From nobody Fri Dec 19 06:25:35 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA33DE728CF for ; Fri, 29 Sep 2023 18:31:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233681AbjI2Sb1 (ORCPT ); Fri, 29 Sep 2023 14:31:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51612 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233321AbjI2SbX (ORCPT ); Fri, 29 Sep 2023 14:31:23 -0400 Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 53DAA1A5; Fri, 29 Sep 2023 11:31:19 -0700 (PDT) Received: from pps.filterd (m0246630.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38TIJHTF008665; Fri, 29 Sep 2023 18:30:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : content-type : mime-version; s=corp-2023-03-30; bh=EIZ7sdQCBGkQhiWKIP/GTzDDyb7apb1qxOjwco3eXYw=; b=O3M36PrlJx2dbFP00G/auCZYAGN3pk42nTrRqykDhyG8Ubj9KVxaZExFwpWPfbzB31E4 D0QzLJ9uGh5ijLz0Ekg33LfQBk4Db/jphH0cjqQtQVbe3ejSOHFzxBbPL9dxAl5eu2Ix ed0eiIktGnRaiD3wOYDwwcx5o2t2TcX5nPfwV+VwsNE1+wFR7vxowfoxxt1ubmabohc6 VCJkRDSHrrcFVBQwZ2sGTGmDytUB3IFFxuYHqTjffj9fSIDGg/tiJi+MGMUjz9qX10WU GueCY8AeSei9K5qYlPKRY4tPMGNGaF/PHmaFW8mcdFbCl4G91DQtuB5rIpKZuoLSNLmB TQ== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3t9peef7w3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:30:54 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 38TIAbWv014718; Fri, 29 Sep 2023 18:30:53 GMT Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2100.outbound.protection.outlook.com [104.47.55.100]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3t9pfc7f51-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:30:53 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UL7p3mxMEomepMwIEcfAsZsNBRyFnnb2C7pLOdgS0ByyoTgZ6XbkYEersqxl3OSZyEQ19WHVz0npiKQH2EyvsMgBlNK3/vwL5a6+zyGS/J41YIgcfE0I3TT1TTPe3L4oeet54kqQvNDFPq8kl3i88VHd0lnQzmADv2rr981kEMp6vH7m+qK147Nlww5624mQAyrd8fyCWokDiI7xvDICiTDNkkahICm6xKwikNUtYFEe353ufPXkc66HTC5V6MIpltJB1lg+ghJRKwg2/RODUBEYWY4B8T6ue0kBrhoJRYrvEPsGFNdY4VcWUl4b94NQXl/tFQoinOGBqZmrSagQPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EIZ7sdQCBGkQhiWKIP/GTzDDyb7apb1qxOjwco3eXYw=; b=NpEQOyvHoJrUNKLBtEsHpEAAh/7/2xoLCCGfzQQwgAH7r19SeKYcqI3f+KTxj/x0ueo11lC6HOYPKwadRHEKs/x+OMAnt//cxOP/kbtiJh8Mqd6kBxdvToNkxCokkkDckvkj2SD4I4GFTZGHb4rIgvxGfMCKis5fqojCBhEpx6jLkumJmZ2A2SXfRWJnTV+2eILOLN4Jo9ivA3VBTouceW7ilRF35SRbUtsRcRA+6HVTzvmTnx5EXvBvGYG2ov3vnZS8nKHZbN7LWzrAq6UhxyKlBAYx8eFSP6GvehzG9SHOIKxCe0lGWyPHDWJ1MtAVHMRQSLdg7rM8vI1IV0s/GQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EIZ7sdQCBGkQhiWKIP/GTzDDyb7apb1qxOjwco3eXYw=; b=Nwcw2H+qylchfJiKysR0dGngn8J+7CHSNxcbnNHgM7546Tx0v1/GwzYKkeFcaj/FO1e6IU2dPDfmsnb8sW+sY0V+pZmilPmN9TFhKhHl8pDJ5Ru3WGZrb+enGqIMNEVo4J+Mq2wtfA80D+McEZC0oPreYbXGHbag/EWJCeYzh7g= Received: from SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) by CH0PR10MB7482.namprd10.prod.outlook.com (2603:10b6:610:18b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.35; Fri, 29 Sep 2023 18:30:50 +0000 Received: from SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa]) by SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa%4]) with mapi id 15.20.6813.027; Fri, 29 Sep 2023 18:30:50 +0000 From: "Liam R. Howlett" To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Jann Horn , Lorenzo Stoakes , Vlastimil Babka , Suren Baghdasaryan , Matthew Wilcox , "Liam R. Howlett" , stable@vger.kernel.org Subject: [PATCH v3 1/3] mmap: Fix vma_iterator in error path of vma_merge() Date: Fri, 29 Sep 2023 14:30:39 -0400 Message-Id: <20230929183041.2835469-2-Liam.Howlett@oracle.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230929183041.2835469-1-Liam.Howlett@oracle.com> References: <20230929183041.2835469-1-Liam.Howlett@oracle.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: YT4P288CA0005.CANP288.PROD.OUTLOOK.COM (2603:10b6:b01:d4::27) To SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN6PR10MB3022:EE_|CH0PR10MB7482:EE_ X-MS-Office365-Filtering-Correlation-Id: 1e6eb506-6251-4d7c-ef45-08dbc11a343c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: MZCNZ96h6VlBuC/KEY8679tumGpTa7z7Zy5QHwPdbEYpwLfG1SUiBgOMgz6nJshWG0tH70/KV5lctXTbn/EUXHj7d+CkA3hAEsUlxq0crQMFptMcqnF7Nb7e9mrUaVlU/NgnZoF1YFR/bqcP0fXzJ44CSoMFw7TQIZ5y7SBuqviIYyB1WNWXvoIwemj8XE41WOiLSSVdfFxQtNdOEXImCgWKtgzoMHSSy2RKIGkPCO4IKIFFDphY++JKy3xcRIRg8un93BZ0yXNdQqfWvvTbI+ES9qsgqsZcB1XclYhTb0o7JqD2/hzH76imL5K4FNieEji3pDvixiscjqQI/HVfoyhyY9VTE2NBKmrT6thmZ325nGACRCLbcd5Rx4hqWuiMUSIFNqKavJDXuo9dmhX9H7gy9RU0Uo5Z+4q+5n5jhQUHT0wwZJquP9HuYJD1ljzXevkIJzYfsuNiLcb9bdZXjH80Kw/iUhTs6y6UtzZoUcPzjQNleNS5GFhABXnCYeBggtD0Ns5WUnOMDkPWlpanCk2fYB+c0bPjOEyfV5+DtdeBwyeVqt29l6kcV6V+ynhv+UEeNvRKVFdxAlm6SyNsbhzhMe/gSGmFMums60HZkcI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR10MB3022.