On Wed, Aug 13, 2025 at 02:02:07PM +0200, Pratyush Yadav wrote:

On Wed, Aug 13 2025, Greg KH wrote:

quoted

On Tue, Aug 12, 2025 at 11:34:37PM -0700, Vipin Sharma wrote:

quoted

On 2025-08-07 01:44:35, Pasha Tatashin wrote:

quoted

From: Pratyush Yadav <redacted>
+static void memfd_luo_unpreserve_folios(const struct memfd_luo_preserved_folio *pfolios,
+					unsigned int nr_folios)
+{
+	unsigned int i;
+
+	for (i = 0; i < nr_folios; i++) {
+		const struct memfd_luo_preserved_folio *pfolio = &pfolios[i];
+		struct folio *folio;
+
+		if (!pfolio->foliodesc)
+			continue;
+
+		folio = pfn_folio(PRESERVED_FOLIO_PFN(pfolio->foliodesc));
+
+		kho_unpreserve_folio(folio);

This one is missing WARN_ON_ONCE() similar to the one in
memfd_luo_preserve_folios().

So you really want to cause a machine to reboot and get a CVE issued for
this, if it could be triggered?  That's bold :)

Please don't.  If that can happen, handle the issue and move on, don't
crash boxes.

Why would a WARN() crash the machine? That is what BUG() does, not
WARN().

See 'panic_on_warn' which is enabled in a few billion Linux systems
these days :(