git.ipfire.org Git - thirdparty/linux.git/commit

author	Luiz Capitulino <luizcap@redhat.com>
	Mon, 14 Jul 2025 13:16:54 +0000 (09:16 -0400)
committer	Andrew Morton <akpm@linux-foundation.org>
	Fri, 25 Jul 2025 02:12:35 +0000 (19:12 -0700)
commit	476d87d6a06146125e8f16edbe845a7bcf6a2e57
tree	be724be0d25924f20a9aed5642d957bd78740f74	tree
parent	71f2a2c4ff62c9bb1daa0e47b588220178a5ad12	commit \| diff

fs: stable_page_flags(): use snapshot_page()

A race condition is possible in stable_page_flags() where user-space is
reading /proc/kpageflags concurrently to a folio split.  This may lead to
oopses or BUG_ON()s being triggered.

To fix this, this commit uses snapshot_page() in stable_page_flags() so
that stable_page_flags() works with a stable page and folio snapshots
instead.

Note that stable_page_flags() makes use of some functions that require the
original page or folio pointer to work properly (eg.  is_free_budy_page()
and folio_test_idle()).  Since those functions can't be used on the page
snapshot, we replace their usage with flags that were set by
snapshot_page() for this purpose.

Link: https://lkml.kernel.org/r/52c16c0f00995a812a55980c2f26848a999a34ab.1752499009.git.luizcap@redhat.com
Signed-off-by: Luiz Capitulino <luizcap@redhat.com>
Reviewed-by: Shivank Garg <shivankg@amd.com>
Tested-by: Harry Yoo <harry.yoo@oracle.com>
Acked-by: David Hildenbrand <david@redhat.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Oscar Salvador <osalvador@suse.de>
Cc: SeongJae Park <sj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>