From nobody Mon Feb  9 18:43:38 2026
Received: from canpmsgout11.his.huawei.com (canpmsgout11.his.huawei.com
 [113.46.200.226])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E813D41C63;
	Wed, 22 Oct 2025 02:11:55 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=113.46.200.226
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761099119; cv=none;
 b=rGT9mAjx1ZHSlQQJ0xyJ8O7hQOAKsyaNWue8J9Hgupy0aiSLxP8SnRfB/2o9PdJGhxqClE3JtJU0ApusbVFlnBLpAJ31X1wzVL7s0EZ9fdYTB1tFCD9Wq+bN5t5TzWrAZPROSM/JMpbFZV4hhPjdwBxvqBgiV85n2ZNNTWO4gdM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761099119; c=relaxed/simple;
	bh=YifzcWsjpzEVgSPEy8A/GO4eVjnm/W9pZHCsm4vIWKI=;
	h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=fuVQACqNBlartpzw8fL+lOHmRcCwKcP9r7ggppd3eUNqazd5+9rbVXZY2ZXQTpzWmAWGQD9vQu28KpK+2CjKLK6uG78OP0ZivGpdy75suF/s2tExTKl6ovutucuIgukYIgUAUxZMWkg+/pXxQTwXWRwK9Mbq2IxchZPdx6BX5KY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=huawei.com;
 spf=pass smtp.mailfrom=huawei.com;
 dkim=pass (1024-bit key) header.d=huawei.com header.i=@huawei.com
 header.b=coGH3cAr; arc=none smtp.client-ip=113.46.200.226
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=huawei.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=huawei.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=huawei.com header.i=@huawei.com
 header.b="coGH3cAr"
dkim-signature: v=1; a=rsa-sha256; d=huawei.com; s=dkim;
	c=relaxed/relaxed; q=dns/txt;
	h=From;
	bh=m0g2Tit+t0KaSuBahYX8uTLv+x58iBusRW9fvYB4ykI=;
	b=coGH3cArhFSTMbmte+lW61TyTXmINiAET6yVssbW8ajYHx054fLbh0vIRJ4QQ8jq36LAzGTMo
	0mT2kREshIjjUDtxPkaX1UNYPG0CUN5dAf9fLjsrmkmPe15AeAVq5fe+wbV8iuEXc6/NPxHTfXM
	O9L7RdYZSvIuwKs2aXhuJuY=
Received: from mail.maildlp.com (unknown [172.19.163.44])
	by canpmsgout11.his.huawei.com (SkyGuard) with ESMTPS id 4crt29226KzKmcv;
	Wed, 22 Oct 2025 10:11:29 +0800 (CST)
Received: from dggemv712-chm.china.huawei.com (unknown [10.1.198.32])
	by mail.maildlp.com (Postfix) with ESMTPS id 903181402CA;
	Wed, 22 Oct 2025 10:11:53 +0800 (CST)
Received: from kwepemq200001.china.huawei.com (7.202.195.16) by
 dggemv712-chm.china.huawei.com (10.1.198.32) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.11; Wed, 22 Oct 2025 10:11:52 +0800
Received: from localhost.huawei.com (10.90.31.46) by
 kwepemq200001.china.huawei.com (7.202.195.16) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.11; Wed, 22 Oct 2025 10:11:51 +0800
From: Chenghai Huang <huangchenghai2@huawei.com>
To: <gregkh@linuxfoundation.org>, <zhangfei.gao@linaro.org>,
	<wangzhou1@hisilicon.com>
CC: <linux-kernel@vger.kernel.org>, <linux-crypto@vger.kernel.org>,
	<fanghao11@huawei.com>, <shenyang39@huawei.com>, <liulongfang@huawei.com>,
	<qianweili@huawei.com>, <linwenkai6@hisilicon.com>
Subject: [PATCH v4 3/4] uacce: implement mremap in uacce_vm_ops to return
 -EPERM
Date: Wed, 22 Oct 2025 10:11:48 +0800
Message-ID: <20251022021149.1771168-4-huangchenghai2@huawei.com>
X-Mailer: git-send-email 2.33.0
In-Reply-To: <20251022021149.1771168-1-huangchenghai2@huawei.com>
References: <20251022021149.1771168-1-huangchenghai2@huawei.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: kwepems500001.china.huawei.com (7.221.188.70) To
 kwepemq200001.china.huawei.com (7.202.195.16)
Content-Type: text/plain; charset="utf-8"

From: Yang Shen <shenyang39@huawei.com>

The current uacce_vm_ops does not support the mremap operation of
vm_operations_struct. Implement .mremap to return -EPERM to remind
users.

The reason we need to explicitly disable mremap is that when the
driver does not implement .mremap, it uses the default mremap
method. This could lead to a risk scenario:

An application might first mmap address p1, then mremap to p2,
followed by munmap(p1), and finally munmap(p2). Since the default
mremap copies the original vma's vm_private_data (i.e., q) to the
new vma, both munmap operations would trigger vma_close, causing
q->qfr to be freed twice(qfr will be set to null here, so repeated
release is ok).

Fixes: 015d239ac014 ("uacce: add uacce driver")
Cc: stable@vger.kernel.org
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com>
Acked-by: Zhangfei Gao <zhangfei.gao@linaro.org>
---
 drivers/misc/uacce/uacce.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/misc/uacce/uacce.c b/drivers/misc/uacce/uacce.c
index d272db516a65..34fd07b4e7c5 100644
--- a/drivers/misc/uacce/uacce.c
+++ b/drivers/misc/uacce/uacce.c
@@ -214,8 +214,14 @@ static void uacce_vma_close(struct vm_area_struct *vma)
 	}
 }
=20
+static int uacce_vma_mremap(struct vm_area_struct *area)
+{
+	return -EPERM;
+}
+
 static const struct vm_operations_struct uacce_vm_ops =3D {
 	.close =3D uacce_vma_close,
+	.mremap =3D uacce_vma_mremap,
 };
=20
 static int uacce_fops_mmap(struct file *filep, struct vm_area_struct *vma)
--=20
2.33.0