mm/page_alloc: explicitly acquire the zone lock in __free_pages_ok

__free_pages_ok() disables IRQs before calling a common helper
free_one_page() that acquires the zone lock.  This is not safe according
to Documentation/locking/locktypes.rst and in this context, IRQ disabling
is not protecting a per_cpu_pages structure either or a local_lock would
be used.

This patch explicitly acquires the lock with spin_lock_irqsave instead of
relying on a helper.  This removes the last instance of local_irq_save()
in page_alloc.c.

Link: https://lkml.kernel.org/r/20210512095458.30632-8-mgorman@techsingularity.net
Signed-off-by: Mel Gorman <mgorman@techsingularity.net>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Jesper Dangaard Brouer <brouer@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index 161bcda..f1a51c1 100644 (file)
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -1590,21 +1590,21 @@ static void __free_pages_ok(struct page *page, unsigned int order,
        unsigned long flags;
        int migratetype;
        unsigned long pfn = page_to_pfn(page);
+       struct zone *zone = page_zone(page);
 
        if (!free_pages_prepare(page, order, true, fpi_flags))
                return;
 
        migratetype = get_pfnblock_migratetype(page, pfn);
 
-       /*
-        * TODO FIX: Disable IRQs before acquiring IRQ-safe zone->lock
-        * and protect vmstat updates.
-        */
-       local_irq_save(flags);
+       spin_lock_irqsave(&zone->lock, flags);
        __count_vm_events(PGFREE, 1 << order);
-       free_one_page(page_zone(page), page, pfn, order, migratetype,
-                     fpi_flags);
-       local_irq_restore(flags);
+       if (unlikely(has_isolate_pageblock(zone) ||
+               is_migrate_isolate(migratetype))) {
+               migratetype = get_pfnblock_migratetype(page, pfn);
+       }
+       __free_one_page(page, pfn, zone, order, migratetype, fpi_flags);
+       spin_unlock_irqrestore(&zone->lock, flags);
 }
 
 void __free_pages_core(struct page *page, unsigned int order)