[PW_SID:976481] [v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap by linux-riscv-bot · Pull Request #583 · linux-riscv/linux

linux-riscv-bot · 2025-06-27T06:57:06Z

PR for series 976481 applied to workflow__riscv__fixes

Name: [v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=976481
Version: 2

… unmap As pointed out by David[1], the batched unmap logic in try_to_unmap_one() can read past the end of a PTE table if a large folio is mapped starting at the last entry of that table. It would be quite rare in practice, as MADV_FREE typically splits the large folio ;) So let's fix the potential out-of-bounds read by refactoring the logic into a new helper, folio_unmap_pte_batch(). The new helper now correctly calculates the safe number of pages to scan by limiting the operation to the boundaries of the current VMA and the PTE table. In addition, the "all-or-nothing" batching restriction is removed to support partial batches. The reference counting is also cleaned up to use folio_put_refs(). [1] https://lore.kernel.org/linux-mm/a694398c-9f03-4737-81b9-7e49c857fcbe@redhat.com Fixes: 354dffd ("mm: support batched unmap for lazyfree large folios during reclamation") Cc: <stable@vger.kernel.org> Suggested-by: David Hildenbrand <david@redhat.com> Suggested-by: Barry Song <baohua@kernel.org> Signed-off-by: Lance Yang <lance.yang@linux.dev> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>

linux-riscv-bot · 2025-06-27T07:02:22Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv32-defconfig
Desc: Builds riscv32 defconfig
Duration: 101.78 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:19:12Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-clang-allmodconfig
Desc: Builds riscv64 allmodconfig with Clang, and checks for errors and added warnings
Duration: 1007.87 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:43:58Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-gcc-allmodconfig
Desc: Builds riscv64 allmodconfig with GCC, and checks for errors and added warnings
Duration: 1484.83 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:44:20Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-nommu-k210-defconfig
Desc: Builds riscv64 defconfig with NOMMU for K210
Duration: 20.44 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:44:44Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-nommu-k210-virt
Desc: Builds riscv64 defconfig with NOMMU for the virt platform
Duration: 21.76 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:44:47Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
checkpatch
Desc: Runs checkpatch.pl on the patch
Duration: 1.68 seconds
Result: WARNING
Output:

CHECK: Alignment should match open parenthesis
#47: FILE: mm/rmap.c:1849:
+static inline unsigned int folio_unmap_pte_batch(struct folio *folio,
+			struct page_vma_mapped_walk *pvmw,

total: 0 errors, 0 warnings, 1 checks, 73 lines checked

NOTE: For some of the reported defects, checkpatch may be able to
      mechanically convert to the typical style using --fix or --fix-inplace.

Commit daf793b4a775 ("mm/rmap: fix potential out-of-bounds page table access during batched unmap") has style problems, please review.

NOTE: Ignored message types: ALLOC_SIZEOF_STRUCT CAMELCASE COMMIT_LOG_LONG_LINE GIT_COMMIT_ID MACRO_ARG_REUSE NO_AUTHOR_SIGN_OFF

NOTE: If any of the errors are false positives, please report
      them to the maintainer, see CHECKPATCH in MAINTAINERS.
total: 0 errors, 0 warnings, 1 checks, 73 lines checked
CHECK: Alignment should match open parenthesis

linux-riscv-bot · 2025-06-27T07:46:02Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
dtb-warn-rv64
Desc: Checks for Device Tree warnings/errors
Duration: 72.68 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:46:04Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
header-inline
Desc: Detects static functions without inline keyword in header files
Duration: 0.24 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:46:06Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
kdoc
Desc: Detects for kdoc errors
Duration: 0.87 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:46:08Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
module-param
Desc: Detect module_param changes
Duration: 0.26 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:46:10Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
verify-fixes
Desc: Verifies that the Fixes: tags exist
Duration: 0.27 seconds
Result: PASS

linux-riscv-bot · 2025-06-27T07:46:12Z

Patch 1: "[v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
verify-signedoff
Desc: Verifies that Signed-off-by: tags are correct
Duration: 0.29 seconds
Result: PASS

Linux RISC-V bot and others added 2 commits June 24, 2025 01:05

Adding CI files

b5ded79

linux-riscv-bot force-pushed the workflow__riscv__fixes branch from b5ded79 to a7cb30d Compare June 27, 2025 17:47

linux-riscv-bot closed this Jun 30, 2025

linux-riscv-bot deleted the pw976481 branch June 30, 2025 03:16

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[PW_SID:976481] [v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap#583

[PW_SID:976481] [v2,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap#583
linux-riscv-bot wants to merge 2 commits into
workflowriscvfixesfrom
pw976481

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

linux-riscv-bot commented Jun 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants