NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../mm
History
Charan Teja Kalla 44702d8fa1 FROMLIST: mm: migrate high-order folios in swap cache correctly 
Large folios occupy N consecutive entries in the swap cache instead of
using multi-index entries like the page cache.  However, if a large folio
is re-added to the LRU list, it can be migrated.  The migration code was
not aware of the difference between the swap cache and the page cache and
assumed that a single xas_store() would be sufficient.

This leaves potentially many stale pointers to the now-migrated folio in
the swap cache, which can lead to almost arbitrary data corruption in the
future.  This can also manifest as infinite loops with the RCU read lock
held.

Bug: 315281107
Change-Id: I455f964a9f21c13089890073777388236b6669d7
[willy@infradead.org: modifications to the changelog & tweaked the fix]
Fixes: 3417013e0d ("mm/migrate: Add folio_migrate_mapping()")
Link: https://lkml.kernel.org/r/20231214045841.961776-1-willy@infradead.org
Link: https://lore.kernel.org/linux-mm/20231214045841.961776-1-willy@infradead.org/
Signed-off-by: Charan Teja Kalla <quic_charante@quicinc.com>
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Reported-by: Charan Teja Kalla <quic_charante@quicinc.com>
Closes: https://lkml.kernel.org/r/1700569840-17327-1-git-send-email-quic_charante@quicinc.com
Cc: David Hildenbrand <david@redhat.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Charan Teja Kalla <quic_charante@quicinc.com>
2023-12-21 00:41:24 +00:00
..
damon UPSTREAM: mm/damon/sysfs-schemes: handle tried region directory allocation failure 2023-12-16 01:38:42 +00:00
kasan Merge 6.1.40 into android14-6.1-lts 2023-09-05 16:35:01 +00:00
kfence UPSTREAM: mm,kfence: decouple kfence from page granularity mapping judgement 2023-05-31 17:22:42 +00:00
kmsan UPSTREAM: mm: kmsan: handle alloc failures in kmsan_vmap_pages_range_noflush() 2023-05-31 15:20:12 +00:00
backing-dev.c writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs 2023-04-26 14:28:39 +02:00
balloon_compaction.c
bootmem_info.c
cleancache.c ANDROID: Revert "mm: remove cleancache" 2023-04-26 17:01:50 +00:00
cma.c ANDROID: mm: cma: introduce __cma_alloc API 2023-12-06 18:54:20 +00:00
cma.h
cma_debug.c
cma_sysfs.c
compaction.c ANDROID: mm: vh for compaction begin/end 2023-10-17 18:15:01 +00:00
debug.c UPSTREAM: mm: export dump_mm() 2023-06-07 14:24:58 +00:00
debug_page_ref.c
debug_vm_pgtable.c
dmapool.c
early_ioremap.c
fadvise.c UPSTREAM: mm: support POSIX_FADV_NOREUSE 2023-04-12 16:02:15 +00:00
failslab.c mm: fix unexpected changes to {failslab|fail_page_alloc}.attr 2022-11-22 18:50:44 -08:00
filemap.c ANDROID: vendor_hook: Add hook to tune readaround size 2023-11-06 23:07:00 +00:00
folio-compat.c mm: remove try_to_free_swap() 2022-10-03 14:02:53 -07:00
frontswap.c frontswap: don't call ->init if no ops are registered 2022-09-26 12:14:34 -07:00
gup.c BACKPORT: mm: always expand the stack with the mmap write lock held 2023-07-27 11:47:21 +00:00
gup_test.c
gup_test.h
highmem.c highmem: fix kmap_to_page() for kmap_local_page() addresses 2022-10-12 18:51:51 -07:00
hmm.c BACKPORT: FROMGIT: mm: enable page walking API to lock vmas during the walk 2023-08-16 16:55:02 +00:00
huge_memory.c UPSTREAM: mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO 2023-05-30 17:15:55 +00:00
hugetlb.c Merge 6.1.47 into android14-6.1-lts 2023-09-13 19:35:46 +00:00
hugetlb_cgroup.c
hugetlb_vmemmap.c mm: hugetlb_vmemmap: fix a race between vmemmap pmd split 2023-09-19 12:27:56 +02:00
hugetlb_vmemmap.h
hwpoison-inject.c mm/hwpoison: add __init/__exit annotations to module init/exit funcs 2022-10-03 14:03:05 -07:00