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(346002)(396003)(136003)(366004)(39860400002)(230922051799003)(64100799003)(451199024)(1800799009)(186009)(41300700001)(54906003)(316002)(6916009)(66946007)(8676002)(4326008)(8936002)(66476007)(66556008)(5660300002)(83380400001)(6666004)(966005)(478600001)(6506007)(26005)(6512007)(1076003)(2616005)(38100700002)(86362001)(36756003)(6486002)(2906002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?dvg0Fdf6I8yeM7DTVCpuxcqCFPcB1FgrmITrf8enQsWpe9aJo8dmiTmJ3cRp?= =?us-ascii?Q?l0Z4V89cKsAIRjPaMABlOhP5d0a5XB25wYvvBZ0JcNyxE/y1uJL5YFTj8STe?= =?us-ascii?Q?GFcPYjWvulko9Y+lYycNNWEyhWInzrd9Pj8i4r9XAodp6IEIvR58G3myJmOm?= =?us-ascii?Q?+LtlsVlqoPjgIXov5Cp0oLvq0OMZAkou0bgdRsh3LNZym4+XpKgjbpIgEI4p?= =?us-ascii?Q?ARnv7I8nzecOCiEtCRlXAVJEClefcmL8fBNGf1Oe4nb9A1f7QUN0B/GTA51Q?= =?us-ascii?Q?zbUtmgbgpe5V3G1hThfuTGaRN0Z8WTwmfN6sUisgeGDNvLBMn+7s5pcATrhk?= =?us-ascii?Q?+mJW0RDl6Ly65TqBbWKKhVtZQDXXgt1eKvcLKKmKjZgqyee7QbgAqJtbyJCm?= =?us-ascii?Q?BlWFlsjfE0BaJdfR9UhWEmKTIzinuZ+xX78rPAQ9xKzOVPUGqcMj2PDiKsgS?= =?us-ascii?Q?7GmMwEKF0TgRAoI/Uj4RS28dS0XSgV8Vy+Z2DF/NWoG4o+WBku0eNYKlxmOl?= =?us-ascii?Q?ZEuIl2qwJRXDJTBrAKwsCrguVgg/LExtFL/wDc9TBMqBchJqPdr6i+8vYCO3?= =?us-ascii?Q?Al5dXe2Eyk/V8bWuTq8pjbjfCoSzJADFYb+fQtsvWdG+SC+eUyitnq8dBrmk?= =?us-ascii?Q?qGhtV0PSyYph5tPhrY+TNR5Beqlp9Tz0eu9nGkL1SEFdCSAwIXlkIV8reC29?= =?us-ascii?Q?twfwaHIkCpzM11ObUxZajLy8fJwPTmts4ciyRNYuJFDAydwsIi6+oaDCoRGU?= =?us-ascii?Q?FExq09BQaFA65scLC1yUMWY91eihhZym7MANZ8OVRMKUZAuoHpVdg9zP2LOg?= =?us-ascii?Q?oRucJXgQVCepwgH4sfuLCXOnCe5D3YRN1aQnz/97+97VXoVjfblftS2JdgR8?= =?us-ascii?Q?WqakpTL8Alw/xXST3jI8duqpRpp1dWdbqP0X+0pHLkAksTifeLdIKDeVDYa7?= =?us-ascii?Q?XudeXG0UGlc70y41fbH9WQ/JVDDu3D5Lys1yAM35DZvQ+gQGD7tigeA2ykjI?= =?us-ascii?Q?UaAN+XuSVXo0a5S7Y40W5ogzAY80VWdYPULihQoEfnOd1SkgKeLvu4hDUVsy?= =?us-ascii?Q?XQPd1ZnYNPKuoakV2qUrKlQciJZi+MpNQKoTGXPOm7lrOSSLts2HDWHHnPSk?= =?us-ascii?Q?Rg/y4IZQWX1hLr+lrDSl5zK93QUUcjEOvx5AeWNUmvMmiS13Hq4zJcDniRPI?= =?us-ascii?Q?0zJjKPpxCbc9idhwg8MmObSWe5DYKYhd39iIWCg+s57lFGNQK+sGHyE7GWue?= =?us-ascii?Q?7YVWb3oUKBGWEWZLca3u31bGdDENf1zskhWlGVllSp3NmLgYv78V4g+4hVkV?= =?us-ascii?Q?6/AFD9TjfxgXTn0LA7y4VkRducLoKf26itODHd1l2jYIamfQTRMZ0WYrkVFw?= =?us-ascii?Q?LS7coGwalKhS2TxfuKjEWDHN7WkcKldlVr0cwvKqDmjDAyns8WUXKH/GlQRO?= =?us-ascii?Q?1AM35Na8PB3oKs2oABd7bhuKGmct1ApgqzY2hoKaHJXLLEpbdTx8UrfEU0R/?= =?us-ascii?Q?54PFipGLwEqFIrn/IFOoymmRnzByClGcMsngMtuOxetk0g0mZcTe+N/IlpdJ?= =?us-ascii?Q?7e81zxFIJeGeke/8Mg4LJupHcFxeSeYjrxqgzd1d?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: =?us-ascii?Q?bPVgEZT8cYWiZGmEYdedrCqVS6FkoreHbalcYzu+TBvCXjMte8jkTdUTJ67W?= =?us-ascii?Q?NkD3+TLT7lv/rndZqUq6OO08ZFwLFTep1txwGRmehspONJdMqlgZ4UE1T9gy?= =?us-ascii?Q?zlEhWtkQmYuMIuJkz9MOnhTmVQ2nMJIffPCzX1I5BJd/8s56J6aTRpcaa89Q?= =?us-ascii?Q?T/77zhfMS5YV90CAb7eKmFGKOAQGdGKft8dHSBZvaqRgu5kUW9viCkujwufE?= =?us-ascii?Q?o507L+QBbC1SgOhlZEWM5B18Gw6aWOc4VG0l6NG6GXi6E+QKvzlQmmmlQ6U9?= =?us-ascii?Q?3g6uEhCV5RT2YJ18wzu1e/Le3IMAjhHil5ccv6L+Ea74XE/hSRBVgdAyHAWS?= =?us-ascii?Q?A/1rT9fgIbR5Ao2ebSu5u3Fg0G3gW/eBOzYjdKV8iwNb3A4r7gS5YXf8WtHM?= =?us-ascii?Q?fNnRmZVHoQfyHTjTDcGFpBzRaoeyYp/2aERZjD9lRY415DVO5QIP1ikdUfX4?= =?us-ascii?Q?/ChTEETVQhKVcHgw/9VCsxLNaL3KARuy3U1LHg7yaVK16DJZjrqj328uN96H?= =?us-ascii?Q?N+qznwMOjgTWRE448IEZ4nJX6yp0XxrDyCNTAwVBGwuHiQXaZXvyGB6QVvIj?= =?us-ascii?Q?xoxQPkRcn//98KVlv1XEwC31VayZ6NByE6vlyNE3hbXWXVzHkPqYXZ2du9iM?= =?us-ascii?Q?tUzNHSvkbQaGl57MkGWUc9YUPiPQgmrIqZdat4YiFKCfjl8BaAa26vr8mINM?= =?us-ascii?Q?64xSyp8vhbhMsI0tjFAIxOh3Yyi8SSVMyAJFBZu42F3TIi/5U1pruvBt4UBP?= =?us-ascii?Q?kItU4nO0nutPYpB0/CpqygffAQhj4iFoW6MAy6CE1+dMpPG5bjyBC5TaFwwp?= =?us-ascii?Q?Z9XAss0ySWIu0pLN0azJGHqVbzmAh5CIEe5nbgEkc7VTdmBBb9Shu7q/vkGU?= =?us-ascii?Q?hQ3OjxNRITUKLzUW5Iz4gqMibNQMya24SrAQoPvTSViet9jrv4RWDqx+GAMH?= =?us-ascii?Q?9nb1FnevcA2rRkcyXA9yyw=3D=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1e6eb506-6251-4d7c-ef45-08dbc11a343c X-MS-Exchange-CrossTenant-AuthSource: SN6PR10MB3022.