Commit 186f2898 authored by Ma Wupeng's avatar Ma Wupeng Committed by Zheng Zengkai
Browse files

mm/rmap: Fix kabi broken in anon_vma 

hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5JT6V


CVE: NA

--------------------------------

In order to fix CVE-2022-42703, degree in struct anon_vma is splited into
two variables(num_children, num_active_vmas) and this will lead to broken
kabi.

Since struct anon_vma is only used by mm module and referenced by other
struct as pointers. So we can ignore this kabi change warning.

For variable degree in struct anon_vma, previous patch has already
delete this but this will lead to kabi change. Add it back at the same
position with KABI_DEPRECATE.

For variables(num_children, num_active_vmas), add them at the end of
struct anon_vma with KABI_EXTEND.

Signed-off-by: default avatarMa Wupeng <mawupeng1@huawei.com>
Reviewed-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 25702ca1

include/linux/rmap.h

+13 −10
Original line number Diff line number Diff line
@@ -38,16 +38,8 @@ struct anon_vma { 
	 */

	atomic_t refcount;



	/*

	 * Count of child anon_vmas. Equals to the count of all anon_vmas that

	 * have ->parent pointing to this one, including itself.

	 *

	 * This counter is used for making decision about reusing anon_vma

	 * instead of forking new one. See comments in function anon_vma_clone.

	 */

	unsigned long num_children;

	/* Count of VMAs whose ->anon_vma pointer points to this object. */

	unsigned long num_active_vmas;

	/* Add degree back for KABI compatibility */

	KABI_DEPRECATE(unsigned, degree)



	struct anon_vma *parent;	/* Parent of this anon_vma */
@@ -62,6 +54,17 @@ struct anon_vma { 


	/* Interval tree of private "related" vmas */

	struct rb_root_cached rb_root;



	/*

	 * Count of child anon_vmas. Equals to the count of all anon_vmas that

	 * have ->parent pointing to this one, including itself.

	 *

	 * This counter is used for making decision about reusing anon_vma

	 * instead of forking new one. See comments in function anon_vma_clone.

	 */

	KABI_EXTEND(unsigned long num_children)

	/* Count of VMAs whose ->anon_vma pointer points to this object. */

	KABI_EXTEND(unsigned long num_active_vmas)

};



/*