[v2,0/2] mm/gup: stop leaking pinned pages in low memory conditions

Message

John Hubbard Oct. 18, 2024, 1:17 a.m. UTC

Changes since v1 [1]:

1) Thanks to David Hildenbrand for this part: added a second patch to
fix the same issue (incomplete error handling for the return value from
check_and_migrate_movable_folios()), but this time in
memfd_pin_folios().

Please note that I am not set up to test memfd things, so at this point
all I can claim is that patch #2 doesn't prevent my test machine from
booting. :)

2) Fixed a typo in the comment, in the first patch.

3) Added review and ack tags.

[1] https://lore.kernel.org/20241016202242.456953-1-jhubbard@nvidia.com

Cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>
Cc: Alistair Popple <apopple@nvidia.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Dave Airlie <airlied@redhat.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: Dongwon Kim <dongwon.kim@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Gunthorpe <jgg@nvidia.com>
Cc: Junxiao Chang <junxiao.chang@intel.com>
Cc: Mike Kravetz <mike.kravetz@oracle.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Oscar Salvador <osalvador@suse.de>
Cc: Pasha Tatashin <pasha.tatashin@soleen.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Shigeru Yoshida <syoshida@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>

John Hubbard (2):
  mm/gup: stop leaking pinned pages in low memory conditions
  mm/gup: memfd: stop leaking pinned pages in low memory conditions

 mm/gup.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)


base-commit: 274995ffe748bbee39f1ca65c6a31a1800140b27

Comments

Andrew Morton Oct. 18, 2024, 10:13 p.m. UTC | #1

On Thu, 17 Oct 2024 18:17:09 -0700 John Hubbard <jhubbard@nvidia.com> wrote:

I added cc:stable to both of these.  Which might be inappropriate since
"patch #2 is not really required".

>   mm/gup: stop leaking pinned pages in low memory conditions

Fixes: 24a95998e9ba ("mm/gup.c: simplify and fix check_and_migrate_movable_pages() return codes")

In mainline since v6.1!

>   mm/gup: memfd: stop leaking pinned pages in low memory conditions

Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios")

Since v6.11.


So these are quite independent fixes.  Kernels 6.1.x ...  6.10.x will
have the first patch and not the second.  That's presumably an untested
combination, fingers crossed.

John Hubbard Oct. 18, 2024, 10:16 p.m. UTC | #2

On 10/18/24 3:13 PM, Andrew Morton wrote:
> On Thu, 17 Oct 2024 18:17:09 -0700 John Hubbard <jhubbard@nvidia.com> wrote:
> 
> I added cc:stable to both of these.  Which might be inappropriate since
> "patch #2 is not really required".

Right.

> 
>>    mm/gup: stop leaking pinned pages in low memory conditions
> 
> Fixes: 24a95998e9ba ("mm/gup.c: simplify and fix check_and_migrate_movable_pages() return codes")
> 
> In mainline since v6.1!
> 
>>    mm/gup: memfd: stop leaking pinned pages in low memory conditions
> 
> Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios")
> 
> Since v6.11.
> 
> 
> So these are quite independent fixes.  Kernels 6.1.x ...  6.10.x will
> have the first patch and not the second.  That's presumably an untested
> combination, fingers crossed.
> 

Probably fine.

> 

Ah, I'm actually about to send out v3 in a moment, which only has one patch,
whose diffs are just comment changes, plus David's latest suggestion:


  static long check_and_migrate_movable_pages(unsigned long nr_pages,
                                             struct page **pages)
@@ -2437,8 +2440,10 @@ static long check_and_migrate_movable_pages(unsigned long nr_pages,
         long i, ret;
  
         folios = kmalloc_array(nr_pages, sizeof(*folios), GFP_KERNEL);
-       if (!folios)
+       if (!folios) {
+               unpin_user_pages(pages, nr_pages);
                 return -ENOMEM;
+       }
  
         for (i = 0; i < nr_pages; i++)
                 folios[i] = page_folio(pages[i]);


thanks,