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Sep 2023 18:30:50.2985 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: NRJN1lODVj2TDzbeJjsHX0/Qwu9nNjTDQtSmCJ3wlE6DvbjGzFI8zopk1bkK+1YNbGQf/q/BYV/5Q2ttnf7crw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR10MB7482 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-29_16,2023-09-28_03,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 bulkscore=0 mlxscore=0 mlxlogscore=819 suspectscore=0 phishscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2309180000 definitions=main-2309290160 X-Proofpoint-ORIG-GUID: IVGQmONZVIyrJtu6GdSsP5v7YTlTu1HV X-Proofpoint-GUID: IVGQmONZVIyrJtu6GdSsP5v7YTlTu1HV Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" During the error path, the vma iterator may not be correctly positioned or set to the correct range. Undo the vma_prev() call by resetting to the passed in address. Re-walking to the same range will fix the range to the area previously passed in. Users would notice increased cycles as vma_merge() would be called an extra time with vma =3D=3D prev, and thus would fail to merge and return. Link: https://lore.kernel.org/linux-mm/CAG48ez12VN1JAOtTNMY+Y2YnsU45yL5giS-= Qn=3DejtiHpgJAbdQ@mail.gmail.com/ Closes: https://lore.kernel.org/linux-mm/CAG48ez12VN1JAOtTNMY+Y2YnsU45yL5gi= S-Qn=3DejtiHpgJAbdQ@mail.gmail.com/ Fixes: 18b098af2890 ("vma_merge: set vma iterator to correct position.") Cc: stable@vger.kernel.org Cc: Jann Horn Signed-off-by: Liam R. Howlett Acked-by: Vlastimil Babka Reviewed-by: Lorenzo Stoakes --- mm/mmap.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index b56a7f0c9f85..acb7dea49e23 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -975,7 +975,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *v= mi, struct mm_struct *mm, =20 /* Error in anon_vma clone. */ if (err) - return NULL; + goto anon_vma_fail; =20 if (vma_start < vma->vm_start || vma_end > vma->vm_end) vma_expanded =3D true; @@ -988,7 +988,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *v= mi, struct mm_struct *mm, } =20 if (vma_iter_prealloc(vmi, vma)) - return NULL; + goto prealloc_fail; =20 init_multi_vma_prep(&vp, vma, adjust, remove, remove2); VM_WARN_ON(vp.anon_vma && adjust && adjust->anon_vma && @@ -1016,6 +1016,12 @@ struct vm_area_struct *vma_merge(struct vma_iterator= *vmi, struct mm_struct *mm, vma_complete(&vp, vmi, mm); khugepaged_enter_vma(res, vm_flags); return res; + +prealloc_fail: +anon_vma_fail: + vma_iter_set(vmi, addr); + vma_iter_load(vmi); + return NULL; } =20 /* --=20 2.40.1 From nobody Fri Dec 19 06:25:35 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E9F9FE728D6 for ; Fri, 29 Sep 2023 18:31:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233592AbjI2Sb0 (ORCPT ); Fri, 29 Sep 2023 14:31:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232968AbjI2SbX (ORCPT ); Fri, 29 Sep 2023 14:31:23 -0400 Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D810A1A8; Fri, 29 Sep 2023 11:31:20 -0700 (PDT) Received: from pps.filterd (m0246632.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38TIJBea014141; Fri, 29 Sep 2023 18:30:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : content-type : mime-version; s=corp-2023-03-30; bh=GQCFQQrDB4sf0IsWat8O5FSMncreJxteifxHXWGhx+E=; b=K5fKt7fTk8QxdMyJprMpzeyOKR/SmJK8c3ZNM3WaVBY8oN4cZFYsFuj6mGwgIln3Vd+r u2/Zs6RCnUfPxzFHt2FxhdJJUccQ9+mNRKp0291EeuSUONJn8IMBL4EbXOYU3CW75u5T x0zVIa/z8njvrhTJfa6hqOhjwni+HCE9E6JJ1OspY+IPQOhVM8J7bgIgf/XbDeCPx+++ V7mibjLmnXf/5kIrdsAYFCk7OngkKE8ufTXvx4I4+e0+2PG+pHdVRGB0ljZnGPJfC6Ve A6l4gOT2r6rSlvt9I23SVpGqKfY0ERA0kOtKjnchpHHgB3SY2dKTbOzrtUMHxlyvIdL9 KQ== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3t9qmuqcca-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:30:56 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 38TI0Ot6014442; Fri, 29 Sep 2023 18:30:55 GMT Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2100.outbound.protection.outlook.com [104.47.55.100]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3t9pfc7f7c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:30:55 