]> git.ipfire.org Git - thirdparty/kernel/linux.git/commitdiff
projects / thirdparty / kernel / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b3ca982)
mm: thp: prevent memory cgroup release in folio_split_queue_lock{_irqsave}()
authorQi Zheng <zhengqi.arch@bytedance.com>
Thu, 5 Mar 2026 11:52:35 +0000 (19:52 +0800)
committerAndrew Morton <akpm@linux-foundation.org>
Sat, 18 Apr 2026 07:10:46 +0000 (00:10 -0700)
In the near future, a folio will no longer pin its corresponding memory
cgroup.  To ensure safety, it will only be appropriate to hold the rcu
read lock or acquire a reference to the memory cgroup returned by
folio_memcg(), thereby preventing it from being released.

In the current patch, the rcu read lock is employed to safeguard against
the release of the memory cgroup in folio_split_queue_lock{_irqsave}().

Link: https://lore.kernel.org/ca2957c0df1126b2c71b40c738018fd5255525a6.1772711148.git.zhengqi.arch@bytedance.com
Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
Reviewed-by: Harry Yoo <harry.yoo@oracle.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Shakeel Butt <shakeel.butt@linux.dev>
Acked-by: David Hildenbrand (Red Hat) <david@kernel.org>
Acked-by: Muchun Song <muchun.song@linux.dev>
Cc: Allen Pais <apais@linux.microsoft.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Chengming Zhou <chengming.zhou@linux.dev>
Cc: Chen Ridong <chenridong@huawei.com>
Cc: Hamza Mahfooz <hamzamahfooz@linux.microsoft.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Imran Khan <imran.f.khan@oracle.com>
Cc: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Cc: Lance Yang <lance.yang@linux.dev>
Cc: Liam Howlett <Liam.Howlett@oracle.com>
Cc: Lorenzo Stoakes (Oracle) <ljs@kernel.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Michal Koutný <mkoutny@suse.com>
Cc: Mike Rapoport <rppt@kernel.org>
Cc: Muchun Song <songmuchun@bytedance.com>
Cc: Nhat Pham <nphamcs@gmail.com>
Cc: Roman Gushchin <roman.gushchin@linux.dev>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Usama Arif <usamaarif642@gmail.com>
Cc: Vlastimil Babka <vbabka@kernel.org>
Cc: Wei Xu <weixugc@google.com>
Cc: Yosry Ahmed <yosry@kernel.org>
Cc: Yuanchu Xie <yuanchu@google.com>
Cc: Zi Yan <ziy@nvidia.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
mm/huge_memory.c patch | blob | blame | history

diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index 958b580c661964a74ab1eb596a045a24fec07e76..970e077019b75a4ad140c6ac16d993544fc85298 100644 (file)
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -1218,13 +1218,29 @@ retry:
 
 static struct deferred_split *folio_split_queue_lock(struct folio *folio)
 {
-       return split_queue_lock(folio_nid(folio), folio_memcg(folio));
+       struct deferred_split *queue;
+
+       rcu_read_lock();
+       queue = split_queue_lock(folio_nid(folio), folio_memcg(folio));
+       /*
+        * The memcg destruction path is acquiring the split queue lock for
+        * reparenting. Once you have it locked, it's safe to drop the rcu lock.
+        */
+       rcu_read_unlock();
+
+       return queue;
 }
 
 static struct deferred_split *
 folio_split_queue_lock_irqsave(struct folio *folio, unsigned long *flags)
 {
-       return split_queue_lock_irqsave(folio_nid(folio), folio_memcg(folio), flags);
+       struct deferred_split *queue;
+
+       rcu_read_lock();
+       queue = split_queue_lock_irqsave(folio_nid(folio), folio_memcg(folio), flags);
+       rcu_read_unlock();
+
+       return queue;
 }
 
 static inline void split_queue_unlock(struct deferred_split *queue)
A mirror of Linus' kernel repository