linux/kernel/power
Pavankumar Kondeti b21f18ef96 PM: hibernate: Fix copying the zero bitmap to safe pages
The following crash is observed 100% of the time during resume from
the hibernation on a x86 QEMU system.

[   12.931887]  ? __die_body+0x1a/0x60
[   12.932324]  ? page_fault_oops+0x156/0x420
[   12.932824]  ? search_exception_tables+0x37/0x50
[   12.933389]  ? fixup_exception+0x21/0x300
[   12.933889]  ? exc_page_fault+0x69/0x150
[   12.934371]  ? asm_exc_page_fault+0x26/0x30
[   12.934869]  ? get_buffer.constprop.0+0xac/0x100
[   12.935428]  snapshot_write_next+0x7c/0x9f0
[   12.935929]  ? submit_bio_noacct_nocheck+0x2c2/0x370
[   12.936530]  ? submit_bio_noacct+0x44/0x2c0
[   12.937035]  ? hib_submit_io+0xa5/0x110
[   12.937501]  load_image+0x83/0x1a0
[   12.937919]  swsusp_read+0x17f/0x1d0
[   12.938355]  ? create_basic_memory_bitmaps+0x1b7/0x240
[   12.938967]  load_image_and_restore+0x45/0xc0
[   12.939494]  software_resume+0x13c/0x180
[   12.939994]  resume_store+0xa3/0x1d0

The commit being fixed introduced a bug in copying the zero bitmap
to safe pages. A temporary bitmap is allocated with PG_ANY flag in
prepare_image() to make a copy of zero bitmap after the unsafe pages
are marked. Freeing this temporary bitmap with PG_UNSAFE_KEEP later
results in an inconsistent state of unsafe pages. Since free bit is
left as is for this temporary bitmap after free, these pages are
treated as unsafe pages when they are allocated again. This results
in incorrect calculation of the number of pages pre-allocated for the
image.

nr_pages = (nr_zero_pages + nr_copy_pages) - nr_highmem - allocated_unsafe_pages;

The allocate_unsafe_pages is estimated to be higher than the actual
which results in running short of pages in safe_pages_list. Hence the
crash is observed in get_buffer() due to NULL pointer access of
safe_pages_list.

Fix this issue by creating the temporary zero bitmap from safe pages
(free bit not set) so that the corresponding free bits can be cleared
while freeing this bitmap.

Fixes: 005e8dddd4 ("PM: hibernate: don't store zero pages in the image file")
Suggested-by:: Brian Geffon <bgeffon@google.com>
Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com>
Reviewed-by: Brian Geffon <bgeffon@google.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2023-10-04 20:43:44 +02:00
..
autosleep.c PM: sleep: fix typos in comments 2021-04-08 19:37:21 +02:00
console.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
energy_model.c PM: EM: fix memory leak with using debugfs_lookup() 2023-02-09 20:36:10 +01:00
hibernate.c PM: hibernate: Fix the exclusive get block device in test_resume mode 2023-09-12 11:45:15 +02:00
Kconfig PM: sleep: Remove "select SRCU" 2023-01-20 17:53:07 +01:00
main.c - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
Makefile PM: sleep: Narrow down -DDEBUG on kernel/power/ files 2022-04-13 16:34:01 +02:00
power.h PM: hibernate: Rename function parameter from snapshot_test to exclusive 2023-09-12 11:45:15 +02:00
poweroff.c tty: sysrq: switch sysrq handlers from int to u8 2023-07-25 19:21:03 +02:00
process.c workqueue: Introduce show_freezable_workqueues 2023-03-23 15:55:38 -10:00
qos.c PM: QoS: Add check to make sure CPU latency is non-negative 2023-08-22 21:37:29 +02:00
snapshot.c PM: hibernate: Fix copying the zero bitmap to safe pages 2023-10-04 20:43:44 +02:00
suspend_test.c PM: suspend: fix return value of __setup handler 2022-03-01 18:55:07 +01:00
suspend.c Scheduler changes for v6.1: 2022-10-10 09:10:28 -07:00
swap.c PM: hibernate: Rename function parameter from snapshot_test to exclusive 2023-09-12 11:45:15 +02:00
user.c freezer: Have {,un}lock_system_sleep() save/restore flags 2022-09-07 21:53:48 +02:00
wakelock.c PM: wakeup: simplify the output logic of pm_show_wakelocks() 2022-01-25 18:27:02 +01:00