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kKExDybcUQdymgUsDwzNF09D48APFxhH7GdEdXX1ZYMPrnI95lIHcg7XAWGGfEkx2/y6U1PgqiBGP7y0xHD9rnyeqG/5KDc02/ZGl4ZeK9lIe7M1XUMoAi/ywec25CZP47Oje8tG4smBCPE16tDKkJnAtTE/C+N8KMOEi33CNWphXHfbQzjQbsHjYwWrqnIK2tdUafajZORckjEzP1Qarvw4exU2F8lO0i0rtgmrcmqUJdDhSJLnGgiSpfgSWy0RTgkk3vZ6tnBiWhiHF7cYH9mpIrJcFGeRn3Oo1j8U1rAkvaG0UNcB3IyG30UQW0BMuQd31wrgjYazVJVYv+QvwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GQCFQQrDB4sf0IsWat8O5FSMncreJxteifxHXWGhx+E=; b=k3cgoNtX0BZlMYLLN3DwuzywI08dNjxngbHoUl27vv0bpZo4QFrsZ1nlWRshoPqGR/wgCHq4D91GNcHeFay+MBmznpsDPuV0ZYfFdfKpkFIcwKsZ+T8CCO69q+pWiWgNH+MrtFLViAC1LZ1rg8YzUoy5amWTLL6f4eMxBJdpUXQS/OCp8FqNeFLgYnjF9xIh8DdB3Y8K20pqkNUoBwMVlcpxnDDI5n6YOwK663QkV4VvsvCKSPXV6p2fQfJFFjM66ehjIAhCcSExvHLAW1nKmzArxABMZxXFMi7A5LGgUeAn7zZ2zARZhnKSGr3y4m6y7M9KB4B2bk5iQ+wXh9qmUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GQCFQQrDB4sf0IsWat8O5FSMncreJxteifxHXWGhx+E=; b=qgQepXnruzA2jaIivpai40rznTsxZ+yG9XOX7x8Q9KiSr0KpfOedego+p3P5ngQ/MgclyB9ZyEUaAEdincMWOt0LFgRTc6SqLg5u17FzCLTnGorz3eBIyKiWAWELfgayroeVRuLw3+o2UIEPXLS5UoGadfTitisCPYzTX/UXN+k= Received: from SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) by CH0PR10MB7482.namprd10.prod.outlook.com (2603:10b6:610:18b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.35; Fri, 29 Sep 2023 18:30:52 +0000 Received: from SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa]) by SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa%4]) with mapi id 15.20.6813.027; Fri, 29 Sep 2023 18:30:52 +0000 From: "Liam R. Howlett" To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Jann Horn , Lorenzo Stoakes , Vlastimil Babka , Suren Baghdasaryan , Matthew Wilcox , "Liam R. Howlett" , stable@vger.kernel.org Subject: [PATCH v3 2/3] mmap: Fix error paths with dup_anon_vma() Date: Fri, 29 Sep 2023 14:30:40 -0400 Message-Id: <20230929183041.2835469-3-Liam.Howlett@oracle.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230929183041.2835469-1-Liam.Howlett@oracle.com> References: <20230929183041.2835469-1-Liam.Howlett@oracle.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: YT4P288CA0023.CANP288.PROD.OUTLOOK.COM (2603:10b6:b01:d4::24) To SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN6PR10MB3022:EE_|CH0PR10MB7482:EE_ X-MS-Office365-Filtering-Correlation-Id: 935d10c3-8e28-4a25-3419-08dbc11a3610 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: DnLZr1t/Ne92qL1pMz2t4Nt3YJ58AqTOKT2hkJYR9QCBFBmDWxrukADTeKce87MUrq+O22XV2BDs1MD/f3awN1ic58PlYikoamBUUlmj66q8o57cZzI5vPDFdvlbY/jHWa98Q39/xur74Pa1AwpElu0MI09YNjJ4IrIqEuab98Edk2vx18ZuMzv3vhLNoHrt2eWY9h3VX4tWlOIpggUl+qx5OYjGPOpqLiFIJEMi9vOdZPEMQ124102PhpwHZiM+qZ+vwI3QOngZ2qphJr9dqi717+tnr0HVlAnn8TfdIP8yJXvsX4dW5AK9f+D1H/KTDW3sEW9fQx4YHu4zQWM6qbMiuZK2PfIaFChLJc3NHuunaL11VxQzxpcJ1qo2s/CkkeYeBwehmFsLuIzn9nEVyoZaJbwoU1Ha2r/vfboWANgGHIENYv4zTRa5QVyAa2n1ghQ8Fc2T+/o4vBE9B9upoDcymIP6cydgGWfC5uvNfxmLE4aqa6rCI/Edyc6XLETaHnTjTWuwkXTa0gir1RB1+6e5RsoPwMIrw9F5YfnXg4UeWMS8pktE1lz8q4tJ8azcly+KNQw9Pu5gfOupDRRlKX8MNvzSKyeoD40oIOjwu6g= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR10MB3022.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(346002)(396003)(136003)(366004)(39860400002)(230922051799003)(64100799003)(451199024)(1800799009)(186009)(41300700001)(54906003)(316002)(6916009)(66946007)(8676002)(4326008)(8936002)(66476007)(66556008)(5660300002)(83380400001)(6666004)(478600001)(6506007)(26005)(6512007)(1076003)(2616005)(38100700002)(86362001)(36756003)(6486002)(2906002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?l+zogb8dGhDELDNZQtg/b6LjEl5l4Nuaulb66pwLdQFZPCjkAJZdcaVLVR31?= =?us-ascii?Q?L2W8283z03gVHF+/3agiHRGHSD23yU8wfb1pVq+BqCqnLhGoaNUpzEOGsc2x?= =?us-ascii?Q?x8zNxZggWyffxnUl90IT8+Q3OGCaP/bUTUjwYEySiA3W7Mpyouz6TLMDXzjg?= =?us-ascii?Q?ofYNE98KfBgEj9tM47Dx1zvVfHvGzZSzkc3WAkOO4W3q6PANNK6susdKtoAV?= =?us-ascii?Q?FLp0pZvg3AwYuwFWtNVmM2jL32A7iETDQrgzzEmwOCKpcJXStKfgDIY11mrE?= =?us-ascii?Q?6FJXNvxw7YboiWUIT1pnRU+ctIrgP98RyZEYV8R3wo2vhe1JmPi3bsMy5GoU?= =?us-ascii?Q?4eBreDi3NUsSPGyH5sq6DAOh3HlSVlGhSy1EW5NbF1Qem8h8h4FfVkEZIe8p?= =?us-ascii?Q?WMo4CRWraLSu0g4ZZnxV/apXikvF0dwH2cfwBl0s397GwqdF7S5I/t2a4Y0I?= =?us-ascii?Q?LY91Hr9jcF2Erya3CcQV2icfs5y0GntniZFup89SM0D7kUwtADgiV8eOjhIU?= =?us-ascii?Q?H1U8tGwIpUiHEkgSZbS9crvKg33tIwgYOoRf3+9yxJg3yqXsc1jSrxcgQRKU?= =?us-ascii?Q?/XRjzrSnITWaWGL7f4eQ0SMYR2YYVEmBTgFV3H2TujUErvh+Ehiv8NW86rG3?= =?us-ascii?Q?cgolKkhI+EwauZp3Iv+cqvlOJ0VC252aC8zD01eJGoqX/RQAX8ehSeKeRmh7?= =?us-ascii?Q?8o492m2B6ejt3yZe3S4uQO3jRZWnZPhcbl9ol+wLK0/2LsRoVqIKdzLdYxpr?= =?us-ascii?Q?e5yZ3DJPYC13g+pEBrB96UJCimlYW90bWhLevE1sR+jSCssBoXTlo2m2mAdF?= =?us-ascii?Q?5N67Ce4vzknM7PJb1Ex4HUB25lwQ7+vl6F1cI11qCSzqgsmYI2BfK6kAJP4h?= =?us-ascii?Q?06DCRLIru3F2no3pHNA3SfpCb01OS6Zk2DxPI5dPTWCZeA5Egh0ngF8N5tbL?= =?us-ascii?Q?+G/8vJSBbwRl09n8ztKApwLbKwmR7S/afA63+DDZhvFhMEqX2jKZUDb7txl/?= =?us-ascii?Q?oFjdJpeBWPGe9VglXyhmqN1V8Y1WJB9HsZSCxtMqQaDTvqEpDpbEFePezNqD?