All of lore.kernel.org
 help / color / mirror / Atom feed
From: "David Hildenbrand (Arm)" <david@kernel.org>
To: Usama Arif <usama.arif@linux.dev>,
	Andrew Morton <akpm@linux-foundation.org>,
	chrisl@kernel.org, kasong@tencent.com, ljs@kernel.org,
	ziy@nvidia.com, linux-mm@kvack.org
Cc: ying.huang@linux.alibaba.com, Baoquan He <baoquan.he@linux.dev>,
	willy@infradead.org, youngjun.park@lge.com, hannes@cmpxchg.org,
	riel@surriel.com, shakeel.butt@linux.dev, alex@ghiti.fr,
	kas@kernel.org, baohua@kernel.org, dev.jain@arm.com,
	baolin.wang@linux.alibaba.com, npache@redhat.com,
	"Liam R. Howlett" <liam@infradead.org>,
	ryan.roberts@arm.com, Vlastimil Babka <vbabka@kernel.org>,
	lance.yang@linux.dev, linux-kernel@vger.kernel.org,
	nphamcs@gmail.com, shikemeng@huaweicloud.com,
	kernel-team@meta.com
Subject: Re: [PATCH 5/6] mm/migrate_device: move softleaf_to_folio() inside device-private branch
Date: Wed, 1 Jul 2026 21:40:38 +0200	[thread overview]
Message-ID: <b7b026ea-2a1a-41d6-94b8-3fc215dc2d1d@kernel.org> (raw)
In-Reply-To: <20260630164143.1595669-6-usama.arif@linux.dev>

On 6/30/26 18:34, Usama Arif wrote:
> migrate_vma_collect_pmd() calls softleaf_to_folio() on a non-present
> PMD before checking the entry's type.  softleaf_to_folio() converts
> the entry's offset to a PFN, which is only meaningful for migration
> or device-private entries.
> 
> A PMD swap entry's offset is a swap offset, not a PFN, so the
> lookup would either return a bogus folio pointer or trip pfn_to_page
> validation on a debug kernel.  In the non-device-private path the
> returned folio is then unused (the OR short-circuits to
> migrate_vma_collect_skip()), but the lookup itself is already
> unsafe.
> 
> Move the softleaf_to_folio() call inside the device-private branch
> where the folio is actually needed, mirroring the equivalent
> change_non_present_huge_pmd() fix.
> 
> Reviewed-by: Zi Yan <ziy@nvidia.com>
> Signed-off-by: Usama Arif <usama.arif@linux.dev>
> ---
>  mm/migrate_device.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/mm/migrate_device.c b/mm/migrate_device.c
> index aa948db49501..36287e958b2a 100644
> --- a/mm/migrate_device.c
> +++ b/mm/migrate_device.c
> @@ -166,11 +166,14 @@ static int migrate_vma_collect_huge_pmd(pmd_t *pmdp, unsigned long start,
>  	} else if (!pmd_present(*pmdp)) {
>  		const softleaf_t entry = softleaf_from_pmd(*pmdp);
>  
> -		folio = softleaf_to_folio(entry);
> -
>  		if (!softleaf_is_device_private(entry) ||
> -			!(migrate->flags & MIGRATE_VMA_SELECT_DEVICE_PRIVATE) ||
> -			(folio->pgmap->owner != migrate->pgmap_owner)) {
> +		    !(migrate->flags & MIGRATE_VMA_SELECT_DEVICE_PRIVATE)) {
> +			spin_unlock(ptl);
> +			return migrate_vma_collect_skip(start, end, walk);
> +		}
> +
> +		folio = softleaf_to_folio(entry);
> +		if (folio->pgmap->owner != migrate->pgmap_owner) {
>  			spin_unlock(ptl);
>  			return migrate_vma_collect_skip(start, end, walk);
>  		}

LGTM

Acked-by: David Hildenbrand (Arm) <david@kernel.org>

-- 
Cheers,

David


  reply	other threads:[~2026-07-01 19:40 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-30 16:34 [PATCH 0/6] mm: preparatory patches for PMD level swap entries Usama Arif
2026-06-30 16:34 ` [PATCH 1/6] mm: add softleaf_to_pmd() and convert existing callers Usama Arif
2026-06-30 16:34 ` [PATCH 2/6] mm: extract mm_prepare_for_swap_entries() helper Usama Arif
2026-07-01 16:56   ` David Hildenbrand (Arm)
2026-06-30 16:34 ` [PATCH 3/6] fs/proc: use softleaf_has_pfn() in pagemap PMD walker Usama Arif
2026-06-30 16:34 ` [PATCH 4/6] mm/huge_memory: move softleaf_to_folio() inside migration branch Usama Arif
2026-06-30 16:34 ` [PATCH 5/6] mm/migrate_device: move softleaf_to_folio() inside device-private branch Usama Arif
2026-07-01 19:40   ` David Hildenbrand (Arm) [this message]
2026-06-30 16:34 ` [PATCH 6/6] mm: rename ARCH_ENABLE_THP_MIGRATION to ARCH_SUPPORTS_PMD_SOFTLEAF Usama Arif
2026-07-01 20:03   ` David Hildenbrand (Arm)
2026-07-01 20:39     ` Zi Yan
2026-07-01 20:50       ` David Hildenbrand (Arm)
2026-07-01 20:55         ` Zi Yan
2026-06-30 19:50 ` [PATCH 0/6] mm: preparatory patches for PMD level swap entries Andrew Morton
2026-07-01  8:04   ` Lorenzo Stoakes
2026-07-01 23:46     ` Andrew Morton
2026-07-01 10:44   ` Usama Arif
2026-07-01 14:09   ` Usama Arif
2026-07-01 20:04 ` David Hildenbrand (Arm)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b7b026ea-2a1a-41d6-94b8-3fc215dc2d1d@kernel.org \
    --to=david@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=alex@ghiti.fr \
    --cc=baohua@kernel.org \
    --cc=baolin.wang@linux.alibaba.com \
    --cc=baoquan.he@linux.dev \
    --cc=chrisl@kernel.org \
    --cc=dev.jain@arm.com \
    --cc=hannes@cmpxchg.org \
    --cc=kas@kernel.org \
    --cc=kasong@tencent.com \
    --cc=kernel-team@meta.com \
    --cc=lance.yang@linux.dev \
    --cc=liam@infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=ljs@kernel.org \
    --cc=npache@redhat.com \
    --cc=nphamcs@gmail.com \
    --cc=riel@surriel.com \
    --cc=ryan.roberts@arm.com \
    --cc=shakeel.butt@linux.dev \
    --cc=shikemeng@huaweicloud.com \
    --cc=usama.arif@linux.dev \
    --cc=vbabka@kernel.org \
    --cc=willy@infradead.org \
    --cc=ying.huang@linux.alibaba.com \
    --cc=youngjun.park@lge.com \
    --cc=ziy@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.