mm/memory-failure.c: fix race with changing page more robustly

mainline inclusion from mainline-v5.18-rc1 commit 75ee64b3 category: bugfix bugzilla: 188200, https://gitee.com/openeuler/kernel/issues/I68OOI CVE: NA -------------------------------- We're only intended to deal with the non-Compound page after we split thp in memory_failure. However, the page could have changed compound pages due to race window. If this happens, we could retry once to hopefully handle the page next round. Also remove unneeded orig_head. It's always equal to the hpage. So we can use hpage directly and remove this redundant one. Link: https://lkml.kernel.org/r/20220218090118.1105-5-linmiaohe@huawei.comSigned-off-by: N Miaohe Lin <linmiaohe@huawei.com> Acked-by: N Naoya Horiguchi <naoya.horiguchi@nec.com> Signed-off-by: N Andrew Morton <akpm@linux-foundation.org> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: N Ma Wupeng <mawupeng1@huawei.com> Reviewed-by: N Kefeng Wang <wangkefeng.wang@huawei.com> Signed-off-by: N Yongqiang Liu <liuyongqiang13@huawei.com>

mm/memory-failure.c: fix race with changing page more robustly
mainline inclusion from mainline-v5.18-rc1 commit 75ee64b3 category: bugfix bugzilla: 188200, https://gitee.com/openeuler/kernel/issues/I68OOI CVE: NA -------------------------------- We're only intended to deal with the non-Compound page after we split thp in memory_failure. However, the page could have changed compound pages due to race window. If this happens, we could retry once to hopefully handle the page next round. Also remove unneeded orig_head. It's always equal to the hpage. So we can use hpage directly and remove this redundant one. Link: https://lkml.kernel.org/r/20220218090118.1105-5-linmiaohe@huawei.comSigned-off-by: N Miaohe Lin <linmiaohe@huawei.com> Acked-by: N Naoya Horiguchi <naoya.horiguchi@nec.com> Signed-off-by: N Andrew Morton <akpm@linux-foundation.org> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: N Ma Wupeng <mawupeng1@huawei.com> Reviewed-by: N Kefeng Wang <wangkefeng.wang@huawei.com> Signed-off-by: N Yongqiang Liu <liuyongqiang13@huawei.com>
626d06a2 · Miaohe Lin · Yongqiang Liu · f0c2fbe9 · 626d06a2
显示空白变更内容
内联并排

Showing with 15 addition and 5 deletion

mm/memory-failure.c mm/memory-failure.c +15 -5

未找到文件。
--- a/mm/memory-failure.c
+++ b/mm/memory-failure.c
@@ -1345,7 +1345,6 @@ int memory_failure(unsigned long pfn, int flags)
 {
 	struct page *p;
 	struct page *hpage;
-	struct page *orig_head;
 	struct dev_pagemap *pgmap;
 	int res = 0;
 	unsigned long page_flags;
@@ -1383,7 +1382,7 @@ int memory_failure(unsigned long pfn, int flags)
 		goto unlock_mutex;
 	}
-	orig_head = hpage = compound_head(p);
+	hpage = compound_head(p);
 	num_poisoned_pages_inc();
 	/*
@@ -1443,10 +1442,21 @@ int memory_failure(unsigned long pfn, int flags)
 	lock_page(p);
 	/*
-	 * The page could have changed compound pages during the locking.
+	 * We're only intended to deal with the non-Compound page here.
-	 * If this happens just bail out.
+	 * However, the page could have changed compound pages due to
+	 * race window. If this happens, we could try again to hopefully
+	 * handle the page next round.
 	 */
-	if (PageCompound(p) && compound_head(p) != orig_head) {
+	if (PageCompound(p)) {
+		if (retry) {
+			if (TestClearPageHWPoison(p))
+				num_poisoned_pages_dec();
+			unlock_page(p);
+			put_page(p);
+			flags &= ~MF_COUNT_INCREASED;
+			retry = false;
+			goto try_again;
+		}
 		action_result(pfn, MF_MSG_DIFFERENT_COMPOUND, MF_IGNORED);
 		res = -EBUSY;
 		goto unlock_page;