Patch "mm: lock a vma before stack expansion" has been added to the 6.4-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Sun, 09 Jul 2023 11:44:44 +0200

This is a note to let you know that I've just added the patch titled

    mm: lock a vma before stack expansion

to the 6.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     mm-lock-a-vma-before-stack-expansion.patch
and it can be found in the queue-6.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From c137381f71aec755fbf47cd4e9bd4dce752c054c Mon Sep 17 00:00:00 2001
From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Date: Sat, 8 Jul 2023 12:12:10 -0700
Subject: mm: lock a vma before stack expansion

From: Suren Baghdasaryan <surenb@xxxxxxxxxx>

commit c137381f71aec755fbf47cd4e9bd4dce752c054c upstream.

With recent changes necessitating mmap_lock to be held for write while
expanding a stack, per-VMA locks should follow the same rules and be
write-locked to prevent page faults into the VMA being expanded. Add
the necessary locking.

Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 mm/mmap.c |    4 ++++
 1 file changed, 4 insertions(+)

--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1975,6 +1975,8 @@ static int expand_upwards(struct vm_area
 		return -ENOMEM;
 	}
 
+	/* Lock the VMA before expanding to prevent concurrent page faults */
+	vma_start_write(vma);
 	/*
 	 * vma->vm_start/vm_end cannot change under us because the caller
 	 * is required to hold the mmap_lock in read mode.  We need the
@@ -2062,6 +2064,8 @@ int expand_downwards(struct vm_area_stru
 		return -ENOMEM;
 	}
 
+	/* Lock the VMA before expanding to prevent concurrent page faults */
+	vma_start_write(vma);
 	/*
 	 * vma->vm_start/vm_end cannot change under us because the caller
 	 * is required to hold the mmap_lock in read mode.  We need the


Patches currently in stable-queue which might be from surenb@xxxxxxxxxx are

queue-6.4/fork-lock-vmas-of-the-parent-process-when-forking-again.patch
queue-6.4/mm-lock-a-vma-before-stack-expansion.patch
queue-6.4/mm-lock-newly-mapped-vma-with-corrected-ordering.patch
queue-6.4/mm-lock-newly-mapped-vma-which-can-be-modified-after-it-becomes-visible.patch
queue-6.4/fork-lock-vmas-of-the-parent-process-when-forking.patch
queue-6.4/mm-disable-config_per_vma_lock-until-its-fixed.patch






