[PATCH hotfix 6.12 v2 4/8] mm: resolve faulty mmap_region() error path behaviour

Linus Torvalds torvalds at linux-foundation.org
Mon Oct 28 12:05:44 PDT 2024


On Mon, 28 Oct 2024 at 08:57, Lorenzo Stoakes
<lorenzo.stoakes at oracle.com> wrote:
>
> So likely hook on your mapping changes flags to set VM_MTE | VM_MTE_ALLOWED and
> expects this to be checked after (ugh).

Gaah. Yes. mm/shmem.c: shmem_mmap() does

        /* arm64 - allow memory tagging on RAM-based files */
        vm_flags_set(vma, VM_MTE_ALLOWED);

and while I found the equivalent hack for the VM_SPARC_ADI case, I
hadn't noticed that MTE thing.

How very annoying.

So the arch_validate_flags() case does need to be done after the ->mmap() call.

How about just finalizing everything, and then doing a regular
munmap() afterwards and returning an error (all still holding the mmap
semaphore, of course).

That still avoids the whole "partially completed mmap" case.

             Linus



More information about the linux-arm-kernel mailing list