Andrew,
Please add this fix to your branch.
Thanks,
Liam
From 9ed858e47c3938fdff8c22fb386bdc3366773093 Mon Sep 17 00:00:00 2001
From: "Liam R. Howlett" <Liam.Howlett@xxxxxxxxxx>
Date: Wed, 27 Apr 2022 11:13:03 -0400
Subject: [PATCH] fs/userfaultfd: Fix maple state in userfaultfd_register()
When VMAs are split/merged, the maple tree node may be replaced.
Re-walk the tree in such cases by calling mas_pause().
Signed-off-by: Liam R. Howlett <Liam.Howlett@xxxxxxxxxx>
---
fs/userfaultfd.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index bb7338391b2c..974e04c51954 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1437,6 +1437,8 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
((struct vm_userfaultfd_ctx){ ctx }),
anon_vma_name(vma));
if (prev) {
+ /* vma_merge() invalidated the mas */
+ mas_pause(&mas);
vma = prev;
goto next;
}
@@ -1444,11 +1446,15 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
ret = split_vma(mm, vma, start, 1);
if (ret)
break;
+ /* split_vma() invalidated the mas */
+ mas_pause(&mas);
}
if (vma->vm_end > end) {
ret = split_vma(mm, vma, end, 0);
if (ret)
break;
+ /* split_vma() invalidated the mas */
+ mas_pause(&mas);
}
next:
/*
--
2.35.1
