Re: [PATCH 3/5] mm/migrate: use huge_ptep_get() in remove_migration_pte()

Next message: Yuho Choi: "[PATCH v2] irqchip/gic-v3-its: Fix OF node reference leak"
Previous message: Reinette Chatre: "Re: [PATCH v3 3/3] selftests/resctrl: Recognise aarch64 as a vendor for L3_NONCONT_CAT"
In reply to: Dev Jain: "[PATCH 3/5] mm/migrate: use huge_ptep_get() in remove_migration_pte()"
Next in thread: Zi Yan: "Re: [PATCH 0/5] Fix incorrect access of hugetlb pte entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Muchun Song

Date: Thu Jun 25 2026 - 23:33:59 EST

> On Jun 25, 2026, at 19:29, Dev Jain <dev.jain@xxxxxxx> wrote:
>
> remove_migration_pte() converts migration entries back to present PTEs
> after folio migration completes. For hugetlb folios,
> page_vma_mapped_walk() returns the pte pointer to the hugetlb folio in
> pvmw.pte, but the code reads it with ptep_get().
>
> On arches which provide their own huge_ptep_get() to dereference a huge
> pte pointer, accessing via ptep_get() would cause pte_pfn(),
> pte_present() etc to misbehave.
>
> It is not clear whether this has a trivially visible effect to userspace.

We are dealing with migration entries here, so the issue mentioned shouldn't
be a problem with any of the architectures. Semantically speaking, we definitely
should fix this.

>
> Use huge_ptep_get() to dereference a huge pte pointer.
>
> Fixes: 290408d4a250 ("hugetlb: hugepage migration core")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Dev Jain <dev.jain@xxxxxxx>

Acked-by: Muchun Song <muchun.song@xxxxxxxxx>

Thanks