[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: 41e6ddcaa0f18dda4c3fadf22533775a30d6f72f
Note: The patch differs from the upstream commit: --- 1: 41e6ddcaa0f18 ! 1: 8030ce55b9d25 mm/vma: add give_up_on_oom option on modify/merge, use in uffd release @@ Commit message Suggested-by: Jann Horn jannh@google.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org + (cherry picked from commit 41e6ddcaa0f18dda4c3fadf22533775a30d6f72f)
## mm/userfaultfd.c ## @@ mm/userfaultfd.c: struct vm_area_struct *userfaultfd_clear_vma(struct vma_iterator *vmi, @@ mm/userfaultfd.c: int userfaultfd_register_range(struct userfaultfd_ctx *ctx,
## mm/vma.c ## -@@ mm/vma.c: static void vmg_adjust_set_range(struct vma_merge_struct *vmg) - /* - * Actually perform the VMA merge operation. - * -+ * IMPORTANT: We guarantee that, should vmg->give_up_on_oom is set, to not -+ * modify any VMAs or cause inconsistent state should an OOM condition arise. -+ * - * Returns 0 on success, or an error value on failure. - */ - static int commit_merge(struct vma_merge_struct *vmg) -@@ mm/vma.c: static int commit_merge(struct vma_merge_struct *vmg) - - init_multi_vma_prep(&vp, vma, vmg); - -+ /* -+ * If vmg->give_up_on_oom is set, we're safe, because we don't actually -+ * manipulate any VMAs until we succeed at preallocation. -+ * -+ * Past this point, we will not return an error. -+ */ - if (vma_iter_prealloc(vmg->vmi, vma)) - return -ENOMEM; - @@ mm/vma.c: static __must_check struct vm_area_struct *vma_merge_existing_range( if (anon_dup) unlink_anon_vmas(anon_dup); @@ mm/vma.c: static __must_check struct vm_area_struct *vma_merge_existing_range( return NULL; }
-@@ mm/vma.c: int vma_expand(struct vma_merge_struct *vmg) - /* This should already have been checked by this point. */ - VM_WARN_ON_VMG(!can_merge_remove_vma(next), vmg); - vma_start_write(next); -+ /* -+ * In this case we don't report OOM, so vmg->give_up_on_mm is -+ * safe. -+ */ - ret = dup_anon_vma(middle, next, &anon_dup); - if (ret) - return ret; @@ mm/vma.c: int vma_expand(struct vma_merge_struct *vmg) return 0;
@@ mm/vma.c: struct vm_area_struct
## mm/vma.h ## @@ mm/vma.h: struct vma_merge_struct { - */ - bool just_expand :1; - + struct anon_vma_name *anon_name; + enum vma_merge_flags merge_flags; + enum vma_merge_state state; ++ + /* + * If a merge is possible, but an OOM error occurs, give up and don't + * execute the merge, returning NULL. + */ + bool give_up_on_oom :1; -+ - /* Internal flags set during merge process: */ + };
- /* + static inline bool vmg_nomem(struct vma_merge_struct *vmg) @@ mm/vma.h: __must_check struct vm_area_struct struct vm_area_struct *vma, unsigned long start, unsigned long end, ---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.14.y | Success | Success |