From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 438CD221DA7; Tue, 29 Apr 2025 17:19:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1745947145; cv=none; b=g8g+8iYDyxTMn2uAf86w8EYIZuk1xkl+ae5aubSaM+VVxHiqGABcsOc9vjzgkg3iszil7TmHXugPZJn/TybePRH8r5/lOu4rsWB8G9RwkWEK7PYPPabAvqlkxV7wKBEhndKs9JwN3MxU4EH7TFNJkztgs7G9tywXU1npP9jm5Ws= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1745947145; c=relaxed/simple; bh=b28HevihXxFILrS3HBBIr7AWk4RPpAO6kA4ZsaQh4AQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=cnzIYnbwXp3GkNQ8Lhi+3Grp6iS/0lb+7e5UwRu7gQ8kXclmeEflfFn1Nk/WOnj6SWs9c2r9GwOHxveUHNBbBjRpcN3Wsv+r64EJo5WbhqpAzkz/9/lzSMAVjCI8Ao5bIyxI5SF39KVhbibEr/dRe3EvxiX7drQxj6vt0JXhhzo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=p4ijzq4X; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="p4ijzq4X" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A521CC4CEE3; Tue, 29 Apr 2025 17:19:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1745947145; bh=b28HevihXxFILrS3HBBIr7AWk4RPpAO6kA4ZsaQh4AQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=p4ijzq4XI4luzSHd4HVf0muN5HYzP6N/hD5ofhNSzOTZ4mE4PpPIeiA3Rx7GYc154 rzad6ztNE6DKEAR2A6laxrVGghuICD6ZBOaz1HB9iB+idMg+Ef53dGKJHOOTnpJ3l8 F1O/pX3CnobPlrpjrfOj0ljQdKYTKyfpvtDOUpck= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Miaohe Lin , David Hildenbrand , Dan Williams , Alistair Popple , Andrew Morton , Linus Torvalds , Sasha Levin , David Sauerwein Subject: [PATCH 5.10 186/286] kernel/resource: fix kfree() of bootmem memory again Date: Tue, 29 Apr 2025 18:41:30 +0200 Message-ID: <20250429161115.622333440@linuxfoundation.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250429161107.848008295@linuxfoundation.org> References: <20250429161107.848008295@linuxfoundation.org> User-Agent: quilt/0.68 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 5.10-stable review patch. If anyone has any objections, please let me know. ------------------ From: Miaohe Lin commit 0cbcc92917c5de80f15c24d033566539ad696892 upstream. Since commit ebff7d8f270d ("mem hotunplug: fix kfree() of bootmem memory"), we could get a resource allocated during boot via alloc_resource(). And it's required to release the resource using free_resource(). Howerver, many people use kfree directly which will result in kernel BUG. In order to fix this without fixing every call site, just leak a couple of bytes in such corner case. Link: https://lkml.kernel.org/r/20220217083619.19305-1-linmiaohe@huawei.com Fixes: ebff7d8f270d ("mem hotunplug: fix kfree() of bootmem memory") Signed-off-by: Miaohe Lin Suggested-by: David Hildenbrand Cc: Dan Williams Cc: Alistair Popple Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin Signed-off-by: David Sauerwein Signed-off-by: Greg Kroah-Hartman --- kernel/resource.c | 41 ++++++++--------------------------------- 1 file changed, 8 insertions(+), 33 deletions(-) --- a/kernel/resource.c +++ b/kernel/resource.c @@ -53,14 +53,6 @@ struct resource_constraint { static DEFINE_RWLOCK(resource_lock); -/* - * For memory hotplug, there is no way to free resource entries allocated - * by boot mem after the system is up. So for reusing the resource entry - * we need to remember the resource. - */ -static struct resource *bootmem_resource_free; -static DEFINE_SPINLOCK(bootmem_resource_lock); - static struct resource *next_resource(struct resource *p, bool sibling_only) { /* Caller wants to traverse through siblings only */ @@ -149,36 +141,19 @@ __initcall(ioresources_init); static void free_resource(struct resource *res) { - if (!res) - return; - - if (!PageSlab(virt_to_head_page(res))) { - spin_lock(&bootmem_resource_lock); - res->sibling = bootmem_resource_free; - bootmem_resource_free = res; - spin_unlock(&bootmem_resource_lock); - } else { + /** + * If the resource was allocated using memblock early during boot + * we'll leak it here: we can only return full pages back to the + * buddy and trying to be smart and reusing them eventually in + * alloc_resource() overcomplicates resource handling. + */ + if (res && PageSlab(virt_to_head_page(res))) kfree(res); - } } static struct resource *alloc_resource(gfp_t flags) { - struct resource *res = NULL; - - spin_lock(&bootmem_resource_lock); - if (bootmem_resource_free) { - res = bootmem_resource_free; - bootmem_resource_free = res->sibling; - } - spin_unlock(&bootmem_resource_lock); - - if (res) - memset(res, 0, sizeof(struct resource)); - else - res = kzalloc(sizeof(struct resource), flags); - - return res; + return kzalloc(sizeof(struct resource), flags); } /* Return the conflict entry if you can't request it */