Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3722964pxf; Mon, 22 Mar 2021 13:21:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw0sbSVWrdCA3s09XxWQHrG4CYns2emxkgZbAGK7yX0wOqfq67tElppHDPAAHbtAbBkMcoy X-Received: by 2002:a17:906:7d7:: with SMTP id m23mr1533016ejc.205.1616444517357; Mon, 22 Mar 2021 13:21:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616444517; cv=none; d=google.com; s=arc-20160816; b=aziy/7eqBL1Ch8pK7+QUVnZ5o41BZrH9BTGf1AZP1ZNparQrGfj+wBOs2Q8WZo5kCX ivfDdBKTnyemAWTKus6+5m4fgCqNPX4fFpXSX+qtWtPs1WZ1M8EDxiT6LmjUt/g3ZLpb 60+h86G1RBcn87zLFj5CjkGp67NM4vS1ggDlprVFodCGE44Aw3LWQkRzRVmQ5biMhjmN A2DUGBecLz1AqXD3BW2ag2q7nGv1t+UJQeVOBzjWPjaxhwBtiOh/Qm4QXuiBrkypCFnd oJGCL87eCc/4WOSdkjh6KUe04/KL0CWtlBgh5G/WfXlMOsET15825uP91PYVeU1QPP+A FR4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=g19ekQhwWPSUVgeDRJ0qV8y1izdmXO7LuQ/4SsoZHq0=; b=SN3RcHxw/RPL9yXB9e9CkOR8xWIXpVnnezMdYm2Xp5UR1PtR8P+l8/agGwn957nk4Z CmZ4edQquhXvdUSvzO70UHzZbpRMNvqzd+lyS4/2G/5RtobpMHHp2SbT4YHzPleqYn3k ZgDUa6PR0l67Rtq6Y2MUfv66qXmwHIFcKzLmTgLSGTkdpL1Yf3Fr0JOQ5dm3Sz1EIQZO URZoBU0W5ftaS2Wp/h4i00Z6XYCAa6w5g3ayPyFIWr1LFJmEQfm2HvZBS/P0spopFGLb OaOIvPlP70PFc0hA9aWfE/Y9RHkvlYb8VyVv94wBC1r7Q9x6SUI+f68o09yGUCTthI68 C31w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ejKUkIAp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g16si12446157ejf.292.2021.03.22.13.21.34; Mon, 22 Mar 2021 13:21:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ejKUkIAp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232214AbhCVUUr (ORCPT + 99 others); Mon, 22 Mar 2021 16:20:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40612 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231331AbhCVUUd (ORCPT ); Mon, 22 Mar 2021 16:20:33 -0400 Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC329C061574 for ; Mon, 22 Mar 2021 13:20:28 -0700 (PDT) Received: by mail-il1-x131.google.com with SMTP id z9so16059730ilb.4 for ; Mon, 22 Mar 2021 13:20:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g19ekQhwWPSUVgeDRJ0qV8y1izdmXO7LuQ/4SsoZHq0=; b=ejKUkIApjaWRL7dUZPBW3gdjkQxA0z+5LeJYdtHdOcPvTHkv6dxcYuQs/T9Eb549L2 JScgJ7XI1WwOwMqtzTcgqD2YkkvkhoyUx7XbQd2WEziLlKNurf/V2PssbH7Z0pYUk9Xc AfuyvCVCu87UqeDab3IMz2K5LcAmHfd2Gj1U0b1SW3/USf84H2jS/h68st6GKZ/a0Dpd kAvRpJOh1tzto7ukWq9t2ntk/DJ70L2EKrjb4YjTDoqAEnmmYitvwov1m8ogzr2becKU IDClAL/p18aqeNvZXUviMX//5bqgYdGV6bK4wymFOe3DTdgdnmEOLjQsDUSEd3ccK8Hs l27Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g19ekQhwWPSUVgeDRJ0qV8y1izdmXO7LuQ/4SsoZHq0=; b=Cd6bPkaZNW2bokonsXPoGGiWmdwJCTKgbSezFmVq5SP1Vf5KMnWsJQVXkWw6cXFFm/ itA2+wJuG1QzjIwXvw1oBidAoQp6fGGTSf9l+FMcUi13u7E3JJ7q1XU2O8hfK1gmeu3t 1/7/e8iLysUd4CbIgXZqSFdwYpRVlwYxxSlVULUDyDr6y9ZK6qegCAgDGDhV1tHj/2vH SRIK1VkFWMq2IoVLWMmizm1rkNEHE3llBKa4TzZFNtXH6OdM9j1GqwEoKGHVCNEXjabQ viRXoDKkycvZFK6jvIB9uASmYOL+MEHtmrwEy81BushZFzl47dddavdya3K6UJrErQia 9twA== X-Gm-Message-State: AOAM532HlzcPizygcMUkpOCEOwdvaP8qXOJmBpIpSkCMqJtk+QOlYpwB XzrNWZeBh0GOIb4XBzDJa6jkarvcYL5y89zRovMCAQ== X-Received: by 2002:a92:c561:: with SMTP id b1mr1542272ilj.165.1616444428175; Mon, 22 Mar 2021 13:20:28 -0700 (PDT) MIME-Version: 1.0 References: <20210322175132.36659-1-peterx@redhat.com> In-Reply-To: <20210322175132.36659-1-peterx@redhat.com> From: Axel Rasmussen Date: Mon, 22 Mar 2021 13:19:50 -0700 Message-ID: Subject: Re: [PATCH] userfaultfd/hugetlbfs: Fix minor fault page leak To: Peter Xu Cc: Linux MM , LKML , Andrew Morton , Andrea Arcangeli , Mike Kravetz , Mike Rapoport Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 22, 2021 at 10:51 AM Peter Xu wrote: > > When uffd-minor enabled, we need to put the page cache before handling the > userfault in hugetlb_no_page(), otherwise the page refcount got leaked. > > This can be reproduced by running userfaultfd selftest with hugetlb_shared > mode, then cat /proc/meminfo. > > Cc: Axel Rasmussen > Cc: Andrea Arcangeli > Cc: Mike Kravetz > Cc: Mike Rapoport > Cc: Andrew Morton > Fixes: f2bf15fb0969 ("userfaultfd: add minor fault registration mode") > Signed-off-by: Peter Xu > --- > mm/hugetlb.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/mm/hugetlb.c b/mm/hugetlb.c > index 408dbc08298a..56b78a206913 100644 > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -4449,6 +4449,7 @@ static vm_fault_t hugetlb_no_page(struct mm_struct *mm, > /* Check for page in userfault range. */ > if (userfaultfd_minor(vma)) { > unlock_page(page); > + put_page(page); > ret = hugetlb_handle_userfault(vma, mapping, idx, > flags, haddr, > VM_UFFD_MINOR); > -- > 2.26.2 > Thanks for the fix, Peter! I applied the patch and verified it does indeed fix the issue. Reviewed-by: Axel Rasmussen