[SRU Lunar 02/13] mm: make the page fault mmap locking killable

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Wed Jul 5 12:34:14 UTC 2023


From: Linus Torvalds <torvalds at linux-foundation.org>

This is done as a separate patch from introducing the new
lock_mm_and_find_vma() helper, because while it's an obvious change,
it's not what x86 used to do in this area.

We already abort the page fault on fatal signals anyway, so why should
we wait for the mmap lock only to then abort later? With the new helper
function that returns without the lock held on failure anyway, this is
particularly easy and straightforward.

Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
(cherry picked from commit eda0047296a16d65a7f2bc60a408f70d178b2014)
CVE-2023-3269
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
---
 mm/memory.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/mm/memory.c b/mm/memory.c
index 09c030386ab0..5697af462cd0 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -5273,8 +5273,7 @@ static inline bool get_mmap_lock_carefully(struct mm_struct *mm, struct pt_regs
 			return false;
 	}
 
-	mmap_read_lock(mm);
-	return true;
+	return !mmap_read_lock_killable(mm);
 }
 
 static inline bool mmap_upgrade_trylock(struct mm_struct *mm)
@@ -5298,8 +5297,7 @@ static inline bool upgrade_mmap_lock_carefully(struct mm_struct *mm, struct pt_r
 		if (!search_exception_tables(ip))
 			return false;
 	}
-	mmap_write_lock(mm);
-	return true;
+	return !mmap_write_lock_killable(mm);
 }
 
 /*
-- 
2.34.1




More information about the kernel-team mailing list