Patch 1 resolves the syzkiller report from Pengfei. Patch 2 further harden pte markers when used with the recent swapin error markers. The major case is we should persist a swapin error marker after fork(), so child shouldn't read a corrupted page. No report so far with patch 2, but it can be somehow tested with things like: https://github.com/xzpeter/clibs/blob/master/misc/pageout.c Plus some hacks. Please have a look, thanks. Peter Xu (2): mm/uffd: Fix pte marker when fork() without fork event mm: Fix a few rare cases of using swapin error pte marker mm/hugetlb.c | 3 +++ mm/memory.c | 14 +++++++------- mm/mprotect.c | 8 +++++++- 3 files changed, 17 insertions(+), 8 deletions(-) -- 2.37.3
