-rc6
  • v5.9-rc5
  • v5.9-rc4
  • v5.9-rc3
  • v5.9-rc2
  • v5.9-rc1
  • v5.8
  • v5.8-rc7
  • v5.8-rc6
  • v5.8-rc5
  • v5.8-rc4
  • v5.8-rc3
  • v5.8-rc2
  • v5.8-rc1
  • v5.7
  • v5.7-rc7
  • v5.7-rc6
22 results

lib

  • Clone with SSH
  • Clone with HTTPS
    • user avatar
    mm/page_alloc.c: fix freeing non-compound pages
    Matthew Wilcox (Oracle) authored 
    Here is a very rare race which leaks memory:

Page P0 is allocated to the page cache.  Page P1 is free.

Thread A                Thread B                Thread C
find_get_entry():
xas_load() returns P0
						Removes P0 from page cache
						P0 finds its buddy P1
			alloc_pages(GFP_KERNEL, 1) returns P0
			P0 has refcount 1
page_cache_get_speculative(P0)
P0 has refcount 2
			__free_pages(P0)
			P0 has refcount 1
put_page(P0)
P1 is not freed

Fix this by freeing all the pages in __free_pages() that won't be freed
by the call to put_page().  It's usually not a good idea to split a page,
but this is a very unlikely scenario.

Fixes: e286781d ("mm: speculative page references")
Signed-off-by: default avatarMatthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Acked-by: default avatarMike Rapoport <rppt@linux.ibm.com>
Cc: Nick Piggin <npiggin@gmail.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20200926213919.26642-1-willy@infradead.org


Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    e320d301
    History
    user avatar e320d301
    History
    Name Last commit Last update
    ..
    842
    crypto
    dim
    fonts
    kunit
    livepatch
    lz4
    lzo
    math
    mpi
    pldmfw
    raid6
    reed_solomon
    vdso
    xz
    zlib_deflate
    zlib_dfltcc
    zlib_inflate
    zstd
    .gitignore
    Kconfig
    Kconfig.debug
    Kconfig.kasan
    Kconfig.kcsan
    Kconfig.kgdb
    Kconfig.ubsan
    Makefile
    argv_split.c
    ashldi3.c
    ashrdi3.c
    asn1_decoder.c
    assoc_array.c
    atomic64.c
    atomic64_test.c
    audit.c
    bcd.c
    bch.c
    bitmap.c
    bitrev.c
    bootconfig.c
    bsearch.c
    btree.c
    bucket_locks.c
    bug.c
    build_OID_registry
    bust_spinlocks.c
    check_signature.c
    checksum.c
    clz_ctz.c
    clz_tab.c
    cmdline.c
    cmpdi2.c
    compat_audit.c
    cpu_rmap.c
    cpumask.c
    crc-ccitt.c
    crc-itu-t.c
    crc-t10dif.c
    crc16.c
    crc32.c
    crc32defs.h
    crc32test.c
    crc4.c
    crc64.c
    crc7.c
    crc8.c
    ctype.c
    debug_info.c
    debug_locks.c
    debugobjects.c
    dec_and_lock.c
    decompress.c
    decompress_bunzip2.c
    decompress_inflate.c
    decompress_unlz4.c
    decompress_unlzma.c
    decompress_unlzo.c
    decompress_unxz.c
    decompress_unzstd.c
    devres.c
    digsig.c
    dump_stack.c
    dynamic_debug.c
    dynamic_queue_limits.c
    earlycpio.c
    errname.c
    error-inject.c
    errseq.c
    extable.c
    fault-inject.c
    fdt.c
    fdt_addresses.c
    fdt_empty_tree.c
    fdt_ro.c
    fdt_rw.c
    fdt_strerror.c
    fdt_sw.c
    fdt_wip.c
    find_bit.c
    find_bit_benchmark.c