= =?us-ascii?Q?Ae5o07P2Hl/hTMihKFp41qc/oiSMWvPcWaVBLY7lRZixkfVZPW42z6GWr2oO?= =?us-ascii?Q?ZX+cu02ET9sh6oz5HkwM6o1DezGT0gCXpxk/+1z60dg+sQBxci2TP71Myr7f?= =?us-ascii?Q?5NfhcgIx2R5AkcpTynp9JezjOT5ZIQDohXB7vfZNwQZup3xonpqkfLfsfjCo?= =?us-ascii?Q?m0QUbUKbILDkB0fenbr59/RF+duad+SqbsKV59+8LTyI4XRucg8dkxJ5UkQ3?= =?us-ascii?Q?1bPxTONS7X96iSyjb2I0/Uykt4/gdzkfNO79mcmWGECHbBUIE6Il+r8g68Fw?= =?us-ascii?Q?Sl7l81fM1NQ1I8vxIRXLIcscv4SsYHE9+NmhINDiA0LPAtSpfVZt1dgIlQj2?= =?us-ascii?Q?jcGMEG6Q5wwqhNxmMZ5II6uIDLKhakFypcUEifBb8+KdfgrdfZJhBVjlrQgm?= =?us-ascii?Q?oXk87l4uN66dNnsHuygwyV1NmyfKP4TmVTULXNtQKXntfXQ18iMhKhP13G50?= =?us-ascii?Q?pUGGvWa5BON6wJY1M23CcfF2w2n4Eczqnwgcb4zf?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: =?us-ascii?Q?4S4VkMebMJF+I2zqSPJ4pJ/tCBeEjFwG2hPCTd55suUJmM459AZxE4DS9Cpd?= =?us-ascii?Q?LrESXel6RYD7PQCQRMfii4QjNZJJv5SytBCl/L+XkYkQPiw+M2d689PbatF3?= =?us-ascii?Q?ZwfxNMZjSdCa8tznksFQjXjpRN+s8olFhCUm6pUzvB6TvB8cO/iaGjDfUQQ5?= =?us-ascii?Q?N+fveDX5zFCSdvJRLmNLZVSa/mHglI6PbkLM3Jp9b5WhCGi0GFXzH+6r5U7+?= =?us-ascii?Q?wccB0Udpp1f64FeO5e3uuHe7uTwwrBkB4gWIKHgPunrSI9fx7cujHmg3xg7G?= =?us-ascii?Q?thlP2jPoIvbSAAZT6S3XeQnKPjC4IbQs/TKPBfyNb7ZimrAUPMv5IeKC0ApW?= =?us-ascii?Q?Nd5HMJJnK7j1kTyisOtfr9RSUcQpg1SkWQmsCw76+r1xox+l52jSA9Egtes2?= =?us-ascii?Q?Z0t+pSsgFTKasp3dpUX7uFpGySC+rAXQCOlC4+7FBpcyhZev1rwJRLURWLoC?= =?us-ascii?Q?52y1jqiEMfrrDfTGSxTJqam2nyr7lMAoOkGSk/hyryV2nole8NJqTmPkw+Uu?= =?us-ascii?Q?y1xtjHlcBdv34W3vN0NEFuA4ghui7Sv4nZVZm5suXNe/lItS8iMqEK5xrphM?= =?us-ascii?Q?HmK1721l8WIz9RzTd7KOIPTghzINBV5vXWJv61hemMjFtGrABRSd70PRSoe/?= =?us-ascii?Q?YqkaaI9a2J4198pAMqwJVfl/Rz88fAfYLKXRZS9vsIJ/4gDoqVASQJZRj5ju?= =?us-ascii?Q?LFJHIR6ppUBbicXMXzxKn+eJzSNfSQT76VGC3McHeVUC+1WjGc4V/4+4QS14?= =?us-ascii?Q?xZywk7O06M9YgaogeyrDXA6KcDCOwV6WyEGedVjn6fEyveFfli8W09ntxbuD?= =?us-ascii?Q?Fel33YCWXoqu+TpS4mZWVyeVtLbr1z3FLg69BEUH7uiM3uZIkzlp1SABBdtY?= =?us-ascii?Q?71bbMj9pM40P0UvHZRpsytwHWMBnsqwebR4MDzMeuaSgC5cfpQpkLLwlxqoO?= =?us-ascii?Q?3vvROGQFp9F/xM+3gWK4Hg=3D=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 935d10c3-8e28-4a25-3419-08dbc11a3610 X-MS-Exchange-CrossTenant-AuthSource: SN6PR10MB3022.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Sep 2023 18:30:52.5034 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Q5dSuGunbf8O6xQ++SQJKVrGQwp5NgdZTLIP6iPhayNBj8+02mdI6v+YuIfMDJ8s0s381j6hVVm88gGGwL4Emw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR10MB7482 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-29_16,2023-09-28_03,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 bulkscore=0 mlxscore=0 mlxlogscore=939 suspectscore=0 phishscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2309180000 definitions=main-2309290160 X-Proofpoint-GUID: qGKedXrmf0HFkzM0JaFUnsA7PO3Z4LSM X-Proofpoint-ORIG-GUID: qGKedXrmf0HFkzM0JaFUnsA7PO3Z4LSM Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" When the calling function fails after the dup_anon_vma(), the duplication of the anon_vma is not being undone. Add the necessary unlink_anon_vma() call to the error paths that are missing them. This issue showed up during inspection of the error path in vma_merge() for an unrelated vma iterator issue. Users may experience increased memory usage, which may be problematic as the failure would likely be caused by a low memory situation. Fixes: d4af56c5c7c6 ("mm: start tracking VMAs with maple tree") Cc: stable@vger.kernel.org Cc: Jann Horn Signed-off-by: Liam R. Howlett Acked-by: Vlastimil Babka Reviewed-by: Lorenzo Stoakes --- mm/mmap.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index acb7dea49e23..f9f0a5fe4db4 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -583,11 +583,12 @@ static inline void vma_complete(struct vma_prepare *v= p, * dup_anon_vma() - Helper function to duplicate anon_vma * @dst: The destination VMA * @src: The source VMA + * @dup: Pointer to the destination VMA when successful. * * Returns: 0 on success. */ static inline int dup_anon_vma(struct vm_area_struct *dst, - struct vm_area_struct *src) + struct vm_area_struct *src, struct vm_area_struct **dup) { /* * Easily overlooked: when mprotect shifts the boundary, make sure the @@ -595,9 +596,15 @@ static inline int dup_anon_vma(struct vm_area_struct *= dst, * anon pages imported. */ if (src->anon_vma && !dst->anon_vma) { + int ret; + vma_assert_write_locked(dst); dst->anon_vma =3D src->anon_vma; - return anon_vma_clone(dst, src); + ret =3D