ANDROID: x86/mm: fix vm_area_struct leak in speculative pagefault handling

The out-of-tree changes to reuse VMA when speculative pagefault handling fails requires a call to can_reuse_spf_vma which would release the VMA. This part is missing in x86 patch and leads to vm_area_struct leak. Fix this by adding can_reuse_spf_vma call in x86 failt handler, similar to arm64. Fixes: 86ee4a531e ("FROMLIST: x86/mm: add speculative pagefault handling") Bug: 179128258 Test: atest VtsHalNeuralnetworksV1_3TargetTest:VtsHalNeuralnetworksV1_3TargetTest.TestGenerated/MemoryDomainTest -- --abi x86 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: I3ffd907ca275154e89db598d75c238abb4b23a92
2021-02-09 15:40:16 -08:00
parent 575ad9a263
commit dd3f538bf7
1 changed files with 9 additions and 1 deletions
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -1346,7 +1346,8 @@ retry:
 		might_sleep();
 	}

-	vma = find_vma(mm, address);
+	if (!vma || !can_reuse_spf_vma(vma, address))
+		vma = find_vma(mm, address);
 	if (unlikely(!vma)) {
 		bad_area(regs, hw_error_code, address);
 		return;
@@ -1403,6 +1404,13 @@ good_area:
 	if (unlikely((fault & VM_FAULT_RETRY) &&
 		     (flags & FAULT_FLAG_ALLOW_RETRY))) {
 		flags |= FAULT_FLAG_TRIED;
+
+		/*
+		 * Do not try to reuse this vma and fetch it
+		 * again since we will release the mmap_sem.
+		 */
+		vma = NULL;
+
 		goto retry;
 	}