Re: [PATCH] mm/cma: fix reserved page leak on activation failure

Next message: Gary Guo: "Re: [PATCH RESEND] pwm: th1520: Remove requirement for mul_u64_u64_div_u64_roundup"
Previous message: Pablo Neira Ayuso: "Re: [PATCH] netfilter: flowtable: resolve LAG slave for direct HW offload"
Next in thread: Usama Arif: "Re: [PATCH] mm/cma: fix reserved page leak on activation failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Oscar Salvador (SUSE)

Date: Mon May 25 2026 - 13:29:46 EST

On Fri, May 22, 2026 at 02:26:58PM +0800, Muchun Song wrote:
> If cma_activate_area() fails after allocating only part of the range
> bitmaps, its cleanup path frees the bitmaps for the ranges below
> allocrange and then releases reserved pages using the same bound.
>
> That bound is only correct for bitmap freeing. Pages in ranges that did
> not reach bitmap allocation are still reserved and should also be
> returned to the buddy when CMA_RESERVE_PAGES_ON_ERROR is clear. As a
> result, a partial bitmap allocation failure can permanently leak the
> reserved pages from the failed range and all later ranges.
>
> Fix this by releasing reserved pages for all ranges. For ranges whose
> bitmap allocation succeeded, use the early_pfn[] snapshot saved before
> the bitmap pointer overwrote the union field. For later ranges, continue
> to use cmr->early_pfn directly.
>
> Fixes: c009da4258f9 ("mm, cma: support multiple contiguous ranges, if requested")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Muchun Song <songmuchun@xxxxxxxxxxxxx>

Reviewed-by: Oscar Salvador (SUSE) <osalvador@xxxxxxxxxx>

--
Oscar Salvador
SUSE Labs