anon_vma_clone(dst, src); + if (ret) + return ret; + + *dup =3D dst; } =20 return 0; @@ -624,6 +631,7 @@ int vma_expand(struct vma_iterator *vmi, struct vm_area= _struct *vma, unsigned long start, unsigned long end, pgoff_t pgoff, struct vm_area_struct *next) { + struct vm_area_struct *anon_dup =3D NULL; bool remove_next =3D false; struct vma_prepare vp; =20 @@ -633,7 +641,7 @@ int vma_expand(struct vma_iterator *vmi, struct vm_area= _struct *vma, =20 remove_next =3D true; vma_start_write(next); - ret =3D dup_anon_vma(vma, next); + ret =3D dup_anon_vma(vma, next, &anon_dup); if (ret) return ret; } @@ -661,6 +669,8 @@ int vma_expand(struct vma_iterator *vmi, struct vm_area= _struct *vma, return 0; =20 nomem: + if (anon_dup) + unlink_anon_vmas(anon_dup); return -ENOMEM; } =20 @@ -860,6 +870,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *v= mi, struct mm_struct *mm, { struct vm_area_struct *curr, *next, *res; struct vm_area_struct *vma, *adjust, *remove, *remove2; + struct vm_area_struct *anon_dup =3D NULL; struct vma_prepare vp; pgoff_t vma_pgoff; int err =3D 0; @@ -927,18 +938,18 @@ struct vm_area_struct *vma_merge(struct vma_iterator = *vmi, struct mm_struct *mm, vma_start_write(next); remove =3D next; /* case 1 */ vma_end =3D next->vm_end; - err =3D dup_anon_vma(prev, next); + err =3D dup_anon_vma(prev, next, &anon_dup); if (curr) { /* case 6 */ vma_start_write(curr); remove =3D curr; remove2 =3D next; if (!next->anon_vma) - err =3D dup_anon_vma(prev, curr); + err =3D dup_anon_vma(prev, curr, &anon_dup); } } else if (merge_prev) { /* case 2 */ if (curr) { vma_start_write(curr); - err =3D dup_anon_vma(prev, curr); + err =3D dup_anon_vma(prev, curr, &anon_dup); if (end =3D=3D curr->vm_end) { /* case 7 */ remove =3D curr; } else { /* case 5 */ @@ -954,7 +965,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *v= mi, struct mm_struct *mm, vma_end =3D addr; adjust =3D next; adj_start =3D -(prev->vm_end - addr); - err =3D dup_anon_vma(next, prev); + err =3D dup_anon_vma(next, prev, &anon_dup); } else { /* * Note that cases 3 and 8 are the ONLY ones where prev @@ -968,7 +979,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *v= mi, struct mm_struct *mm, vma_pgoff =3D curr->vm_pgoff; vma_start_write(curr); remove =3D curr; - err =3D dup_anon_vma(next, curr); + err =3D dup_anon_vma(next, curr, &anon_dup); } } } @@ -1018,6 +1029,9 @@ struct vm_area_struct *vma_merge(struct vma_iterator = *vmi, struct mm_struct *mm, return res; =20 prealloc_fail: + if (anon_dup) + unlink_anon_vmas(anon_dup); + anon_vma_fail: vma_iter_set(vmi, addr); vma_iter_load(vmi); --=20 2.40.1 From nobody Fri Dec 19 06:25:35 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5272DE728CF for ; Fri, 29 Sep 2023 18:31:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233849AbjI2Sbk (ORCPT ); Fri, 29 Sep 2023 14:31:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57378 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233599AbjI2Sbc (ORCPT ); Fri, 29 Sep 2023 14:31:32 -0400 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4B5511B0 for ; Fri, 29 Sep 2023 11:31:30 -0700 (PDT) Received: from pps.filterd (m0333521.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38TIJlB8014029; Fri, 29 Sep 2023 18:31:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : content-transfer-encoding : content-type : mime-version; s=corp-2023-03-30; bh=5nil0SxwBCPntCRyXfe7xa/INjPoi9AoymhBJu9NOEU=; b=t5jtwpR2VWFCDzEvo22hpoeWcepeS9QqsP2ycSgxAd60vdnTBTMoVTyq+4DBNCN/MquM 5mB9L3dAR0f1knpVQw2JP4o3rQFg8H+kT1mFfOcOJqPD9I9/KcFqRlKssKexTyDsmPyV d+9iqPKEFIFZazKAPskmgI6qRjOZYB7Rkwe+S8VjhYQ/Zor+ncCDjTSjt8eHuAR26e3M DGCn6rrx1NBOZsZY0yMMFa200toJqh8ACfLq0KGAT2FThAhs+L5h2szKKVa6ic935Enh H+UMgqPXY1lVmQH6+/wE4lQui+Yp0INCzI6d2/Rh2JAo4grG9s/h9xIw9tyC2iQkutkv Kg== Received: from iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta03.appoci.oracle.com [130.35.103.27]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3t9pxc7gu7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:31:02 +0000 Received: from pps.filterd (iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 38TI5Sut025499; Fri, 29 Sep 2023 18:31:01 GMT Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2101.outbound.protection.outlook.com [104.47.55.101]) by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 3t9pfhphv5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Sep 2023 18:31:00 