| Message ID | ef2c7c0eeb166acf050597f49eb118d94f18bd39.camel@infradead.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp8841477vqr;
Wed, 28 Jun 2023 04:15:55 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlGphIV1qlzKHt8+kbP9Afh8n9UQtJQOTSSYUHog5lRVzZFDZnMAa8pH7MvP3u5Fj8qL2MkN
X-Received: by 2002:a17:903:2348:b0:1b8:4515:8bd6 with SMTP id
c8-20020a170903234800b001b845158bd6mr606309plh.34.1687950955107;
Wed, 28 Jun 2023 04:15:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1687950955; cv=none;
d=google.com; s=arc-20160816;
b=PSCA4d6E31SRGOauMnKAZ2iLmASvUjREh+F0BHMlBogOmn+VxSzOuwJYo/YM7Hx/mI
YMu5/KzKXLGJEBOjEbWTR4R4lE4LKQpjw79B4NV1DDV5E6/eZedPG7FcUMsnWGVPh3U5
NdzBeOdaJm9y1WqUJSZMyM+uNToFUSqRUx9NC4+JXtX89ieRRZhA4kVGH09VKPZFc5rj
NXhHCAkvO6+CskV1Cfan1Nw48KqeE7X6PsBN+xM+xK/wGGc51Ra9xOqntUIueLLXF09u
DD93cv4uCsYn4BJckGhhY//H8y7oe7lZ4iQNlyX2K1nMpw3xyTejCLMN+2bCtiji9ILM
oKUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:mime-version:user-agent:date:cc:to:from:subject
:message-id:dkim-signature;
bh=RAQc42BbekmUDy535LdxpHEUUocBGG+NiwZWl9Du1lo=;
fh=Ufldqg6XSpNbilHUGOfLPPq4jc0h6EagAAb0IiVtL1A=;
b=mCGKZ8+o6DLMuNIwZuuXnRQnEjs8PiRngC2ijHivz3D250nlkE3KpKjl82riGlX2/a
J/UYSee45m+6/i5FjbUiZ0OYdGpYGQ10rp26Y0j0dt/2VX089lpi5ku6Rv+bHpsnYAJm
y14HLIkElvwvwpjPfKAXC4hQyROBr9upcp73c6TEfQD/6FwzV53HbeUpc216SjgJe7+B
R7+v3MDQdHybkMrAWI6GJZ/0xzYN9XaAKklSwx9KamYUxMrHwhXcFLWAohjEOgBNWAUx
nkx9ptW/L3OvvuVNyN7a5RigX8m8hskv5hNGNW0cHv32x8idet6jLzOYQXWhqXiIBo8U
KZGg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@infradead.org header.s=casper.20170209
header.b=GesBRsXO;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
bj2-20020a170902850200b001b69661e849si8188561plb.469.2023.06.28.04.15.29;
Wed, 28 Jun 2023 04:15:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@infradead.org header.s=casper.20170209
header.b=GesBRsXO;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231127AbjF1KpL (ORCPT <rfc822;adanhawthorn@gmail.com>
+ 99 others); Wed, 28 Jun 2023 06:45:11 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59316 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231810AbjF1Km5 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Wed, 28 Jun 2023 06:42:57 -0400
Received: from casper.infradead.org (casper.infradead.org
[IPv6:2001:8b0:10b:1236::1])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9032619B6
for <linux-kernel@vger.kernel.org>;
Wed, 28 Jun 2023 03:42:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=infradead.org; s=casper.20170209;
h=MIME-Version:Content-Type:Date:Cc:To:
From:Subject:Message-ID:Sender:Reply-To:Content-Transfer-Encoding:Content-ID:
Content-Description:In-Reply-To:References;
bh=RAQc42BbekmUDy535LdxpHEUUocBGG+NiwZWl9Du1lo=;
b=GesBRsXOd+iHYmJD1qWp2ZvYlW
QfB7+DsKGYOsKOdgGsfhFUdFqN9fgPAnpbwl50GouFPD102CmKgnT4xQW1pzEZVCmlPNRm4qcDLEP
9b2PDQO0bycymUK5m1Z/sRXRVb5hN98mlVBovNG4NU0vRmObZLBOKiWsReSStHLLHx02t/OhM/xYs
5HAoSddljoeS4cqRw7QjBWxgfibEwHLjR+USR45717P3OTbEyyoP1OuFJBy69r4oiqMtYn+HTNJHb
9RdqtS92KQBJK67FmT71QKk1qMMqCXPP2RBP/a5b9icoEwG71UCSPXti9Ejgt4c2OWKNIRPporyGL
OC7CyGvA==;
Received: from [2001:8b0:10b:5:1549:297f:aed4:ad00]
(helo=u3832b3a9db3152.ant.amazon.com)
by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux))
id 1qESdK-003hi2-3G; Wed, 28 Jun 2023 10:42:46 +0000
Message-ID: <ef2c7c0eeb166acf050597f49eb118d94f18bd39.camel@infradead.org>
Subject: [PATCH] mm/mmap: Fix error return in do_vmi_align_munmap()
From: David Woodhouse <dwmw2@infradead.org>
To: "Liam R. Howlett" <Liam.Howlett@oracle.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Vegard Nossum <vegard.nossum@oracle.com>,
Andrew Morton <akpm@linux-foundation.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
linux-kernel <linux-kernel@vger.kernel.org>
Date: Wed, 28 Jun 2023 11:42:45 +0100
Content-Type: multipart/signed; micalg="sha-256";
protocol="application/pkcs7-signature";
boundary="=-OhQdJGFvrQGmTY1noH15"
User-Agent: Evolution 3.44.4-0ubuntu1
MIME-Version: 1.0
X-SRS-Rewrite: SMTP reverse-path rewritten from <dwmw2@infradead.org> by
casper.infradead.org. See http://www.infradead.org/rpr.html
