Commit bc2d33b
committed
mm/huge_memory: drop beyond-EOF folios with the right number of refs
commit 14efb47
Author: Zi Yan <[email protected]>
Date: Mon Mar 10 11:57:27 2025 -0400
mm/huge_memory: drop beyond-EOF folios with the right number of refs
When an after-split folio is large and needs to be dropped due to EOF,
folio_put_refs(folio, folio_nr_pages(folio)) should be used to drop all
page cache refs. Otherwise, the folio will not be freed, causing memory
leak.
This leak would happen on a filesystem with blocksize > page_size and a
truncate is performed, where the blocksize makes folios split to >0 order
ones, causing truncated folios not being freed.
Link: https://lkml.kernel.org/r/[email protected]
Fixes: c010d47 ("mm: thp: split huge page to any lower order pages")
Signed-off-by: Zi Yan <[email protected]>
Reported-by: Hugh Dickins <[email protected]>
Closes: https://lore.kernel.org/all/[email protected]/
Cc: Baolin Wang <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: John Hubbard <[email protected]>
Cc: Kefeng Wang <[email protected]>
Cc: Kirill A. Shuemov <[email protected]>
Cc: Luis Chamberalin <[email protected]>
Cc: Matthew Wilcow (Oracle) <[email protected]>
Cc: Miaohe Lin <[email protected]>
Cc: Pankaj Raghav <[email protected]>
Cc: Ryan Roberts <[email protected]>
Cc: Yang Shi <[email protected]>
Cc: Yu Zhao <[email protected]>
Cc: <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
CVE: CVE-2025-22000
JIRA: https://issues.redhat.com/browse/RHEL-77742
Signed-off-by: Nico Pache <[email protected]>1 parent f7e8b5c commit bc2d33b
1 file changed
+1
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
3298 | 3298 | | |
3299 | 3299 | | |
3300 | 3300 | | |
3301 | | - | |
| 3301 | + | |
3302 | 3302 | | |
3303 | 3303 | | |
3304 | 3304 | | |
| |||
0 commit comments