The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 51f625377561e5b167da2db5aafb7ee268f691c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2023102704-surrogate-dole-2888@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 51f625377561e5b167da2db5aafb7ee268f691c5 Mon Sep 17 00:00:00 2001 From: "Liam R. Howlett" Liam.Howlett@oracle.com Date: Thu, 28 Sep 2023 13:24:32 -0400 Subject: [PATCH] mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer
The two users of mbind_range() are expecting that mbind_range() will update the pointer to the previous VMA, or return an error. However, set_mempolicy_home_node() does not call mbind_range() if there is no VMA policy. The fix is to update the pointer to the previous VMA prior to continuing iterating the VMAs when there is no policy.
Users may experience a WARN_ON() during VMA policy updates when updating a range of VMAs on the home node.
Link: https://lkml.kernel.org/r/20230928172432.2246534-1-Liam.Howlett@oracle.com Link: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Fixes: f4e9e0e69468 ("mm/mempolicy: fix use-after-free of VMA iterator") Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com Reported-by: Yikebaer Aizezi yikebaer61@gmail.com Closes: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Reviewed-by: Lorenzo Stoakes lstoakes@gmail.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index f1b00d6ac7ee..29ebf1e7898c 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1543,8 +1543,10 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le * the home node for vmas we already updated before. */ old = vma_policy(vma); - if (!old) + if (!old) { + prev = vma; continue; + } if (old->mode != MPOL_BIND && old->mode != MPOL_PREFERRED_MANY) { err = -EOPNOTSUPP; break;
Added Michal to the Cc as I'm referencing his patch below.
* gregkh@linuxfoundation.org gregkh@linuxfoundation.org [231027 08:14]:
The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 51f625377561e5b167da2db5aafb7ee268f691c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2023102704-surrogate-dole-2888@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
Can we add this patch to the dependency list? It will allow my patch to be applied cleanly, and looks like it is close to a valid backport itself.
e976936cfc66 ("mm/mempolicy: do not duplicate policy if it is not applicable for set_mempolicy_home_node")
If you don't agree, I can rework my patch to work without it.
Thanks, Liam
...
------------------ original commit in Linus's tree ------------------
From 51f625377561e5b167da2db5aafb7ee268f691c5 Mon Sep 17 00:00:00 2001 From: "Liam R. Howlett" Liam.Howlett@oracle.com Date: Thu, 28 Sep 2023 13:24:32 -0400 Subject: [PATCH] mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer
The two users of mbind_range() are expecting that mbind_range() will update the pointer to the previous VMA, or return an error. However, set_mempolicy_home_node() does not call mbind_range() if there is no VMA policy. The fix is to update the pointer to the previous VMA prior to continuing iterating the VMAs when there is no policy.
Users may experience a WARN_ON() during VMA policy updates when updating a range of VMAs on the home node.
Link: https://lkml.kernel.org/r/20230928172432.2246534-1-Liam.Howlett@oracle.com Link: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Fixes: f4e9e0e69468 ("mm/mempolicy: fix use-after-free of VMA iterator") Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com Reported-by: Yikebaer Aizezi yikebaer61@gmail.com Closes: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Reviewed-by: Lorenzo Stoakes lstoakes@gmail.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index f1b00d6ac7ee..29ebf1e7898c 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1543,8 +1543,10 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le * the home node for vmas we already updated before. */ old = vma_policy(vma);
if (!old)
if (!old) {
prev = vma; continue;
if (old->mode != MPOL_BIND && old->mode != MPOL_PREFERRED_MANY) { err = -EOPNOTSUPP; break;}
On Tue, Oct 31, 2023 at 09:51:11AM -0400, Liam R. Howlett wrote:
Added Michal to the Cc as I'm referencing his patch below.
- gregkh@linuxfoundation.org gregkh@linuxfoundation.org [231027 08:14]:
The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 51f625377561e5b167da2db5aafb7ee268f691c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2023102704-surrogate-dole-2888@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
Can we add this patch to the dependency list? It will allow my patch to be applied cleanly, and looks like it is close to a valid backport itself.
e976936cfc66 ("mm/mempolicy: do not duplicate policy if it is not applicable for set_mempolicy_home_node")
This commit does not apply to 6.1.y at all :(
sorry,
greg k-h
* Greg KH gregkh@linuxfoundation.org [231031 10:50]:
On Tue, Oct 31, 2023 at 09:51:11AM -0400, Liam R. Howlett wrote:
Added Michal to the Cc as I'm referencing his patch below.
- gregkh@linuxfoundation.org gregkh@linuxfoundation.org [231027 08:14]:
The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 51f625377561e5b167da2db5aafb7ee268f691c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2023102704-surrogate-dole-2888@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
Can we add this patch to the dependency list? It will allow my patch to be applied cleanly, and looks like it is close to a valid backport itself.
e976936cfc66 ("mm/mempolicy: do not duplicate policy if it is not applicable for set_mempolicy_home_node")
This commit does not apply to 6.1.y at all :(
Sorry about that. Yes, it looks like it is probably easier to re-work my patch. I'll take a closer look.
Thanks, Liam
On Tue 31-10-23 09:51:11, Liam R. Howlett wrote:
Added Michal to the Cc as I'm referencing his patch below.
- gregkh@linuxfoundation.org gregkh@linuxfoundation.org [231027 08:14]:
The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 51f625377561e5b167da2db5aafb7ee268f691c5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2023102704-surrogate-dole-2888@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
Can we add this patch to the dependency list? It will allow my patch to be applied cleanly, and looks like it is close to a valid backport itself.
e976936cfc66 ("mm/mempolicy: do not duplicate policy if it is not applicable for set_mempolicy_home_node")
If you don't agree, I can rework my patch to work without it.
No objection from me. The patch is really straightforward and shouldn't pose an additional risk
commit 51f625377561e5b167da2db5aafb7ee268f691c5 upstream.
The two users of mbind_range() are expecting that mbind_range() will update the pointer to the previous VMA, or return an error. However, set_mempolicy_home_node() does not call mbind_range() if there is no VMA policy. The fix is to update the pointer to the previous VMA prior to continuing iterating the VMAs when there is no policy.
Users may experience a WARN_ON() during VMA policy updates when updating a range of VMAs on the home node.
Link: https://lkml.kernel.org/r/20230928172432.2246534-1-Liam.Howlett@oracle.com Link: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Fixes: f4e9e0e69468 ("mm/mempolicy: fix use-after-free of VMA iterator") Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com Reported-by: Yikebaer Aizezi yikebaer61@gmail.com Closes: https://lore.kernel.org/linux-mm/CALcu4rbT+fMVNaO_F2izaCT+e7jzcAciFkOvk21HGJ... Reviewed-by: Lorenzo Stoakes lstoakes@gmail.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com --- mm/mempolicy.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index bfe2d1d50fbe..84e11c2caae4 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1525,8 +1525,10 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le /* * Only update home node if there is an existing vma policy */ - if (!new) + if (!new) { + prev = vma; continue; + }
/* * If any vma in the range got policy other than MPOL_BIND
linux-stable-mirror@lists.linaro.org