Re: [PATCH] mm/cma_sysfs: Skip inactive CMA areas in sysfs

[Andrew Morton]

On Fri, 22 May 2026 21:26:59 +0800 Muchun Song <songmuchun@xxxxxxxxxxxxx> wrote:

> On Fri, May 22, 2026 at 9:15 PM Kaitao Cheng <kaitao.cheng@xxxxxxxxx> wrote:
> >
> > From: Kaitao Cheng <chengkaitao@xxxxxxxxxx>
> >
> > cma_activate_area() can fail after a CMA area has already been added to
> > cma_areas[].  In that case the area is left in the global array, but it
> > does not reach the point where CMA_ACTIVATED is set.
> >
> > cma_sysfs_init() currently walks all cma_area_count entries and creates
> > sysfs files for every area, including ones that failed activation.  These
> > areas are not usable CMA areas and should not be exposed to userspace as
> > valid CMA regions.
> >
> > Skip CMA areas that did not reach CMA_ACTIVATED when creating the sysfs
> > objects.  Since inactive entries can now be skipped, make the error
> > unwind tolerate entries that never had cma_kobj initialized.
> >
> > Fixes: 43ca106fa8ec ("mm: cma: support sysfs")
> 
> Actually, this is not a fix since there is no serious issue when accessing those
> sysfs files. I think it is an improvement.

I find it hard to say because the changelog doesn't have a clear
description of the userspace-visible impact of the bug.

> > Reported-by: David Hildenbrand (Arm) <david@xxxxxxxxxx>
> > Reported-by: Muchun Song <songmuchun@xxxxxxxxxxxxx>
> > Closes: https://lore.kernel.org/linux-mm/55481a8b-dcfc-4bef-ba59-aa0b43dca88b@xxxxxxxxxx/

That says "Reading the bitmap file can make debugfs walk a freed range
bitmap and trigger an invalid memory access".   Maybe it oopses?

So Kaitao, can you please send us a clear and complete description of
how this bug affects downstream users?