Re: [PATCH] mm/huge_memory: fix override of entry in remove_migration_pmd

From: Lorenzo Stoakes

Date: Thu Nov 13 2025 - 06:57:13 EST

On Thu, Nov 13, 2025 at 04:13:52PM +1100, Balbir Singh wrote:
> The softleaf changes exposed a BUG in remove_rmap_pmd() where the
> migration entry was being overridden when the folio is device private.
>
> Use scope local entry for creating the device private pmde. Make the
> pmde writable if the migration entry is writable by moving the check
> softleaf_is_migration_write() prior to creating the device private entry.
>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: David Hildenbrand <david@xxxxxxxxxx>
> Cc: Zi Yan <ziy@xxxxxxxxxx>
> Cc: Joshua Hahn <joshua.hahnjy@xxxxxxxxx>
> Cc: Rakie Kim <rakie.kim@xxxxxx>
> Cc: Byungchul Park <byungchul@xxxxxx>
> Cc: Gregory Price <gourry@xxxxxxxxxx>
> Cc: Ying Huang <ying.huang@xxxxxxxxxxxxxxxxx>
> Cc: Alistair Popple <apopple@xxxxxxxxxx>
> Cc: Oscar Salvador <osalvador@xxxxxxx>
> Cc: Lorenzo Stoakes <lorenzo.stoakes@xxxxxxxxxx>
> Cc: Baolin Wang <baolin.wang@xxxxxxxxxxxxxxxxx>
> Cc: "Liam R. Howlett" <Liam.Howlett@xxxxxxxxxx>
> Cc: Nico Pache <npache@xxxxxxxxxx>
> Cc: Ryan Roberts <ryan.roberts@xxxxxxx>
> Cc: Dev Jain <dev.jain@xxxxxxx>
> Cc: Barry Song <baohua@xxxxxxxxxx>
> Cc: Lyude Paul <lyude@xxxxxxxxxx>
> Cc: Danilo Krummrich <dakr@xxxxxxxxxx>
> Cc: David Airlie <airlied@xxxxxxxxx>
> Cc: Simona Vetter <simona@xxxxxxxx>
> Cc: Ralph Campbell <rcampbell@xxxxxxxxxx>
> Cc: Mika Penttilä <mpenttil@xxxxxxxxxx>
> Cc: Matthew Brost <matthew.brost@xxxxxxxxx>
> Cc: Francois Dugast <francois.dugast@xxxxxxxxx>
>
> Signed-off-by: Balbir Singh <balbirs@xxxxxxxxxx>

THe logic LGTM but we don't want to have a bisect hazard here by having the bug
introduced earlier then resolved here.

I think better would be to do the fix up in the original series as a fix-patch,
then maybe point at this one as a conflict resolution for my series?

In any case, LGTM so:

Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@xxxxxxxxxx>

> ---
> mm/huge_memory.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/mm/huge_memory.c b/mm/huge_memory.c
> index 0184cd915f44..e4dadcb9e90b 100644
> --- a/mm/huge_memory.c
> +++ b/mm/huge_memory.c
> @@ -4850,7 +4850,12 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
> folio_get(folio);
> pmde = folio_mk_pmd(folio, READ_ONCE(vma->vm_page_prot));
>
> + if (softleaf_is_migration_write(entry))
> + pmde = pmd_mkwrite(pmde, vma);
> +
> if (folio_is_device_private(folio)) {
> + swp_entry_t entry;
> +
> if (pmd_write(pmde))
> entry = make_writable_device_private_entry(
> page_to_pfn(new));
> @@ -4862,8 +4867,6 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
>
> if (pmd_swp_soft_dirty(*pvmw->pmd))
> pmde = pmd_mksoft_dirty(pmde);
> - if (softleaf_is_migration_write(entry))
> - pmde = pmd_mkwrite(pmde, vma);
> if (pmd_swp_uffd_wp(*pvmw->pmd))
> pmde = pmd_mkuffd_wp(pmde);
> if (!softleaf_is_migration_young(entry))
> --
> 2.51.1
>