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SV7ZxLqPnabUm5DYiIEWx7olipSiq77EWyl/6NKD2r8L0QIJ+apdKtVBpfN1At9fRgadzC4nuUTOGtH6AprDe8okU6RwXK5tt5EeIDBKq3KMLHyrcQv+p2+q5BzZWqJe8/kRf40vMh6qmUSYqRmxtSKRqXBVHnxPSGcjq1ngDoBB8UsNxYe/8ljpMo8JqvNJcLHvGQof0ukbbEgvblJLlrisLfbnx4ZvQoPiEkyHvjNxgJ4WRCHmNq0+1AX+Fzf6Az/aOOFjAdklA5mOlujfTEvQeiGvuNaA3UQ1hUcVp0BQn6GaQC6Oww5M5RngnGEctWOauyRfw5Apzf766kUJXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5nil0SxwBCPntCRyXfe7xa/INjPoi9AoymhBJu9NOEU=; b=fF7qWDvYn2QToDfHOlkX1iG1V4OveFr94zczp/eeEngqUsyJ6LL8HG2N/1YhRIk19PlCpi/Ofzhn1cAH60jAOCbEF6g3rIiHRe7pmjhpWcsMj6cM8yT7C26VOI4kXIEwhlLE0rRhkhS0Hzu5Jvapf3szI0ty3+a7RA5jLaBQW/y5VTHDzK8uG1F74E4bqplr3hFyVqvGDfV2l4BKMZc0ZoH9dHDfSXk0xQNaiDhtqD36V0Z98PABvRy85RwgQZq+XZh+b7Mx3/GOuVecKWpMl3UshHypi6T27eqj/4Py2zV+uexI60IRIKVpU1WglHBD6hONHPJL91D7Q4pXUGtILA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5nil0SxwBCPntCRyXfe7xa/INjPoi9AoymhBJu9NOEU=; b=vi/EqlkfkpnJwKsUqSYTumEu4oJYf/nKJ6RmVuDZXdCJt+VJ7u6r46OUnzXlZNUTUP3ww7EiED7NIqVjjpm+JU1KziObzijg14O4jxaSziA/d/lKO9VZT7R0D0XkcQgYqiM7i0Vc8RAYq//qTuSLZSC7BwjCUYxSAy4tTefM+E4= Received: from SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) by CH0PR10MB7482.namprd10.prod.outlook.com (2603:10b6:610:18b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.35; Fri, 29 Sep 2023 18:30:57 +0000 Received: from SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa]) by SN6PR10MB3022.namprd10.prod.outlook.com ([fe80::8979:3e3f:c3e0:8dfa%4]) with mapi id 15.20.6813.027; Fri, 29 Sep 2023 18:30:54 +0000 From: "Liam R. Howlett" To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Jann Horn , Lorenzo Stoakes , Vlastimil Babka , Suren Baghdasaryan , Matthew Wilcox , "Liam R. Howlett" Subject: [PATCH v3 3/3] mmap: Add clarifying comment to vma_merge() code Date: Fri, 29 Sep 2023 14:30:41 -0400 Message-Id: <20230929183041.2835469-4-Liam.Howlett@oracle.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230929183041.2835469-1-Liam.Howlett@oracle.com> References: <20230929183041.2835469-1-Liam.Howlett@oracle.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: YT4PR01CA0063.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:111::15) To SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN6PR10MB3022:EE_|CH0PR10MB7482:EE_ X-MS-Office365-Filtering-Correlation-Id: 8a4db761-7c3a-4a21-a5c8-08dbc11a378d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZN7hMbEK4yJdt5qnh5dUT+t84eR8XaVXIPdKoX6LFHVPK8rWwK/KuDrAdnADIqQ4qZWbS1DKKc+GKL5PhTN0dSVAadtXEaoMRJC3EN33BeB3BXoS0jg5+81IPZmQmTzGAE0lasjABdNWclaU2qTQydDVaQs4EUfpiCR/JYVK7G7OkP3pBuB09VaUuYPLUbw+PYOPsAuvg6s+8/PGnnsujXZY+23Eww+G6jlaAwmQncX6bey2fPJszXnIYGR2jf5Gih+n0oIO9gguuduN5vKst53nne9kkXQZCwOszMi03r/vIsMfG+F/+od2IgSayh0ao94KYbvID+uZAQsie7xyygtv5fmrOG9PmNPAwhx526OBBh/14PkNzYNoiOItj2mF2L2YBMzCAL+njNkt/JVwrF9fzkZKaPOuudSRFAU69SZfwr621KUllc+VhHUVi1DWn8TIHIaouO/3Brdp0suQDmyQj/GveN34T/zzzd5/KyESItUlaRUwkeXj04hQe0QCk1PT0fWIjid+u+x79Pu0IfuhgIR2Q6fd2ox6G5fHV2cObyg3VhgWymbP4bHWp62LQXZ97cjShwsm4PclXUQ51/eexU5MsCrJtLY222LLMuU= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR10MB3022.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(346002)(396003)(136003)(366004)(39860400002)(230922051799003)(64100799003)(451199024)(1800799009)(186009)(41300700001)(54906003)(316002)(6916009)(66946007)(8676002)(4326008)(8936002)(66476007)(66556008)(5660300002)(6666004)(4744005)(966005)(478600001)(6506007)(26005)(6512007)(1076003)(107886003)(2616005)(38100700002)(86362001)(36756003)(6486002)(2906002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?QCMbe91uvGZ6VIcPH/JNVWUmQdpwjLFl57rFdUvU5vVuaUPlm26fuehWM2Ux?= =?us-ascii?Q?+M4cQiaecBqBEKHgPd3+8DgZoziTzaEyIB1D1n2FS2GnwjIcpYP/VkRGgv3l?= =?us-ascii?Q?dV1E9aiRsL23OU/I+MNMYK4zRoBX425bUgs6Vvtw0wNt1wX3MppY9XSEWYEw?= =?us-ascii?Q?IfL38iUh+4Bi5Z7nrUNXgGkMOvCuDz3zoUwP5THAmOFdW6m4q25f8qxL73QU?= =?us-ascii?Q?jrUKZQ6hLRSvOn24vX5jEJ6r4s/9XLba2bzEL76oUPUvcv4/nSh5otz412gF?= =?us-ascii?Q?W5xSZdHhpJVYs9+vknjfcV1IBbWya5G61Quk/lUGWqSJQ9ha9Wvnk72O99H4?= =?us-ascii?Q?hD/ejgtbtXgYZnMGrPH6Zm0Km9PrIDTxQtY5erBRr37oWWDkQ5jb7cczRZAJ?= =?us-ascii?Q?o33AsWDFlqWlOJJGM0ApjhjasQTNhz76SrbEW9tOdk6s0N+mSCTdhozPalaZ?= =?us-ascii?Q?hW5kjAQXui2vssKakQkEsQ/ztIBxIWZge/W/+8pw4XC8dO8Zv3h2dfRVi31T?= =?us-ascii?Q?TCEKFBmI9x+A7wc4W5dL6sDveZv0E4ayU1VrnR8z0gTXYqfs1ca/CFmo9HIa?= =?us-ascii?Q?6UOy9zQ244TkLIIXLLT2ox5+3ugUGfaSXd73c5LcLqC3OkIOyJcXKcOI9ER1?