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1769943905145734548?=
X-GMAIL-MSGID: =?utf-8?q?1769944860829650530?=
|
| Series |
mm/mmap: Fix error return in do_vmi_align_munmap()
|
|
Commit Message
David Woodhouse
June 28, 2023, 10:42 a.m. UTC
From: David Woodhouse <dwmw@amazon.co.uk> If mas_store_gfp() in the gather loop failed, the 'error' variable that ultimately gets returned was not being set. In many cases, its original value of -ENOMEM was still in place, and that was fine. But if VMAs had been split at the start or end of the range, then 'error' could be zero. Change to the 'error = foo(); if (error) goto …' idiom to fix the bug. Also clean up a later case which avoided the same bug by *explicitly* setting error = -ENOMEM right before calling the function that might return -ENOMEM. In a final cosmetic change, move the 'Point of no return' comment to *after* the goto. That's been in the wrong place since the preallocation was removed, and this new error path was added. Fixes: 606c812eb1d5 ("mm/mmap: Fix error path in do_vmi_align_munmap()") Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> --- mm/mmap.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)
Comments
* David Woodhouse <dwmw2@infradead.org> [230628 06:43]: > From: David Woodhouse <dwmw@amazon.co.uk> > > If mas_store_gfp() in the gather loop failed, the 'error' variable that > ultimately gets returned was not being set. In many cases, its original > value of -ENOMEM was still in place, and that was fine. But if VMAs had > been split at the start or end of the range, then 'error' could be zero. > > Change to the 'error = foo(); if (error) goto …' idiom to fix the bug. > > Also clean up a later case which avoided the same bug by *explicitly* > setting error = -ENOMEM right before calling the function that might > return -ENOMEM. > > In a final cosmetic change, move the 'Point of no return' comment to > *after* the goto. That's been in the wrong place since the preallocation > was removed, and this new error path was added. > > Fixes: 606c812eb1d5 ("mm/mmap: Fix error path in do_vmi_align_munmap()") > Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> > --- > mm/mmap.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/mm/mmap.c b/mm/mmap.c > index d600404580b2..13128e908470 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -2387,7 +2387,8 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, > } > vma_start_write(next); > mas_set_range(&mas_detach, next->vm_start, next->vm_end - 1); > - if (mas_store_gfp(&mas_detach, next, GFP_KERNEL)) > + error = mas_store_gfp(&mas_detach, next, GFP_KERNEL); > + if (error) > goto munmap_gather_failed; > vma_mark_detached(next, true); > if (next->vm_flags & VM_LOCKED) > @@ -2436,12 +2437,12 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, > BUG_ON(count != test_count); > } > #endif > - /* Point of no return */ > - error = -ENOMEM; > vma_iter_set(vmi, start); > - if (vma_iter_clear_gfp(vmi, start, end, GFP_KERNEL)) > + error = vma_iter_clear_gfp(vmi, start, end, GFP_KERNEL); > + if (error) > goto clear_tree_failed; > > + /* Point of no return */ > mm->locked_vm -= locked_vm; > mm->map_count -= count; > /* > -- > 2.34.1 > >
diff --git a/mm/mmap.c b/mm/mmap.c index d600404580b2..13128e908470 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -2387,7 +2387,8 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, } vma_start_write(next); mas_set_range(&mas_detach, next->vm_start, next->vm_end - 1); - if (mas_store_gfp(&mas_detach, next, GFP_KERNEL)) + error = mas_store_gfp(&mas_detach, next, GFP_KERNEL); + if (error) goto munmap_gather_failed; vma_mark_detached(next, true); if (next->vm_flags & VM_LOCKED) @@ -2436,12 +2437,12 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, BUG_ON(count != test_count); } #endif - /* Point of no return */ - error = -ENOMEM; vma_iter_set(vmi, start); - if (vma_iter_clear_gfp(vmi, start, end, GFP_KERNEL)) + error = vma_iter_clear_gfp(vmi, start, end, GFP_KERNEL); + if (error) goto clear_tree_failed; + /* Point of no return */ mm->locked_vm -= locked_vm; mm->map_count -= count; /*