On Tue, Aug 06, 2024 at 10:28:06PM GMT, Pedro Falcato wrote:
> is_madv_discard did its check wrong. MADV_ flags are not bitwise,
> they're normal sequential numbers. So, for instance:
> behavior & (/* ... */ | MADV_REMOVE)
>
> tagged both MADV_REMOVE and MADV_RANDOM (bit 0 set) as
> discard operations. This is obviously incorrect, so use
> a switch statement instead.
>
> Signed-off-by: Pedro Falcato <pedro.falcato@xxxxxxxxx>
> ---
> mm/mseal.c | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/mm/mseal.c b/mm/mseal.c
> index 4591ae8d29c..2170e2139ca 100644
> --- a/mm/mseal.c
> +++ b/mm/mseal.c
> @@ -23,9 +23,17 @@ static inline void set_vma_sealed(struct vm_area_struct *vma)
>
> static bool is_madv_discard(int behavior)
> {
> - return behavior &
> - (MADV_FREE | MADV_DONTNEED | MADV_DONTNEED_LOCKED |
> - MADV_REMOVE | MADV_DONTFORK | MADV_WIPEONFORK);
> + switch (behavior) {
> + case MADV_FREE:
> + case MADV_DONTNEED:
> + case MADV_DONTNEED_LOCKED:
> + case MADV_REMOVE:
> + case MADV_DONTFORK:
> + case MADV_WIPEONFORK:
> + return true;
> + }
> +
> + return false;
> }
>
> static bool is_ro_anon(struct vm_area_struct *vma)
> --
> 2.46.0
>
Wow. Great spot, and what an oversight. Agree with Jeff, we really sould
pull this out separately as this is something that urgently needs fixing.
Ideally we'd add a test of some kind, but since it's so obviously wrong I
think it'd be fine without at least as a quick fixup.
This will need to be hotfixed/cc-d to stable too since it's in a released
kernel version.
