From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=F7pE=5Y=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=3.0 tests=MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F1F92C2BA1A
	for <linux-mm@archiver.kernel.org>; Wed,  8 Apr 2020 10:21:33 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 98FD120768
	for <linux-mm@archiver.kernel.org>; Wed,  8 Apr 2020 10:21:33 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 98FD120768
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 045BD8E000D; Wed,  8 Apr 2020 06:21:33 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id F38A38E0006; Wed,  8 Apr 2020 06:21:32 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id E74E58E000D; Wed,  8 Apr 2020 06:21:32 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0178.hostedemail.com [216.40.44.178])
	by kanga.kvack.org (Postfix) with ESMTP id D077B8E0006
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 06:21:32 -0400 (EDT)
Received: from smtpin10.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with ESMTP id 8EE0180195DD
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 10:21:32 +0000 (UTC)
X-FDA: 76684296024.10.level51_2a87b81654c3a
X-HE-Tag: level51_2a87b81654c3a
X-Filterd-Recvd-Size: 3142
Received: from mail-wr1-f65.google.com (mail-wr1-f65.google.com [209.85.221.65])
	by imf25.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 10:21:32 +0000 (UTC)
Received: by mail-wr1-f65.google.com with SMTP id h9so7166692wrc.8
        for <linux-mm@kvack.org>; Wed, 08 Apr 2020 03:21:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=fdVczqsLYJ2DIvo2k7kUsz9yNfr4DQ6vZjZROaUu81k=;
        b=B8qDNTXK3IKyyTVaVpieJ8hrhWM8pTBhvCA2pn3N4GKn2Pt6yt4onWFBOklZ4DQjOp
         wI9aKy7x2BL9mV/UKI4Dbwpus2ufoGhxsleE0RPr2SQQGck3U0dm1xV09Vr9JJ7r8PFK
         c+AebI1r7dzwYnXw7gWOXsAk/p0zCZa9DYRqdsotX+5JwpubC+nPUJsxvVNZ7SbEG5CZ
         X5Wx7P3r6rrS9rgILDQ4KrUcqjQY75y0jzi68yXIP74VqQAnK6M70A+todDAdKHJ8dMK
         +XgEpag3YXo/l1TOzglz0+nQrJvjAcQk+RjGH6gDje3UN22SOeX5m/77KKbTmrL7w2pb
         q0cQ==
X-Gm-Message-State: AGi0PuZ4cQadHTkZOGSKzO980o3Jn4rXX3NOOxC+46xeGIB4iZW4EUkU
	mbPao0UKmCq8K7mnXT90GMk=
X-Google-Smtp-Source: APiQypJYp2QwZD21P2CHJAnre1Yfs+Cr+P/d72eYb87+4V1sWEXzF5pCej6nNSz5az7RMys/uBBcNQ==
X-Received: by 2002:adf:cd0c:: with SMTP id w12mr2248969wrm.12.1586341290985;
        Wed, 08 Apr 2020 03:21:30 -0700 (PDT)
Received: from localhost (ip-37-188-180-223.eurotel.cz. [37.188.180.223])
        by smtp.gmail.com with ESMTPSA id u7sm6843865wmg.41.2020.04.08.03.21.29
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Apr 2020 03:21:29 -0700 (PDT)
Date: Wed, 8 Apr 2020 12:21:28 +0200
From: Michal Hocko <mhocko@kernel.org>
To: Peter Xu <peterx@redhat.com>
Cc: linux-kernel@vger.kernel.org,
	Linus Torvalds <torvalds@linux-foundation.org>, linux-mm@kvack.org,
	Andrew Morton <akpm@linux-foundation.org>,
	syzbot+693dc11fcb53120b5559@syzkaller.appspotmail.com
Subject: Re: [PATCH 1/2] mm/mempolicy: Allow lookup_node() to handle fatal
 signal
Message-ID: <20200408102128.GX18914@dhcp22.suse.cz>
References: <20200408014010.80428-1-peterx@redhat.com>
 <20200408014010.80428-2-peterx@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200408014010.80428-2-peterx@redhat.com>
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Tue 07-04-20 21:40:09, Peter Xu wrote:
> lookup_node() uses gup to pin the page and get node information.  It
> checks against ret>=0 assuming the page will be filled in.  However
> it's also possible that gup will return zero, for example, when the
> thread is quickly killed with a fatal signal.  Teach lookup_node() to
> gracefully return an error -EFAULT if it happens.
> 
> Meanwhile, initialize "page" to NULL to avoid potential risk of
> exploiting the pointer.
> 
> Reported-by: syzbot+693dc11fcb53120b5559@syzkaller.appspotmail.com
> Fixes: 4426e945df58 ("mm/gup: allow VM_FAULT_RETRY for multiple times")

I am not familiar with thic commit but shouldn't gup return ERESTARTSYS
on a fatal signal?
-- 
Michal Hocko
SUSE Labs