On 8/19/21 6:27 AM, Mike Rapoport wrote:
Such PMDs are created when free_kernel_image_pages() frees regions larger than 2Mb. In this case a part of the freed memory is mapped with PMDs and the set_memory_np_noalias() -> ... -> __change_page_attr() sequence will mark the PMD as not present rather than wipe it completely.
Make kern_addr_valid() to check whether higher level page table entries are present before trying to dereference them to fix this issue and to avoid similar issues in the future.
Reported-by: Jiri Olsa jolsa@redhat.com Signed-off-by: Mike Rapoport rppt@linux.ibm.com Cc: stable@vger.kernel.org # 4.4... pmd = pmd_offset(pud, addr);
- if (pmd_none(*pmd))
- if (!pmd_present(*pmd)) return 0;
Yeah, that seems like the right fix. The one kern_addr_valid() user is going to touch the memory so it *better* be present. p*d_none() was definitely the wrong check.
Acked-by: Dave Hansen dave.hansen@intel.com