On Mon, Jul 11, 2022 at 09:59:06AM -0700, Nadav Amit wrote:
From: Nadav Amit namit@vmware.com
Commit 824ddc601adc ("userfaultfd: provide unmasked address on page-fault") was introduced to fix an old bug, in which the offset in the address of a page-fault was masked. Concerns were raised - although were never backed by actual code - that some userspace code might break because the bug has been around for quite a while. To address these concerns a new flag was introduced, and only when this flag is set by the user, userfaultfd provides the exact address of the page-fault.
The commit however had a bug, and if the flag is unset, the offset was always masked based on a base-page granularity. Yet, for huge-pages, the behavior prior to the commit was that the address is masked to the huge-page granulrity.
While there are no reports on real breakage, fix this issue. If the flag is unset, use the address with the masking that was done before.
Fixes: 824ddc601adc ("userfaultfd: provide unmasked address on page-fault") Reported-by: James Houghton jthoughton@google.com Cc: Peter Xu peterx@redhat.com Cc: David Hildenbrand david@redhat.com Cc: Mike Rapoport rppt@linux.ibm.com Cc: Jan Kara jack@suse.cz Cc: Andrea Arcangeli aarcange@redhat.com Cc: stable@vger.kernel.org Signed-off-by: Nadav Amit namit@vmware.com
Reviewed-by: Peter Xu peterx@redhat.com