From: Liam R. Howlett <Liam.Howlett@oracle.com>
Date: Wed, 27 Apr 2022 15:13:03 +0000 (-0400)
Subject: fs/userfaultfd: Fix maple state in userfaultfd_register()
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=09a30b09a9e7a79fddeb05c309103aacf82d0a1e;p=users%2Fjedix%2Flinux-maple.git

fs/userfaultfd: Fix maple state in userfaultfd_register()

When VMAs are split/merged, the maple tree node may be replaced.
Re-walk the tree in such cases by calling mas_pause().

Fixes: a88fae9a5fc2 (userfaultfd: use maple tree iterator to iterate
VMAs)
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
---

diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index f4bf95660536..af29e5885ed2 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1452,6 +1452,8 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
 				 ((struct vm_userfaultfd_ctx){ ctx }),
 				 anon_vma_name(vma));
 		if (prev) {
+			/* vma_merge() invalidated the mas */
+			mas_pause(&mas);
 			vma = prev;
 			goto next;
 		}
@@ -1459,11 +1461,15 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
 			ret = split_vma(mm, vma, start, 1);
 			if (ret)
 				break;
+			/* split_vma() invalidated the mas */
+			mas_pause(&mas);
 		}
 		if (vma->vm_end > end) {
 			ret = split_vma(mm, vma, end, 0);
 			if (ret)
 				break;
+			/* split_vma() invalidated the mas */
+			mas_pause(&mas);
 		}
 	next:
 		/*