Commit ad1cd384 authored Jan 31, 2023 by Seth Jenkins Committed by zhaoxiaoqiang11 Aug 23, 2023

aio: fix mremap after fork null-deref

stable inclusion
from stable-v5.10.169
commit c261f798f7baa8080cf0214081d43d5f86bb073f
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I7V9QX

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c261f798f7baa8080cf0214081d43d5f86bb073f

----------------------------------------------------

commit 81e9d6f8 upstream.

Commit e4a0d3e7 ("aio: Make it possible to remap aio ring") introduced
a null-deref if mremap is called on an old aio mapping after fork as
mm->ioctx_table will be set to NULL.

[jmoyer@redhat.com: fix 80 column issue]
Link: https://lkml.kernel.org/r/x49sffq4nvg.fsf@segfault.boston.devel.redhat.com


Fixes: e4a0d3e7 ("aio: Make it possible to remap aio ring")
Signed-off-by: Seth Jenkins <sethjenkins@google.com>
Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Benjamin LaHaise <bcrl@kvack.org>
Cc: Jann Horn <jannh@google.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: zhaoxiaoqiang11 <zhaoxiaoqiang11@jd.com>

parent d191a6e4

Show whitespace changes

Inline Side-by-side

Please to comment