The quilt patch titled Subject: mm/huge_memory: don't ignore queried cachemode in vmf_insert_pfn_pud() has been removed from the -mm tree. Its filename was mm-huge_memory-dont-ignore-queried-cachemode-in-vmf_insert_pfn_pud.patch
This patch was dropped because it was merged into the mm-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------ From: David Hildenbrand david@redhat.com Subject: mm/huge_memory: don't ignore queried cachemode in vmf_insert_pfn_pud() Date: Fri, 13 Jun 2025 11:27:00 +0200
Patch series "mm/huge_memory: vmf_insert_folio_*() and vmf_insert_pfn_pud() fixes", v3.
While working on improving vm_normal_page() and friends, I stumbled over this issues: refcounted "normal" folios must not be marked using pmd_special() / pud_special(). Otherwise, we're effectively telling the system that these folios are no "normal", violating the rules we documented for vm_normal_page().
Fortunately, there are not many pmd_special()/pud_special() users yet. So far there doesn't seem to be serious damage.
Tested using the ndctl tests ("ndctl:dax" suite).
This patch (of 3):
We set up the cache mode but ... don't forward the updated pgprot to insert_pfn_pud().
Only a problem on x86-64 PAT when mapping PFNs using PUDs that require a special cachemode.
Fix it by using the proper pgprot where the cachemode was setup.
It is unclear in which configurations we would get the cachemode wrong: through vfio seems possible. Getting cachemodes wrong is usually ... bad. As the fix is easy, let's backport it to stable.
Identified by code inspection.
Link: https://lkml.kernel.org/r/20250613092702.1943533-1-david@redhat.com Link: https://lkml.kernel.org/r/20250613092702.1943533-2-david@redhat.com Fixes: 7b806d229ef1 ("mm: remove vmf_insert_pfn_xxx_prot() for huge page-table entries") Signed-off-by: David Hildenbrand david@redhat.com Reviewed-by: Dan Williams dan.j.williams@intel.com Reviewed-by: Lorenzo Stoakes lorenzo.stoakes@oracle.com Reviewed-by: Jason Gunthorpe jgg@nvidia.com Reviewed-by: Oscar Salvador osalvador@suse.de Tested-by: Dan Williams dan.j.williams@intel.com Cc: Alistair Popple apopple@nvidia.com Cc: Baolin Wang baolin.wang@linux.alibaba.com Cc: Dev Jain dev.jain@arm.com Cc: Liam Howlett liam.howlett@oracle.com Cc: Mariano Pache npache@redhat.com Cc: Michal Hocko mhocko@suse.com Cc: Mike Rapoport rppt@kernel.org Cc: Ryan Roberts ryan.roberts@arm.com Cc: Suren Baghdasaryan surenb@google.com Cc: Vlastimil Babka vbabka@suse.cz Cc: Zi Yan ziy@nvidia.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org ---
mm/huge_memory.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)
--- a/mm/huge_memory.c~mm-huge_memory-dont-ignore-queried-cachemode-in-vmf_insert_pfn_pud +++ a/mm/huge_memory.c @@ -1516,10 +1516,9 @@ static pud_t maybe_pud_mkwrite(pud_t pud }
static void insert_pfn_pud(struct vm_area_struct *vma, unsigned long addr, - pud_t *pud, pfn_t pfn, bool write) + pud_t *pud, pfn_t pfn, pgprot_t prot, bool write) { struct mm_struct *mm = vma->vm_mm; - pgprot_t prot = vma->vm_page_prot; pud_t entry;
if (!pud_none(*pud)) { @@ -1581,7 +1580,7 @@ vm_fault_t vmf_insert_pfn_pud(struct vm_ pfnmap_setup_cachemode_pfn(pfn_t_to_pfn(pfn), &pgprot);
ptl = pud_lock(vma->vm_mm, vmf->pud); - insert_pfn_pud(vma, addr, vmf->pud, pfn, write); + insert_pfn_pud(vma, addr, vmf->pud, pfn, pgprot, write); spin_unlock(ptl);
return VM_FAULT_NOPAGE; @@ -1625,7 +1624,7 @@ vm_fault_t vmf_insert_folio_pud(struct v add_mm_counter(mm, mm_counter_file(folio), HPAGE_PUD_NR); } insert_pfn_pud(vma, addr, vmf->pud, pfn_to_pfn_t(folio_pfn(folio)), - write); + vma->vm_page_prot, write); spin_unlock(ptl);
return VM_FAULT_NOPAGE; _
Patches currently in -mm which might be from david@redhat.com are
mm-balloon_compaction-we-cannot-have-isolated-pages-in-the-balloon-list.patch mm-balloon_compaction-convert-balloon_page_delete-to-balloon_page_finalize.patch mm-zsmalloc-drop-pageisolated-related-vm_bug_ons.patch mm-page_alloc-let-page-freeing-clear-any-set-page-type.patch mm-balloon_compaction-make-pageoffline-sticky-until-the-page-is-freed.patch mm-zsmalloc-make-pagezsmalloc-sticky-until-the-page-is-freed.patch mm-migrate-rename-isolate_movable_page-to-isolate_movable_ops_page.patch mm-migrate-rename-putback_movable_folio-to-putback_movable_ops_page.patch mm-migrate-factor-out-movable_ops-page-handling-into-migrate_movable_ops_page.patch mm-migrate-remove-folio_test_movable-and-folio_movable_ops.patch mm-migrate-move-movable_ops-page-handling-out-of-move_to_new_folio.patch mm-zsmalloc-stop-using-__clearpagemovable.patch mm-balloon_compaction-stop-using-__clearpagemovable.patch mm-migrate-remove-__clearpagemovable.patch mm-migration-remove-pagemovable.patch mm-rename-__pagemovable-to-page_has_movable_ops.patch mm-page_isolation-drop-__folio_test_movable-check-for-large-folios.patch mm-remove-__folio_test_movable.patch mm-stop-storing-migration_ops-in-page-mapping.patch mm-convert-movable-flag-in-page-mapping-to-a-page-flag.patch mm-rename-pg_isolated-to-pg_movable_ops_isolated.patch mm-page-flags-rename-page_mapping_movable-to-page_mapping_anon_ksm.patch mm-page-alloc-remove-pagemappingflags.patch mm-page-flags-remove-folio_mapping_flags.patch mm-simplify-folio_expected_ref_count.patch mm-rename-page_mapping_-to-folio_mapping_.patch docs-mm-convert-from-non-lru-page-migration-to-movable_ops-page-migration.patch mm-balloon_compaction-movable_ops-doc-updates.patch mm-balloon_compaction-provide-single-balloon_page_insert-and-balloon_mapping_gfp_mask.patch mm-convert-fpb_ignore_-into-fpb_respect_.patch mm-smaller-folio_pte_batch-improvements.patch mm-split-folio_pte_batch-into-folio_pte_batch-and-folio_pte_batch_flags.patch mm-remove-boolean-output-parameters-from-folio_pte_batch_ext.patch mm-memory-introduce-is_huge_zero_pfn-and-use-it-in-vm_normal_page_pmd.patch