]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 8ddf82a) | patch
mm/hugetlb: fix huge page reservation leak in private mapping error paths
authorMike Kravetz <mike.kravetz@oracle.com>
Thu, 10 Nov 2016 18:46:32 +0000 (10:46 -0800)
committerDhaval Giani <dhaval.giani@oracle.com>
Fri, 20 Jan 2017 18:55:45 +0000 (13:55 -0500)
commita19887bba918a8dbb0709379e2ad4108aff3fd4c
tree17427ea854b99e0417d1d1dc20666faa65ea4b25tree
parent8ddf82a9064647ead30fd0e211109eec2eb6d862commit | diff
mm/hugetlb: fix huge page reservation leak in private mapping error paths

Orabug: 21685254

Error paths in hugetlb_cow() and hugetlb_no_page() may free a newly
allocated huge page.

If a reservation was associated with the huge page, alloc_huge_page()
consumed the reservation while allocating.  When the newly allocated
page is freed in free_huge_page(), it will increment the global
reservation count.  However, the reservation entry in the reserve map
will remain.

This is not an issue for shared mappings as the entry in the reserve map
indicates a reservation exists.  But, an entry in a private mapping
reserve map indicates the reservation was consumed and no longer exists.
This results in an inconsistency between the reserve map and the global
reservation count.  This 'leaks' a reserved huge page.

Create a new routine restore_reserve_on_error() to restore the reserve
entry in these specific error paths.  This routine makes use of a new
function vma_add_reservation() which will add a reserve entry for a
specific address/page.

In general, these error paths were rarely (if ever) taken on most
architectures.  However, powerpc contained arch specific code that that
resulted in an extra fault and execution of these error paths on all
private mappings.

Fixes: 67961f9db8c4 ("mm/hugetlb: fix huge page reserve accounting for private mappings)
Link: http://lkml.kernel.org/r/1476933077-23091-2-git-send-email-mike.kravetz@oracle.com
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
Reported-by: Jan Stancek <jstancek@redhat.com>
Tested-by: Jan Stancek <jstancek@redhat.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Acked-by: Hillf Danton <hillf.zj@alibaba-inc.com>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Kirill A . Shutemov <kirill.shutemov@linux.intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 96b96a96ddee4ba08ce4aeb8a558a3271fd4a7a7)
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
Reviewed-by: Nitin Gupta <nitin.m.gupta@oracle.com>
Conflicts:
mm/hugetlb.c

Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>
mm/hugetlb.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.