On Mon, Sep 23, 2024 at 11:56:06AM GMT, Shakeel Butt wrote:
> On Mon, Sep 23, 2024 at 05:03:56PM GMT, Lorenzo Stoakes wrote:
> [...]
> > SYSCALL_DEFINE5(process_madvise, int, pidfd, const struct iovec __user *, vec,
> > size_t, vlen, int, behavior, unsigned int, flags)
> > {
> > @@ -1486,10 +1509,9 @@ SYSCALL_DEFINE5(process_madvise, int, pidfd, const struct iovec __user *, vec,
> > struct iov_iter iter;
> > struct task_struct *task;
> > struct mm_struct *mm;
> > - size_t total_len;
> > unsigned int f_flags;
> >
> > - if (flags != 0) {
> > + if (flags & ~PR_MADV_SELF) {
> > ret = -EINVAL;
> > goto out;
> > }
> > @@ -1498,13 +1520,26 @@ SYSCALL_DEFINE5(process_madvise, int, pidfd, const struct iovec __user *, vec,
> > if (ret < 0)
> > goto out;
> >
> > + /*
> > + * Perform an madvise operation on the current process. No restrictions
> > + * need be applied, nor do we need to pin the task or mm_struct.
> > + */
> > + if (flags & PR_MADV_SELF) {
> > + ret = vector_madvise(current->mm, &iter, behavior);
> > + goto free_iov;
> > + }
> > +
> > task = pidfd_get_task(pidfd, &f_flags);
> > if (IS_ERR(task)) {
> > ret = PTR_ERR(task);
> > goto free_iov;
> > }
> >
> > - if (!process_madvise_behavior_valid(behavior)) {
> > + /*
> > + * We need only perform this check if we are attempting to manipulate a
> > + * remote process's address space.
> > + */
> > + if (mm != current->mm && !process_madvise_remote_valid(behavior)) {
>
> Move the above check after mm is initialized i.e. mm = mm_access().
>
> Shakeel
Ugh, sorry silly one there! Reflexively put that check in the original position.
Enclose a quick fix-patch for it, will fix on any respin also.
----8<----
