patches/old/userfaultfd-use-maple-tree-iterator-to-iterate-vmas-fix.patch - pub/scm/linux/kernel/git/akpm/25-new - Git at Google

 From: Liam Howlett <liam.howlett@oracle.com>
 Subject: fs/userfaultfd: fix vma iteration in mas_for_each() loop
 Date: Wed, 15 Jun 2022 16:42:17 +0000

 The maple tree state becomes stale when the tree is altered and requires
 the iteration to be paused with mas_pause().  This forces the next
 iteration to start from the top of tree for the next entry.

 Link: https://lkml.kernel.org/r/20220615164150.652376-1-Liam.Howlett@oracle.com
 Fixes: "userfaultfd-use-maple-tree-iterator-to-iterate-vmas.patch"
 Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
 Reported-by: syzbot+68771c0e74f7bb7804e5@syzkaller.appspotmail.com
 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 ---

  fs/userfaultfd.c |    7 +++++--
  1 file changed, 5 insertions(+), 2 deletions(-)

 --- a/fs/userfaultfd.c~userfaultfd-use-maple-tree-iterator-to-iterate-vmas-fix
 +++ a/fs/userfaultfd.c
 @@ -890,10 +890,13 @@ static int userfaultfd_release(struct in
  				 vma->vm_file, vma->vm_pgoff,
  				 vma_policy(vma),
  				 NULL_VM_UFFD_CTX, anon_vma_name(vma));
 -		if (prev)
 +		if (prev) {
 +			mas_pause(&mas);
  			vma = prev;
 -		else
 +		} else {
  			prev = vma;
 +		}
 +
  		vma->vm_flags = new_flags;
  		vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX;
  	}
 _
	From: Liam Howlett <liam.howlett@oracle.com>
	Subject: fs/userfaultfd: fix vma iteration in mas_for_each() loop
	Date: Wed, 15 Jun 2022 16:42:17 +0000

	The maple tree state becomes stale when the tree is altered and requires
	the iteration to be paused with mas_pause(). This forces the next
	iteration to start from the top of tree for the next entry.

	Link: https://lkml.kernel.org/r/20220615164150.652376-1-Liam.Howlett@oracle.com
	Fixes: "userfaultfd-use-maple-tree-iterator-to-iterate-vmas.patch"
	Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
	Reported-by: syzbot+68771c0e74f7bb7804e5@syzkaller.appspotmail.com
	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
	---

	fs/userfaultfd.c \| 7 +++++--
	1 file changed, 5 insertions(+), 2 deletions(-)

	--- a/fs/userfaultfd.c~userfaultfd-use-maple-tree-iterator-to-iterate-vmas-fix
	+++ a/fs/userfaultfd.c
	@@ -890,10 +890,13 @@ static int userfaultfd_release(struct in
	vma->vm_file, vma->vm_pgoff,
	vma_policy(vma),
	NULL_VM_UFFD_CTX, anon_vma_name(vma));
	- if (prev)
	+ if (prev) {
	+ mas_pause(&mas);
	vma = prev;
	- else
	+ } else {
	prev = vma;
	+ }
	+
	vma->vm_flags = new_flags;
	vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX;
	}
	_