If we allocate a new page, we need to make sure that our folio matches that new page. If we don't, we store the wrong folio in the shmem page cache which will lead to data corruption. This problem will be solved by changing shmem_replace_page() to shmem_replace_folio(), but this patch is the minimal fix.
Fixes: da08e9b79323 ("mm/shmem: convert shmem_swapin_page() to shmem_swapin_folio()") Cc: stable@vger.kernel.org Signed-off-by: Matthew Wilcox (Oracle) willy@infradead.org Reviewed-by: William Kucharski william.kucharski@oracle.com --- mm/shmem.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/mm/shmem.c b/mm/shmem.c index e975fcd9d2e1..4ae43cffeda3 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1780,6 +1780,7 @@ static int shmem_swapin_folio(struct inode *inode, pgoff_t index,
if (shmem_should_replace_folio(folio, gfp)) { error = shmem_replace_page(&page, gfp, info, index); + folio = page_folio(page); if (error) goto failed; }