On Thu, Jun 11, 2026 at 8:59 PM Muchun Song <[email protected]> wrote: > > __hugetlb_vmemmap_optimize_folios() uses incorrect arguments when handling > bootmem HugeTLB folios. > > The section number passed to register_page_bootmem_memmap() is derived from > the vmemmap virtual address of folio->page instead of the folio PFN, so the > bootmem memmap metadata can be registered against the wrong section. The > helper is also given HUGETLB_VMEMMAP_RESERVE_SIZE even though it expects a > page count, not a size in bytes. In addition, the write-protect range is > based on pages_per_huge_page(h), which does not cover the full HugeTLB > vmemmap area and can leave part of the shared tail vmemmap mapping writable. > > Fix the section lookup to use folio_pfn(folio), use > HUGETLB_VMEMMAP_RESERVE_PAGES when registering the reserved memmap pages, and > use hugetlb_vmemmap_size(h) for the write-protect range. > > Fixes: 752fe17af693 ("mm/hugetlb: add pre-HVO framework") > Cc: [email protected] > Signed-off-by: Muchun Song <[email protected]> > Acked-by: Oscar Salvador <[email protected]> > --- > mm/hugetlb_vmemmap.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/mm/hugetlb_vmemmap.c b/mm/hugetlb_vmemmap.c > index c713c0d2593a..ea6af85bfec1 100644 > --- a/mm/hugetlb_vmemmap.c > +++ b/mm/hugetlb_vmemmap.c > @@ -635,12 +635,12 @@ static void __hugetlb_vmemmap_optimize_folios(struct > hstate *h, > * mirrored tail page structs RO. > */ > spfn = (unsigned long)&folio->page; > - epfn = spfn + pages_per_huge_page(h); > + epfn = spfn + hugetlb_vmemmap_size(h); > vmemmap_wrprotect_hvo(spfn, epfn, folio_nid(folio), > HUGETLB_VMEMMAP_RESERVE_SIZE); > - register_page_bootmem_memmap(pfn_to_section_nr(spfn), > + > register_page_bootmem_memmap(pfn_to_section_nr(folio_pfn(folio)), > &folio->page, > - HUGETLB_VMEMMAP_RESERVE_SIZE); > + HUGETLB_VMEMMAP_RESERVE_PAGES); > continue; > } >
Thanks for fixing my mistakes! Reviewed-by: Frank van der Linden <[email protected]>
