mm/hmm: fix uninitialized use of 'entry' in hmm_vma_walk_pmd()
authorRalph Campbell <rcampbell@nvidia.com>
Thu, 1 Feb 2018 00:20:30 +0000 (16:20 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 1 Feb 2018 01:18:40 +0000 (17:18 -0800)
The variable 'entry' is used before being initialized in
hmm_vma_walk_pmd().

No bad effect (beside performance hit) so !non_swap_entry(0) evaluate to
true which trigger a fault as if CPU was trying to access migrated
memory and migrate memory back from device memory to regular memory.

This function (hmm_vma_walk_pmd()) is called when a device driver tries
to populate its own page table.  For migrated memory it should not
happen as the device driver should already have populated its page table
correctly during the migration.

Only case I can think of is multi-GPU where a second GPU triggers
migration back to regular memory.  Again this would just result in a
performance hit, nothing bad would happen.

Link: http://lkml.kernel.org/r/20180122185759.26286-1-jglisse@redhat.com
Signed-off-by: Ralph Campbell <rcampbell@nvidia.com>
Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/hmm.c

index ea19742a5d60b1a6270629a024d88a13b9c5f3c1..979211c7ccc81d30af4cf18cd2830d2cb1a12828 100644 (file)
--- a/mm/hmm.c
+++ b/mm/hmm.c
@@ -418,7 +418,7 @@ again:
                }
 
                if (!pte_present(pte)) {
-                       swp_entry_t entry;
+                       swp_entry_t entry = pte_to_swp_entry(pte);
 
                        if (!non_swap_entry(entry)) {
                                if (hmm_vma_walk->fault)
@@ -426,8 +426,6 @@ again:
                                continue;
                        }
 
-                       entry = pte_to_swp_entry(pte);
-
                        /*
                         * This is a special swap entry, ignore migration, use
                         * device and report anything else as error.