Re: [PATCH 5.15] mm: validate buddy page before using

From: Xianting Tian
Date: Mon Jun 20 2022 - 08:41:57 EST


在 2022/6/20 下午8:24, Greg KH 写道:
On Mon, Jun 20, 2022 at 08:18:40PM +0800, Xianting Tian wrote:
在 2022/6/20 下午8:06, Greg KH 写道:
On Mon, Jun 20, 2022 at 07:57:05PM +0800, Xianting Tian wrote:
在 2022/6/20 下午7:42, Greg KH 写道:
On Mon, Jun 20, 2022 at 06:54:44PM +0800, Xianting Tian wrote:
在 2022/6/20 下午6:17, Greg KH 写道:
On Fri, Jun 17, 2022 at 12:17:45AM +0800, Xianting Tian wrote:
Commit 787af64d05cd ("mm: page_alloc: validate buddy before check its migratetype.")
fixes a bug in 1dd214b8f21c and there is a similar bug in d9dddbf55667 that
can be fixed in a similar way too.

In unset_migratetype_isolate(), we also need the fix, so move page_is_buddy()
from mm/page_alloc.c to mm/internal.h

In addition, for RISC-V arch the first 2MB RAM could be reserved for opensbi,
so it would have pfn_base=512 and mem_map began with 512th PFN when
CONFIG_FLATMEM=y.
But __find_buddy_pfn algorithm thinks the start pfn 0, it could get 0 pfn or
less than the pfn_base value. We need page_is_buddy() to verify the buddy to
prevent accessing an invalid buddy.

Fixes: d9dddbf55667 ("mm/page_alloc: prevent merging between isolated and other pageblocks")
Cc: stable@xxxxxxxxxxxxxxx
Reported-by: zjb194813@xxxxxxxxxxxxxxx
Reported-by: tianhu.hh@xxxxxxxxxxxxxxx
Signed-off-by: Xianting Tian <xianting.tian@xxxxxxxxxxxxxxxxx>
---
mm/internal.h | 34 ++++++++++++++++++++++++++++++++++
mm/page_alloc.c | 37 +++----------------------------------
mm/page_isolation.c | 3 ++-
3 files changed, 39 insertions(+), 35 deletions(-)
What is the commit id of this in Linus's tree?
It is also this one,

commit 787af64d05cd528aac9ad16752d11bb1c6061bb9
Author: Zi Yan <ziy@xxxxxxxxxx>
Date:   Wed Mar 30 15:45:43 2022 -0700

    mm: page_alloc: validate buddy before check its migratetype.

    Whenever a buddy page is found, page_is_buddy() should be called to
    check its validity.  Add the missing check during pageblock merge check.

    Fixes: 1dd214b8f21c ("mm: page_alloc: avoid merging non-fallbackable
pageblocks with others")
    Link:
https://lore.kernel.org/all/20220330154208.71aca532@xxxxxxxxxxxxxxxxxx/
    Reported-and-tested-by: Steven Rostedt <rostedt@xxxxxxxxxxx>
    Signed-off-by: Zi Yan <ziy@xxxxxxxxxx>
    Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
This commit looks nothing like what you posted here.

Why the vast difference with no explaination as to why these are so
different from the other backports you provided here? Also why is the
subject lines changed?
Yes, the changes of 5.15 are not same with others branches, because we need
additional fix for 5.15,

You can check it in the thread:

https://lore.kernel.org/linux-mm/435B45C3-E6A5-43B2-A5A2-318C748691FC@xxxxxxxxxx/ <https://lore.kernel.org/linux-mm/435B45C3-E6A5-43B2-A5A2-318C748691FC@xxxxxxxxxx/>

Right. But pfn_valid_within() was removed since 5.15. So your fix is
required for kernels between 5.15 and 5.17 (inclusive).
What is "your fix" here?

This change differs a lot from what is in Linus's tree now, so this all
needs to be resend and fixed up as I mention above if we are going to be
able to take this. As-is, it's all not correct so are dropped.
I think, for branches except 5.15,  you can just backport Zi Yan's commit
787af64d05cd in Linus tree. I won't send more patches further,
So just for 5.18? I am confused.
Sorry, 5.18 needs the same fix with 5.15.  I will send the patch for it.

For 5.15, because it need additional fix except commit 787af64d05cd,  I will
send a new patch as your comments.

Is it ok for you?
No, please send fixed up patches for all branches you want them applied
to as I do not understand what to do here at all, sorry.
Understood. I will send for all branches.

greg k-h