init-mm.c UPSTREAM: mm: add per-VMA lock and helper functions to control it 2023-06-07 14:24:59 +00:00
internal.h FROMLIST: mm: Allow fault_dirty_shared_page() to be called under the VMA lock 2023-08-16 09:59:56 -07:00
interval_tree.c
io-mapping.c
ioremap.c
Kconfig BACKPORT: mm: introduce new 'lock_mm_and_find_vma()' page fault helper 2023-07-26 09:57:34 +00:00
Kconfig.debug Merge 6.1.34 into android14-6.1-lts 2023-06-14 19:49:28 +00:00
khugepaged.c UPSTREAM: mm/khugepaged: write-lock VMA while collapsing a huge page 2023-06-07 14:24:59 +00:00
kmemleak.c BACKPORT: mm/kmemleak: fix UAF bug in kmemleak_scan() 2023-05-15 19:08:33 +00:00
ksm.c BACKPORT: FROMGIT: mm: enable page walking API to lock vmas during the walk 2023-08-16 16:55:02 +00:00
list_lru.c
maccess.c mm: Fix copy_from_user_nofault(). 2023-06-28 11:12:17 +02:00
madvise.c Merge 6.1.50 into android14-6.1-lts 2023-09-18 09:52:46 +00:00
Makefile ANDROID: mm: introduce page_pinner 2023-05-16 21:34:27 +00:00
mapping_dirty_helpers.c
memblock.c ANDROID: GKI: Export memblock_free to drivers 2023-03-01 21:29:20 +00:00
memcontrol.c Merge branch 'android14-6.1' into branch 'android14-6.1-lts' 2023-10-31 17:20:05 +00:00
memfd.c memfd: check for non-NULL file_seals in memfd_create() syscall 2023-06-28 11:12:27 +02:00
memory-failure.c Merge 6.1.50 into android14-6.1-lts 2023-09-18 09:52:46 +00:00
memory-tiers.c memory tier: release the new_memtier in find_create_memory_tier() 2023-03-10 09:34:27 +01:00
memory.c This is the 6.1.57 stable release 2023-11-02 07:05:54 +00:00
memory_hotplug.c mm: add pageblock_aligned() macro 2022-10-03 14:03:04 -07:00
mempolicy.c ANDROID: mm/mempolicy.c fix up conversion to queue_folios_pte_range 2023-11-02 07:06:05 +00:00
mempool.c
memremap.c UPSTREAM: mm: introduce __vm_flags_mod and use it in untrack_pfn 2023-06-07 14:24:58 +00:00
memtest.c
migrate.c FROMLIST: mm: migrate high-order folios in swap cache correctly 2023-12-21 00:41:24 +00:00
migrate_device.c BACKPORT: FROMGIT: mm: enable page walking API to lock vmas during the walk 2023-08-16 16:55:02 +00:00
mincore.c BACKPORT: FROMGIT: mm: enable page walking API to lock vmas during the walk 2023-08-16 16:55:02 +00:00
mlock.c FROMGIT: mm: lock vma explicitly before doing vm_flags_reset and vm_flags_reset_once 2023-08-16 16:55:02 +00:00
mm_init.c mm: multi-gen LRU: groundwork 2022-09-26 19:46:09 -07:00
mm_slot.h mm: introduce common struct mm_slot 2022-10-03 14:02:43 -07:00
mmap.c BACKPORT: FROMGIT: mm: move vma locking out of vma_prepare and dup_anon_vma 2023-08-16 16:55:02 +00:00
mmap_lock.c
mmu_gather.c mm/khugepaged: fix GUP-fast interaction by sending IPI 2022-11-30 14:49:42 -08:00
mmu_notifier.c
mmzone.c ANDROID: mm: Create hooks for ZONE_MOVABLE allocs 2023-04-26 17:01:52 +00:00
mprotect.c FROMGIT: mm: lock vma explicitly before doing vm_flags_reset and vm_flags_reset_once 2023-08-16 16:55:02 +00:00
mremap.c UPSTREAM: mm/mremap: write-lock VMA while remapping it to a new address range 2023-06-07 14:25:00 +00:00
msync.c mm/msync: use vma_find() instead of vma linked list 2022-09-26 19:46:25 -07:00
nommu.c BACKPORT: mm: always expand the stack with the mmap write lock held 2023-07-27 11:47:21 +00:00
oom_kill.c ANDROID: signal: Add vendor hook for memory reap 2023-09-13 00:04:10 +00:00
page-writeback.c ANDROID: vendor_hooks:vendor hook for control memory dirty rate 2023-06-06 23:03:20 +00:00
page_alloc.c ANDROID: mm: cma: introduce __cma_alloc API 2023-12-06 18:54:20 +00:00
page_counter.c mm: page_counter: remove unneeded atomic ops for low/min 2022-09-11 20:26:01 -07:00
page_ext.c ANDROID: mm: introduce page_pinner 2023-05-16 21:34:27 +00:00
page_idle.c
page_io.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
page_isolation.c ANDROID: mm: introduce page_pinner 2023-05-16 21:34:27 +00:00
