[PATCH] mm/mremap: reset VMI on unmap

From: Lorenzo Stoakes
Date: Wed Jul 16 2025 - 15:29:54 EST

Next message: Arseniy Krasnov: "[PATCH v4] Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'"
Previous message: Frank Li: "Re: [PATCH v2 net-next 02/14] dt-bindings: net: add nxp,netc-timer property"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Any separate VMA iterator may become invalidated when VMAs are unmapped at
nodes in proximity to the current position of the iterator.

Therefore, reset the iterator at each point where this occurs on a mremap
move.

Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@xxxxxxxxxx>
---
mm/mremap.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/mm/mremap.c b/mm/mremap.c
index 7a2e7022139a..15cbd41515ed 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -1113,6 +1113,7 @@ static void unmap_source_vma(struct vma_remap_struct *vrm)

err = do_vmi_munmap(&vmi, mm, addr, len, vrm->uf_unmap, /* unlock= */false);
vrm->vma = NULL; /* Invalidated. */
+ vrm->vmi_needs_reset = true;
if (err) {
/* OOM: unable to split vma, just get accounts right */
vm_acct_memory(len >> PAGE_SHIFT);
@@ -1367,6 +1368,7 @@ static unsigned long mremap_to(struct vma_remap_struct *vrm)
err = do_munmap(mm, vrm->new_addr, vrm->new_len,
vrm->uf_unmap_early);
vrm->vma = NULL; /* Invalidated. */
+ vrm->vmi_needs_reset = true;
if (err)
return err;

--
2.50.1

Next message: Arseniy Krasnov: "[PATCH v4] Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'"
Previous message: Frank Li: "Re: [PATCH v2 net-next 02/14] dt-bindings: net: add nxp,netc-timer property"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]