[PATCH 6.17 189/247] mm/huge_memory: fix folio split check for anon folios in swapcache

21 Nov 2025

6.17-stable review patch.  If anyone has any objections, please let me know.
------------------
From: Zi Yan ziy@nvidia.com
commit f1d47cafe513b5552a5b20a7af0936d9070a8a78 upstream.
Both uniform and non uniform split check missed the check to prevent
splitting anon folios in swapcache to non-zero order.
Splitting anon folios in swapcache to non-zero order can cause data
corruption since swapcache only support PMD order and order-0 entries.
This can happen when one use split_huge_pages under debugfs to split
anon folios in swapcache.
In-tree callers do not perform such an illegal operation.  Only debugfs
interface could trigger it.  I will put adding a test case on my TODO
list.
Fix the check.
Link: https://lkml.kernel.org/r/20251105162910.752266-1-ziy@nvidia.com
Fixes: 58729c04cf10 ("mm/huge_memory: add buddy allocator like (non-uniform) folio_split()")
Signed-off-by: Zi Yan ziy@nvidia.com
Reported-by: "David Hildenbrand (Red Hat)" david@kernel.org
Closes: https://lore.kernel.org/all/dc0ecc2c-4089-484f-917f-920fdca4c898@kernel.org/
Acked-by: David Hildenbrand (Red Hat) david@kernel.org
Cc: Baolin Wang baolin.wang@linux.alibaba.com
Cc: Barry Song baohua@kernel.org
Cc: Dev Jain dev.jain@arm.com
Cc: Lance Yang lance.yang@linux.dev
Cc: Liam Howlett liam.howlett@oracle.com
Cc: Lorenzo Stoakes lorenzo.stoakes@oracle.com
Cc: Nico Pache npache@redhat.com
Cc: Ryan Roberts ryan.roberts@arm.com
Cc: Wei Yang richard.weiyang@gmail.com
Cc: stable@vger.kernel.org
Signed-off-by: Andrew Morton akpm@linux-foundation.org
Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
---
 mm/huge_memory.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -3529,7 +3529,8 @@ bool non_uniform_split_supported(struct
    	/* order-1 is not supported for anonymous THP. */
    	VM_WARN_ONCE(warns && new_order == 1,
    			"Cannot split to order-1 folio");
-		return new_order != 1;
+		if (new_order == 1)
+			return false;
    } else if (IS_ENABLED(CONFIG_READ_ONLY_THP_FOR_FS) &&
        !mapping_large_folio_support(folio->mapping)) {
    	/*
@@ -3560,7 +3561,8 @@ bool uniform_split_supported(struct foli
    if (folio_test_anon(folio)) {
    	VM_WARN_ONCE(warns && new_order == 1,
    			"Cannot split to order-1 folio");
-		return new_order != 1;
+		if (new_order == 1)
+			return false;
    } else  if (new_order) {
    	if (IS_ENABLED(CONFIG_READ_ONLY_THP_FOR_FS) &&
    	    !mapping_large_folio_support(folio->mapping)) {

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

[PATCH 6.17 189/247] mm/huge_memory: fix folio split check for anon folios in swapcache