[PW_SID:977135] [v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap by linux-riscv-bot · Pull Request #588 · linux-riscv/linux

linux-riscv-bot · 2025-06-30T03:16:27Z

PR for series 977135 applied to workflow__riscv__fixes

Name: [v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=977135
Version: 3

… unmap As pointed out by David[1], the batched unmap logic in try_to_unmap_one() may read past the end of a PTE table when a large folio's PTE mappings are not fully contained within a single page table. While this scenario might be rare, an issue triggerable from userspace must be fixed regardless of its likelihood. This patch fixes the out-of-bounds access by refactoring the logic into a new helper, folio_unmap_pte_batch(). The new helper correctly calculates the safe batch size by capping the scan at both the VMA and PMD boundaries. To simplify the code, it also supports partial batching (i.e., any number of pages from 1 up to the calculated safe maximum), as there is no strong reason to special-case for fully mapped folios. [1] https://lore.kernel.org/linux-mm/a694398c-9f03-4737-81b9-7e49c857fcbe@redhat.com Fixes: 354dffd ("mm: support batched unmap for lazyfree large folios during reclamation") Cc: <stable@vger.kernel.org> Acked-by: Barry Song <baohua@kernel.org> Suggested-by: David Hildenbrand <david@redhat.com> Suggested-by: Barry Song <baohua@kernel.org> Signed-off-by: Lance Yang <lance.yang@linux.dev> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>

linux-riscv-bot · 2025-06-30T03:21:52Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv32-defconfig
Desc: Builds riscv32 defconfig
Duration: 104.51 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T03:38:51Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-clang-allmodconfig
Desc: Builds riscv64 allmodconfig with Clang, and checks for errors and added warnings
Duration: 1016.96 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:04:29Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-gcc-allmodconfig
Desc: Builds riscv64 allmodconfig with GCC, and checks for errors and added warnings
Duration: 1536.85 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:04:51Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-nommu-k210-defconfig
Desc: Builds riscv64 defconfig with NOMMU for K210
Duration: 20.83 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:05:14Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
build-rv64-nommu-k210-virt
Desc: Builds riscv64 defconfig with NOMMU for the virt platform
Duration: 21.90 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:05:17Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
checkpatch
Desc: Runs checkpatch.pl on the patch
Duration: 1.57 seconds
Result: WARNING
Output:

CHECK: Alignment should match open parenthesis
#46: FILE: mm/rmap.c:1849:
+static inline unsigned int folio_unmap_pte_batch(struct folio *folio,
+			struct page_vma_mapped_walk *pvmw,

total: 0 errors, 0 warnings, 1 checks, 73 lines checked

NOTE: For some of the reported defects, checkpatch may be able to
      mechanically convert to the typical style using --fix or --fix-inplace.

Commit 63a3cb09daa4 ("mm/rmap: fix potential out-of-bounds page table access during batched unmap") has style problems, please review.

NOTE: Ignored message types: ALLOC_SIZEOF_STRUCT CAMELCASE COMMIT_LOG_LONG_LINE GIT_COMMIT_ID MACRO_ARG_REUSE NO_AUTHOR_SIGN_OFF

NOTE: If any of the errors are false positives, please report
      them to the maintainer, see CHECKPATCH in MAINTAINERS.
total: 0 errors, 0 warnings, 1 checks, 73 lines checked
CHECK: Alignment should match open parenthesis

linux-riscv-bot · 2025-06-30T04:06:30Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
dtb-warn-rv64
Desc: Checks for Device Tree warnings/errors
Duration: 71.39 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:06:32Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
header-inline
Desc: Detects static functions without inline keyword in header files
Duration: 0.24 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:06:34Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
kdoc
Desc: Detects for kdoc errors
Duration: 0.89 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:06:36Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
module-param
Desc: Detect module_param changes
Duration: 0.26 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:06:37Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
verify-fixes
Desc: Verifies that the Fixes: tags exist
Duration: 0.28 seconds
Result: PASS

linux-riscv-bot · 2025-06-30T04:06:39Z

Patch 1: "[v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap"
verify-signedoff
Desc: Verifies that Signed-off-by: tags are correct
Duration: 0.30 seconds
Result: PASS

linux-riscv-bot closed this Jul 1, 2025

linux-riscv-bot deleted the pw977135 branch July 1, 2025 17:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[PW_SID:977135] [v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap#588

[PW_SID:977135] [v3,1/1] mm/rmap: fix potential out-of-bounds page table access during batched unmap#588
linux-riscv-bot wants to merge 1 commit into
workflowriscvfixesfrom
pw977135

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

linux-riscv-bot commented Jun 30, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants