From bcfd7200766c5257ebd493a04880ee5fa75b6f55 Mon Sep 17 00:00:00 2001
From: Hillf Danton <hdanton@sina.com>
Date: Wed, 14 Apr 2021 11:58:58 +0800
Subject: [PATCH] mm/gup: Let __get_user_pages_locked() return -EINTR for fatal
 signal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

mainline inclusion
from mainline-v5.7-rc1
commit ae46d2aa6a7fbe8ca0946f24b061b6ccdc6c3f25
category: bugfix
bugzilla: 47439
CVE: NA
---------------------------

__get_user_pages_locked() will return 0 instead of -EINTR after commit
4426e945df588 ("mm/gup: allow VM_FAULT_RETRY for multiple times") which
added extra code to allow gup detect fatal signal faster.

Restore the original -EINTR behavior.

Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Fixes: 4426e945df58 ("mm/gup: allow VM_FAULT_RETRY for multiple times")
Reported-by: syzbot+3be1a33f04dc782e9fd5@syzkaller.appspotmail.com
Signed-off-by: Hillf Danton <hdanton@sina.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Reviewed-by: Jing Xiangfeng <jingxiangfeng@huawei.com>
Reviewed-by: Kefeng  Wang <wangkefeng.wang@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Cheng Jian <cj.chengjian@huawei.com>
---
 mm/gup.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mm/gup.c b/mm/gup.c
index 8be20cbec785..83f0737e57a7 100644
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -947,8 +947,11 @@ static __always_inline long __get_user_pages_locked(struct task_struct *tsk,
 		 * start trying again otherwise it can loop forever.
 		 */
 
-		if (fatal_signal_pending(current))
+		if (fatal_signal_pending(current)) {
+			if (!pages_done)
+				pages_done = -EINTR;
 			break;
+		}
 
 		*locked = 1;
 		down_read(&mm->mmap_sem);
-- 
GitLab