On Thu, Aug 05, 2021 at 09:06:57AM +0800, Yunsheng Lin wrote:
As mentioned in commit c07aea3ef4d4 ("mm: add a signature in struct page"): "The page->signature field is aliased to page->lru.next and page->compound_head."
And as the comment in page_is_pfmemalloc(): "lru.next has bit 1 set if the page is allocated from the pfmemalloc reserves. Callers may simply overwrite it if they do not need to preserve that information."
The page->signature is or’ed with PP_SIGNATURE when a page is allocated in page pool, see __page_pool_alloc_pages_slow(), and page->signature is checked directly with PP_SIGNATURE in page_pool_return_skb_page(), which might cause resoure leaking problem for a page from page pool if bit 1 of lru.next is set for a pfmemalloc page.
As bit 0 is page->compound_head, So mask both bit 0 and 1 before the checking in page_pool_return_skb_page().
No, you don't understand. We *want* the check to fail if we were low on memory so we return the emergency allocation.