6.15-stable review patch. If anyone has any objections, please let me know.
------------------
From: SeongJae Park sj@kernel.org
commit 9c49e5d09f076001e05537734d7df002162eb2b5 upstream.
When unwinding race on -ERESTARTNOINTR handling of process_madvise(), madvise_lock() failure is ignored. Check the failure and abort remaining works in the case.
Link: https://lkml.kernel.org/r/20250602174926.1074-1-sj@kernel.org Fixes: 4000e3d0a367 ("mm/madvise: remove redundant mmap_lock operations from process_madvise()") Signed-off-by: SeongJae Park sj@kernel.org Reported-by: Barry Song 21cnbao@gmail.com Closes: https://lore.kernel.org/CAGsJ_4xJXXO0G+4BizhohSZ4yDteziPw43_uF8nPXPWxUVChzw@... Reviewed-by: Jann Horn jannh@google.com Reviewed-by: Lorenzo Stoakes lorenzo.stoakes@oracle.com Acked-by: David Hildenbrand david@redhat.com Reviewed-by: Shakeel Butt shakeel.butt@linux.dev Reviewed-by: Barry Song baohua@kernel.org Cc: Liam Howlett liam.howlett@oracle.com Cc: Vlastimil Babka vbabka@suse.cz Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- mm/madvise.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
--- a/mm/madvise.c +++ b/mm/madvise.c @@ -1832,7 +1832,9 @@ static ssize_t vector_madvise(struct mm_
/* Drop and reacquire lock to unwind race. */ madvise_unlock(mm, behavior); - madvise_lock(mm, behavior); + ret = madvise_lock(mm, behavior); + if (ret) + goto out; continue; } if (ret < 0) @@ -1841,6 +1843,7 @@ static ssize_t vector_madvise(struct mm_ } madvise_unlock(mm, behavior);
+out: ret = (total_len - iov_iter_count(iter)) ? : ret;
return ret;