page_owner.c ANDROID: mm: Export page_owner_inited and __set_page_owner 2023-08-29 23:06:13 +00:00
page_pinner.c ANDROID: page_pinner: add missing page_pinner_put_page 2023-05-16 21:34:27 +00:00
page_poison.c
page_reporting.c ANDROID: KVM: arm64: balloon: Notify hyp before reporting free pages to host 2022-12-15 16:13:01 +00:00
page_reporting.h
page_table_check.c mm: page_table_check: Ensure user pages are not slab pages 2023-06-14 11:15:29 +02:00
page_vma_mapped.c mm/swap: add swp_offset_pfn() to fetch PFN from swap entry 2022-09-26 19:46:05 -07:00
pagewalk.c BACKPORT: FROMGIT: mm: enable page walking API to lock vmas during the walk 2023-08-16 16:55:02 +00:00
percpu-internal.h
percpu-km.c
percpu-stats.c
percpu-vm.c
percpu.c ANDROID: mm: Export pcpu_nr_pages 2023-03-23 18:20:34 +00:00
pgalloc-track.h
pgtable-generic.c
process_vm_access.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
ptdump.c
readahead.c ANDROID: add for tuning readahead size 2023-11-06 23:07:00 +00:00
rmap.c ANDROID: GKI: export symbols to do reverse mapping within memcg and modify lru stats 2023-09-28 22:13:19 +00:00
rodata_test.c mm/rodata_test: use PAGE_ALIGNED() helper 2022-10-03 14:03:05 -07:00
secretmem.c UPSTREAM: mm: replace vma->vm_flags direct modifications with modifier calls 2023-06-07 14:24:57 +00:00
shmem.c Merge tag 'android14-6.1.43_r00' into android14-6.1 2023-10-26 17:34:36 +00:00
shrinker_debug.c mm: shrinkers: fix deadlock in shrinker debugfs 2023-02-22 12:59:46 +01:00
shuffle.c mm/shuffle: convert module_param_call to module_param_cb 2022-10-03 14:03:07 -07:00
shuffle.h
slab.c Merge 6.1.22 into android14-6.1 2023-03-31 08:15:39 +00:00
slab.h ANDROID: mm: add get_each_object_track function 2023-03-23 18:21:15 +00:00
slab_common.c ANDROID: vendor_hooks: mm: add hook to count the number pages 2023-11-30 18:19:39 +00:00
slob.c Merge branch 'slab/for-6.1/kmalloc_size_roundup' into slab/for-next 2022-09-29 11:30:55 +02:00
slub.c ANDROID: vendor_hooks: mm: add hook to count the number pages 2023-11-14 23:07:42 +00:00
sparse-vmemmap.c
sparse.c
swap.c ANDROID: mm: lru_cache_disable skips lru cache drainnig 2023-12-06 18:54:20 +00:00
swap.h FROMGIT: swap: remove remnants of polling from read_swap_cache_async 2023-07-19 18:48:39 +00:00
swap_cgroup.c mm: memcontrol: don't allocate cgroup swap arrays when memcg is disabled 2022-10-03 14:03:36 -07:00
swap_slots.c mm/swap: convert put_swap_page() to put_swap_folio() 2022-10-03 14:02:46 -07:00
swap_state.c FROMGIT: swap: remove remnants of polling from read_swap_cache_async 2023-07-19 18:48:39 +00:00
swapfile.c ANDROID: vendor hooks: Add hooks to support bootloader based hibernation 2023-06-07 14:25:04 +00:00
truncate.c ANDROID: Revert "mm: remove cleancache" 2023-04-26 17:01:50 +00:00
usercopy.c mm: Fix copy_from_user_nofault(). 2023-06-28 11:12:17 +02:00
userfaultfd.c mm/shmem: use page_mapping() to detect page cache for uffd continue 2022-11-08 15:57:23 -08:00
util.c Merge tag 'android14-6.1.57_r00' into branch 'android14-6.1' 2023-11-27 16:18:59 +00:00
vmalloc.c This is the 6.1.53 stable release 2023-09-18 09:57:37 +00:00
vmpressure.c net-memcg: Fix scope of sockmem pressure indicators 2023-09-13 09:42:33 +02:00
vmscan.c ANDROID: vendor_hooks: export tracepoint symbol trace_mm_vmscan_kswapd_wake 2023-12-05 20:22:28 +00:00
vmstat.c UPSTREAM: mm: introduce per-VMA lock statistics 2023-06-07 14:25:01 +00:00
workingset.c BACKPORT: FROMGIT: Multi-gen LRU: fix workingset accounting 2023-05-27 00:38:36 +00:00
z3fold.c
zbud.c
zpool.c
zsmalloc.c Merge 6.1.47 into android14-6.1-lts 2023-09-13 19:35:46 +00:00
zswap.c zswap: do not shrink if cgroup may not zswap 2023-06-21 16:00:54 +02:00