Patch "maple_tree: reduce user error potential" has been added to the 6.2-stable tree
gregkh at linuxfoundation.org
gregkh at linuxfoundation.org
Wed Apr 12 01:12:09 PDT 2023
This is a note to let you know that I've just added the patch titled
maple_tree: reduce user error potential
to the 6.2-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
maple_tree-reduce-user-error-potential.patch
and it can be found in the queue-6.2 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable at vger.kernel.org> know about it.
>From stable-owner at vger.kernel.org Tue Apr 11 17:12:40 2023
From: "Liam R. Howlett" <Liam.Howlett at oracle.com>
Date: Tue, 11 Apr 2023 11:10:44 -0400
Subject: maple_tree: reduce user error potential
To: Greg Kroah-Hartman <gregkh at linuxfoundation.org>, stable at vger.kernel.org
Cc: maple-tree at lists.infradead.org, linux-mm at kvack.org, linux-kernel at vger.kernel.org, "Liam R. Howlett" <Liam.Howlett at Oracle.com>, Stable at vger.kernel.org, "Liam R . Howlett" <Liam.Howlett at oracle.com>
Message-ID: <20230411151055.2910579-4-Liam.Howlett at oracle.com>
From: "Liam R. Howlett" <Liam.Howlett at Oracle.com>
commit 50e81c82ad947045c7ed26ddc9acb17276b653b6 upstream.
When iterating, a user may operate on the tree and cause the maple state
to be altered and left in an unintuitive state. Detect this scenario and
correct it by setting to the limit and invalidating the state.
Link: https://lkml.kernel.org/r/20230120162650.984577-4-Liam.Howlett@oracle.com
Cc: <Stable at vger.kernel.org>
Fixes: 54a611b60590 ("Maple Tree: add new data structure")
Signed-off-by: Liam R. Howlett <Liam.Howlett at oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
---
lib/maple_tree.c | 10 ++++++++++
1 file changed, 10 insertions(+)
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -4736,6 +4736,11 @@ static inline void *mas_next_entry(struc
unsigned long last;
enum maple_type mt;
+ if (mas->index > limit) {
+ mas->index = mas->last = limit;
+ mas_pause(mas);
+ return NULL;
+ }
last = mas->last;
retry:
offset = mas->offset;
@@ -4842,6 +4847,11 @@ static inline void *mas_prev_entry(struc
{
void *entry;
+ if (mas->index < min) {
+ mas->index = mas->last = min;
+ mas_pause(mas);
+ return NULL;
+ }
retry:
while (likely(!mas_is_none(mas))) {
entry = mas_prev_nentry(mas, min, mas->index);
Patches currently in stable-queue which might be from stable-owner at vger.kernel.org are
queue-6.2/maple_tree-fix-potential-rcu-issue.patch
queue-6.2/maple_tree-add-smp_rmb-to-dead-node-detection.patch
queue-6.2/maple_tree-add-rcu-lock-checking-to-rcu-callback-functions.patch
queue-6.2/maple_tree-fix-handle-of-invalidated-state-in-mas_wr_store_setup.patch
queue-6.2/maple_tree-reduce-user-error-potential.patch
queue-6.2/maple_tree-fix-mas_prev-and-mas_find-state-handling.patch
queue-6.2/maple_tree-remove-gfp_zero-from-kmem_cache_alloc-and-kmem_cache_alloc_bulk.patch
queue-6.2/maple_tree-be-more-cautious-about-dead-nodes.patch
queue-6.2/mm-enable-maple-tree-rcu-mode-by-default.patch
queue-6.2/maple_tree-detect-dead-nodes-in-mas_start.patch
queue-6.2/maple_tree-fix-freeing-of-nodes-in-rcu-mode.patch
queue-6.2/maple_tree-remove-extra-smp_wmb-from-mas_dead_leaves.patch
queue-6.2/maple_tree-refine-ma_state-init-from-mas_start.patch
More information about the maple-tree
mailing list