hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8S9BY CVE: NA -------------------------------- With mmap with flag MAP_NORESERVE, resv_huge_pages will not be checked during mmap, this may allow user to mmap for more huge pages than are currently available, without failing at the mmap stage. During actual allocation, if free_huge_pages is zero while pool->freelist remains non-zero (as it contains splittable huge pages), this scenario will trigger an underflow of free_huge_pages. To Fix this, check free_huge_pages before allocate hugepages. Fixes: 8ce9d44df8ec ("mm/dynamic_pool: support HugeTLB page allocation from dpool") Signed-off-by: Wupeng Ma <mawupeng1@huawei.com> --- mm/dynamic_pool.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/dynamic_pool.c b/mm/dynamic_pool.c index 063fb6092401..cdd97bdfc8ac 100644 --- a/mm/dynamic_pool.c +++ b/mm/dynamic_pool.c @@ -919,6 +919,9 @@ struct folio *dynamic_pool_alloc_hugepage(struct hugetlbfs_inode_info *p, if (!dpool->online) goto unlock; + if (!pool->free_huge_pages) + goto unlock; + list_for_each_entry(folio, &pool->freelist, lru) { if (folio_test_hwpoison(folio)) continue; -- 2.43.0