On Thu, Jun 09, 2022 at 11:11:54AM +0100, Will Deacon wrote:
On Thu, Jun 09, 2022 at 11:44:09AM +0800, Kefeng Wang wrote:
On 2022/6/9 10:49, Vasily Averin wrote:
mem_cgroup_from_obj(): ffff80000836cf40: d503245f bti c ffff80000836cf44: d503201f nop ffff80000836cf48: d503201f nop ffff80000836cf4c: d503233f paciasp ffff80000836cf50: d503201f nop ffff80000836cf54: d2e00021 mov x1, #0x1000000000000 // #281474976710656 ffff80000836cf58: 8b010001 add x1, x0, x1 ffff80000836cf5c: b25657e4 mov x4, #0xfffffc0000000000 // #-4398046511104 ffff80000836cf60: d34cfc21 lsr x1, x1, #12 ffff80000836cf64: d37ae421 lsl x1, x1, #6 ffff80000836cf68: 8b040022 add x2, x1, x4 ffff80000836cf6c: f9400443 ldr x3, [x2, #8]
x5 : ffff80000a96f000 x4 : fffffc0000000000 x3 : ffff80000ad5e680 x2 : fffffe00002bc240 x1 : 00000200002bc240 x0 : ffff80000af09740
x0 = 0xffff80000af09740 is an argument of mem_cgroup_from_obj() according to System.map it is init_net
This issue is caused by calling virt_to_page() on address of static variable init_net. Arm64 consider that addresses of static variables are not valid virtual addresses. On x86_64 the same API works without any problem.
This just depends on whether or not the kernel is running out of the linear mapping or not. On arm64, we use the vmalloc area for the kernel image and so virt_to_page() won't work, just like it won't work for modules on other architectures.
How are module addresses handled by mem_cgroup_from_obj()?
It doesn't look like they are handled in any way. It just expects the pointer to be a linear map one. Something like below:
diff --git a/mm/memcontrol.c b/mm/memcontrol.c index 27cebaa53472..795bf3673fa7 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -2860,6 +2860,11 @@ struct mem_cgroup *mem_cgroup_from_obj(void *p) if (mem_cgroup_disabled()) return NULL;
+ if (is_module_address((unsigned long)p)) + return NULL; + else if (is_kernel((unsigned long)p)) + return NULL; + folio = virt_to_folio(p);
/*