arch/riscv/mm/pageattr.c | 6 ++++++ 1 file changed, 6 insertions(+)
During page table walking, ensure the range being processed matches
the expected size of a leaf entry (P4D, PUD, or PMD). While pxd_addr_end()
functions handle boundary checks, they do not inherently validate whether
the entry is a leaf node of the expected size.
Add WARN_ON_ONCE() to detect misalignments or partial updates of huge
pages. If a mismatch is detected, return -EINVAL to prevent potential
corruption of page table entries.
Signed-off-by: Austin Kim <austindh.kim@gmail.com>
---
arch/riscv/mm/pageattr.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/riscv/mm/pageattr.c b/arch/riscv/mm/pageattr.c
index 3f76db3d2..1461bf77f 100644
--- a/arch/riscv/mm/pageattr.c
+++ b/arch/riscv/mm/pageattr.c
@@ -32,6 +32,8 @@ static int pageattr_p4d_entry(p4d_t *p4d, unsigned long addr,
p4d_t val = p4dp_get(p4d);
if (p4d_leaf(val)) {
+ if (WARN_ON_ONCE((next - addr) != P4D_SIZE))
+ return -EINVAL;
val = __p4d(set_pageattr_masks(p4d_val(val), walk));
set_p4d(p4d, val);
}
@@ -45,6 +47,8 @@ static int pageattr_pud_entry(pud_t *pud, unsigned long addr,
pud_t val = pudp_get(pud);
if (pud_leaf(val)) {
+ if (WARN_ON_ONCE((next - addr) != PUD_SIZE))
+ return -EINVAL;
val = __pud(set_pageattr_masks(pud_val(val), walk));
set_pud(pud, val);
}
@@ -58,6 +62,8 @@ static int pageattr_pmd_entry(pmd_t *pmd, unsigned long addr,
pmd_t val = pmdp_get(pmd);
if (pmd_leaf(val)) {
+ if (WARN_ON_ONCE((next - addr) != PMD_SIZE))
+ return -EINVAL;
val = __pmd(set_pageattr_masks(pmd_val(val), walk));
set_pmd(pmd, val);
}
--
2.34.1Hi Austin, On Mon, 20 Apr 2026, Austin Kim wrote: > During page table walking, ensure the range being processed matches > the expected size of a leaf entry (P4D, PUD, or PMD). While pxd_addr_end() > functions handle boundary checks, they do not inherently validate whether > the entry is a leaf node of the expected size. > > Add WARN_ON_ONCE() to detect misalignments or partial updates of huge > pages. If a mismatch is detected, return -EINVAL to prevent potential > corruption of page table entries. > > Signed-off-by: Austin Kim <austindh.kim@gmail.com> Is this in response to a failure mode that you've seen? Or is it simply prophylactic? Seems like a better place for this might be in common code, so other architectures could benefit as well? - Paul
Hello Paul,
2026년 5월 23일 (토) 오전 8:34, Paul Walmsley <pjw@kernel.org>님이 작성:
>
> Hi Austin,
>
> On Mon, 20 Apr 2026, Austin Kim wrote:
>
> > During page table walking, ensure the range being processed matches
> > the expected size of a leaf entry (P4D, PUD, or PMD). While pxd_addr_end()
> > functions handle boundary checks, they do not inherently validate whether
> > the entry is a leaf node of the expected size.
> >
> > Add WARN_ON_ONCE() to detect misalignments or partial updates of huge
> > pages. If a mismatch is detected, return -EINVAL to prevent potential
> > corruption of page table entries.
> >
> > Signed-off-by: Austin Kim <austindh.kim@gmail.com>
>
> Is this in response to a failure mode that you've seen? Or is it simply
> prophylactic?
>
> Seems like a better place for this might be in common code, so other
> architectures could benefit as well?
The answer is that this change is mainly prophylactic,
although it was tested on a RISC-V board to make sure
it does not introduce any unexpected side effects.
The pageattr_p4d_entry() function is registered as a callback
and is called from the page walker code:
mm/pagewalk.c
static int walk_p4d_range(pgd_t *pgd, unsigned long addr,
unsigned long end,
struct mm_walk *walk)
{
...
if (ops->p4d_entry) {
err = ops->p4d_entry(p4d, addr, next, walk);
With the current code flow, this condition should not be reachable in
normal operation.
The WARN_ON() is intended to catch unexpected situations if the page
walker behavior changes
in the future or if related code is modified.
I will also look for a more common place where a similar check
could be implemented so that other architectures may benefit as well.
Thank you for your feedback.
BR,
Austin Kim
>
>
> - Paul
© 2016 - 2026 Red Hat, Inc.