mm/mlock: set the correct prev on failure

After commit 94d7d9233951 ("mm: abstract the vma_merge()/split_vma()
pattern for mprotect() et al."), if vma_modify_flags() return error, the
vma is set to an error code.  This will lead to an invalid prev be
returned.

Generally this shouldn't matter as the caller should treat an error as
indicating state is now invalidated, however unfortunately
apply_mlockall_flags() does not check for errors and assumes that
mlock_fixup() correctly maintains prev even if an error were to occur.

This patch fixes that assumption.

[lorenzo.stoakes@oracle.com: provide a better fix and rephrase the log]
Link: https://lkml.kernel.org/r/20241027123321.19511-1-richard.weiyang@gmail.com
Fixes: 94d7d9233951 ("mm: abstract the vma_merge()/split_vma() pattern for mprotect() et al.")
Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Jann Horn <jannh@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/mm/mlock.c b/mm/mlock.c
index e3e3dc2b295639306554761f8869c0bfe8bd16eb..cde076fa7d5e5a7ee3897fa66812d907156aede1 100644 (file)
--- a/mm/mlock.c
+++ b/mm/mlock.c
@@ -725,14 +725,17 @@ static int apply_mlockall_flags(int flags)
        }
 
        for_each_vma(vmi, vma) {
+               int error;
                vm_flags_t newflags;
 
                newflags = vma->vm_flags & ~VM_LOCKED_MASK;
                newflags |= to_add;
 
-               /* Ignore errors */
-               mlock_fixup(&vmi, vma, &prev, vma->vm_start, vma->vm_end,
-                           newflags);
+               error = mlock_fixup(&vmi, vma, &prev, vma->vm_start, vma->vm_end,
+                                   newflags);
+               /* Ignore errors, but prev needs fixing up. */
+               if (error)
+                       prev = vma;
                cond_resched();
        }
 out: