Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4383806imw; Tue, 12 Jul 2022 07:06:32 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tM/5kXw+AGIvx02jSGwCJxfjf+MxYhYpwOYaYh3ZtVXhxy4OrvNCleZg+oxGVYAUC9HMa5 X-Received: by 2002:a05:6402:5201:b0:43a:d797:b9c with SMTP id s1-20020a056402520100b0043ad7970b9cmr13349751edd.343.1657634792309; Tue, 12 Jul 2022 07:06:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657634792; cv=none; d=google.com; s=arc-20160816; b=R1Jfia0vPvuavCo2wILNMP0+nur9lx4pyGnEnEyDOw5NHS6eEnCErSeCc8V23AJEcr KpHPa8ywpALi3AIs1YtUlXjFHVR1wa9QqleQJybRF/2w8vl7/vit72l3jG5jbVO2a+Hd buVtN7a04c62WUP0TSRYm3scwHpNmzhCEXv2C3iuigupcgmKePmuZYA42+Kpce9iYnGt aD5v4Rqm/BMHPOuRShK/xzuU8fLWVmNzxOKVbJKWEzuEUpok42XKBtPgjI1cV2HvxwGt XUODrtH+U4sBhFSKjLpvxquubtzsthCjzeZULhoyEHflemttuWD3Qeo+PSKU5ItwMW24 gfxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=VitQx3q+iCYw3d/36WRi3cPi58P+LCv5KaKeQBua0UU=; b=KMDyi+FOJRjf5MHk1MbXx5jfTapJ0rw0ig5snnDfoDl5QWaTDwPOYwjdsCbb2NAjU4 YjamKa43BLPvxICm8/cOpFjgRVXaCqpkF7rtq5ot4Z6wsAmH6obIR34mfaP6WFUSSmMF 5xdOD/OqzQ7Cj2ydoBDnyLG0aP23KAKT06INC87Y1piN9ANQLHXHklIJc+pixBEyCeum +Fgv4AOOhC98OPJ61CloaQAnCoQkmao/UN8WRtWln5Qb3+k2bcWnnLuHJyT/Oj964cWh ORO+WsK7zpy1XoroRUrwFoxrTZV+UdeQWdT2qSitU2R0VClo3gfGw3Y7GxhDTpmMqt72 I/Lg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z66-20020a509e48000000b0043aae23b80fsi14622220ede.280.2022.07.12.07.05.53; Tue, 12 Jul 2022 07:06:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232460AbiGLNF5 (ORCPT + 99 others); Tue, 12 Jul 2022 09:05:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50446 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232375AbiGLNFz (ORCPT ); Tue, 12 Jul 2022 09:05:55 -0400 Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD501B41B7 for ; Tue, 12 Jul 2022 06:05:54 -0700 (PDT) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.55]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4Lj1Cd4xJ9zkWhq; Tue, 12 Jul 2022 21:03:41 +0800 (CST) Received: from huawei.com (10.175.124.27) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 12 Jul 2022 21:05:51 +0800 From: Miaohe Lin To: , , CC: , , Subject: [PATCH] mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte Date: Tue, 12 Jul 2022 21:05:42 +0800 Message-ID: <20220712130542.18836-1-linmiaohe@huawei.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.175.124.27] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In MCOPY_ATOMIC_CONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepage_add_new_anon_rmap is called for them mistakenly because they're not vm_shared. This will corrupt the page->mapping used by page cache code. Fixes: f619147104c8 ("userfaultfd: add UFFDIO_CONTINUE ioctl") Signed-off-by: Miaohe Lin --- mm/hugetlb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 8d379e03f672..b232e1508e49 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -6038,7 +6038,7 @@ int hugetlb_mcopy_atomic_pte(struct mm_struct *dst_mm, if (!huge_pte_none_mostly(huge_ptep_get(dst_pte))) goto out_release_unlock; - if (vm_shared) { + if (page_in_pagecache) { page_dup_file_rmap(page, true); } else { ClearHPageRestoreReserve(page); -- 2.23.0