Ubuntu
linux package

  1. Bug #1471892
  2. Comment #4

Comment 4 for bug 1471892

Revision history for this message
dann frazier (dannf) wrote : [PATCH] [3.13-stable only] vm: Fix incomplete backport of VM_FAULT_SIGSEGV handling support

BugLink: http://bugs.launchpad.net/bugs/1471892

Commit b9496d0cc02900b74f01f294b76d3af9f3b12bfe in the 3.13.y-ckt tree is an
incomplete backport of upstream commit 33692f27597fcab536d7cbbcc8f52905133e4aa7.
The commit notes that the changes to mm/gup.c were omitted - presumably because
that file didn't exist in 3.13. However, the relevant code does exist in
3.13.y - it just hadn't been split out from mm/memory.c yet.

This introduced a regression in the Ubuntu kernel that resulted in panics
on arm64 when running the coreutils test suite:

  [...]
  PASS: tests/misc/chcon-fail.sh
  PASS: tests/misc/cut.pl
  [ 141.509350] Kernel panic - not syncing: BUG!
  [ 141.510301] CPU: 0 PID: 22674 Comm: bash Not tainted 3.13.11-ckt22 #20
  [ 141.511641] Call trace:
  [ 141.512115] [<ffffffc00008839c>] dump_backtrace+0x0/0x164
  [ 141.513133] [<ffffffc000088510>] show_stack+0x10/0x1c
  [ 141.514079] [<ffffffc000615460>] dump_stack+0x78/0x94
  [ 141.515022] [<ffffffc000613fd8>] panic+0xe0/0x20c
  [ 141.515903] [<ffffffc00017a7e4>] __get_user_pages+0x454/0x4c8
  [ 141.516971] [<ffffffc00017a898>] get_user_pages+0x40/0x4c
  [ 141.517973] [<ffffffc0001b1580>] get_arg_page+0x40/0xb4
  [ 141.518956] [<ffffffc0001b1fb0>] copy_strings.isra.21+0x158/0x248
  [ 141.520095] [<ffffffc0001b2d50>] do_execve_common.isra.26+0x3f4/0x5a0
  [ 141.521280] [<ffffffc0001b2f14>] do_execve+0x18/0x24
  [ 141.522203] [<ffffffc0001b3174>] SyS_execve+0x34/0x70

This commit completes the backport by retrofiting the missing changes to
mm/memory.c. This does not appear to impact upstream stable kernels. I checked
3.12.y, and it has already included these changes in the initial backport.

Signed-off-by: dann frazier <email address hidden>
---
 mm/memory.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/mm/memory.c b/mm/memory.c
index 0d58cbc..8203f8f 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1833,7 +1833,8 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
       else
        return -EFAULT;
      }
- if (ret & VM_FAULT_SIGBUS)
+ if (ret & (VM_FAULT_SIGBUS |
+ VM_FAULT_SIGSEGV))
       return i ? i : -EFAULT;
      BUG();
     }
@@ -1943,7 +1944,7 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm,
    return -ENOMEM;
   if (ret & (VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE))
    return -EHWPOISON;
- if (ret & VM_FAULT_SIGBUS)
+ if (ret & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV))
    return -EFAULT;
   BUG();
  }
--
2.1.4