= =?us-ascii?Q?PW6TTTAqvUBrnS5209G8LGjiv3hy73WA8v1ajxmZcC4vZeTwL/7XpcR7yZY5?= =?us-ascii?Q?hZGhQEdWvPcIT3SA/9aYlJ0KNwO4XijCXiHFqiZT20U4aeNc9Eog9rT9/Qc6?= =?us-ascii?Q?nzWC6JSUUXsaGIXW6K9hKvZyZKL1VLqnEN238Sk9O1n9Nj0Dbeh6uPJTzDVA?= =?us-ascii?Q?EMT9p6UCLwR5US6Q5xe/8iplWvC7XAvV8GnxWbdMQ3MRjQGPvbWo33j4gYnv?= =?us-ascii?Q?c6vG3Egta/mM0+KJ/8Vo1lCkNHAk7zpEx4qgYVj9oQDEAs1ypq9VAtfYMIXk?= =?us-ascii?Q?+OvmfEM2zcIhfhneYCYcCzULT/ai/AdsKCLI40b/0oB/ORhRhXAEzBAnQpw1?= =?us-ascii?Q?cEeSY7I40JZKSaca1ayaaruV7nM9rh/OihtwhDakBfeNn4Y+ykrmqcF5943D?= =?us-ascii?Q?n6mvYwfDmZderJFlZ9aOpNqRnnn7qTl+1EO3E3qVfb/uldr9sIWP1u0hmWOp?= =?us-ascii?Q?bpKtxVE+3RBBu8k8PcStUEmj1E7wzFIvHNMb6MNUn4kY/V2o5BlOlqrPN0Yy?= =?us-ascii?Q?RySppoluDxECLor9Zl+3sxZaFvXskPW999GEzTYls7S9++P8/97pCKdOP+Od?= =?us-ascii?Q?8lYG74WnHOgj4YQDoYsHRV97Xft3QTR5F2B3ya8Z+hX6RXnDCrfJrY7TtwAO?= =?us-ascii?Q?CKP6xP2cR4R+yF1aalnPgWk9XuggX88mcipqNxSr5dHanqjQJze/Xtj4X+Kp?= =?us-ascii?Q?yt+QpY8Y8bJ94ViPuab6Me4+nI4FVan4oxOhsMBtdyI7nUmtVfzQFCBmaaBS?= =?us-ascii?Q?MJr0STiWPKzMwzvWFpYm4PMTCD3uGYcnDZ3eHxalRCpL0Qk/W8GXN27Alzbn?= =?us-ascii?Q?x3rJ4WZYZJnwNrWDNkae5ru27QDR38sV6qM9OIfZO1L0r0r7Y8DyTujYY1Tp?= =?us-ascii?Q?xFsHbhORV6SDJRo/mUOga9SUH//TEvZkqN2HofIw?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: =?us-ascii?Q?WGHm2YKBV1X+loiI8abPoVnlspK9xDfjFBtIZeR+xNkleWmn/UOu8TkO1Xkq?= =?us-ascii?Q?pJG/9IRWtLdN+0R/jlKiaYp0NQO18iqb9MsT9w2NzDzMJw5fybAA2nfZg7yO?= =?us-ascii?Q?E1MsVASeXlmfoJTcU0P7jbCswMt2qteE6S3R8sJZDJI4A1q3O/JD3qwZltlQ?= =?us-ascii?Q?Vtcys8fTWf6d22oAQG28UXODMoseexgD7QoORfUv20CrCzziod8VkIaGaJVq?= =?us-ascii?Q?ORGnrywx/d0beIM/RX0MSBWugs4UHLKBF3kPL9PFujV4ZR4S9Xx4ecpkLKgh?= =?us-ascii?Q?IYwiQC8x8gQSwTsWhvxY5lXy3yaH22/E8gfUf/pbozkjz/3ZFF/OP9XSuwlG?= =?us-ascii?Q?lgl+/MKrinWe7c3tRYvemh/c+ovo0Q5euPnnYYIxKHYTscefmmiRQ9h2gfuI?= =?us-ascii?Q?SC+Q56PT/tjdt4hEhhqu5Fkr99p4KjkSU8nHArgnFreCSbYSQXs2wSsaEYDn?= =?us-ascii?Q?h0Rs8YcakGacpKlVBEsIqisVRWukVqtoJyeANTKLBxM/6Ki16tMv3AOTQ/oD?= =?us-ascii?Q?YkniEc6FClEbYP0ITDERDhAfHvMBVDddGcbfYSfXfgyLhpVtgrCj4NVa/Rbu?= =?us-ascii?Q?c2cTakTrPnTa5bLDBrzYQJWWFswdbtunYRYjpjDutNuWcS5Q14Hi1vCprL+p?= =?us-ascii?Q?GuKMgBL9LCrJ69muFDnzk4ISBzRBRE587yCMXV0Zw2IYBv0AnoQfB28Hb3RP?= =?us-ascii?Q?hgOllFo8CWpvbV6XTnbf4wik+xSHvo0C/HlG+sYHAtp8oelm4E7ArsAeHIUY?= =?us-ascii?Q?Au2EN7Bo4OJFojGDXnTbBeUcPLONAfrfWW/Vs4VdFQGC3/xP8b4w46WvcAum?= =?us-ascii?Q?Pk0z676eLnM8AZEzqlhrRAQUX0GO87SyBS4bHBioc1a9FQK5y7rl4K7su3OH?= =?us-ascii?Q?hJ9pnnichkGYHSFr9k/OwSgo6VFiNXwreTHAhccYaJNw5A00wkV/iD5t02Zp?= =?us-ascii?Q?3Iw2UgAjqb6JDtRuu/SyoA=3D=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8a4db761-7c3a-4a21-a5c8-08dbc11a378d X-MS-Exchange-CrossTenant-AuthSource: SN6PR10MB3022.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Sep 2023 18:30:54.9544 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ujGEhjsRzfrA3VhUzmqXLT9VdcFe3zQqMohGuxEet5ovlsW3+FY8hFHPLaRlydMHxpxE1XU1tpYex/lDCsJMFw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR10MB7482 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-29_16,2023-09-28_03,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 phishscore=0 mlxscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 suspectscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2309180000 definitions=main-2309290160 X-Proofpoint-GUID: T2udX_rXcYI9ZNWQXCW4brP5RmhRsUfJ X-Proofpoint-ORIG-GUID: T2udX_rXcYI9ZNWQXCW4brP5RmhRsUfJ Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" When tracing through the code in vma_merge(), it was not completely clear why the error return to a dup_anon_vma() call would not overwrite a previous attempt to the same function. This commit adds a comment specifying why it is safe. Suggested-by: Jann Horn Link: https://lore.kernel.org/linux-mm/CAG48ez3iDwFPR=3DEd1BfrNuyUJPMK_=3DS= tjxhUsCkL6po1s7bONg@mail.gmail.com/ Signed-off-by: Liam R. Howlett Acked-by: Vlastimil Babka Reviewed-by: Lorenzo Stoakes --- mm/mmap.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mm/mmap.c b/mm/mmap.c index f9f0a5fe4db4..9967acbd070f 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -943,6 +943,11 @@ struct vm_area_struct *vma_merge(struct vma_iterator *= vmi, struct mm_struct *mm, vma_start_write(curr); remove =3D curr; remove2 =3D next; + /* + * Note that the dup_anon_vma below cannot overwrite err + * since the first caller would do nothing unless next + * has an anon_vma. + */ if (!next->anon_vma) err =3D dup_anon_vma(prev, curr, &anon_dup); } --=20 2.40.1