[PATCH openEuler-1.0-LTS 099/109] mm/gup: Let __get_user_pages_locked() return -EINTR for fatal signal

From: Hillf Danton hdanton@sina.com

mainline inclusion from mainline-v5.7-rc1 commit ae46d2aa6a7fbe8ca0946f24b061b6ccdc6c3f25 category: bugfix bugzilla: 47439 CVE: NA ---------------------------

__get_user_pages_locked() will return 0 instead of -EINTR after commit 4426e945df588 ("mm/gup: allow VM_FAULT_RETRY for multiple times") which added extra code to allow gup detect fatal signal faster.

Restore the original -EINTR behavior.

Cc: Andrew Morton akpm@linux-foundation.org Cc: Thomas Gleixner tglx@linutronix.de Cc: Peter Zijlstra peterz@infradead.org Fixes: 4426e945df58 ("mm/gup: allow VM_FAULT_RETRY for multiple times") Reported-by: syzbot+3be1a33f04dc782e9fd5@syzkaller.appspotmail.com Signed-off-by: Hillf Danton hdanton@sina.com Acked-by: Michal Hocko mhocko@suse.com Signed-off-by: Peter Xu peterx@redhat.com Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Xiongfeng Wang wangxiongfeng2@huawei.com Reviewed-by: Jing Xiangfeng jingxiangfeng@huawei.com Reviewed-by: Kefeng  Wang wangkefeng.wang@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com Signed-off-by: Cheng Jian cj.chengjian@huawei.com --- mm/gup.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mm/gup.c b/mm/gup.c index 8be20cbec785..83f0737e57a7 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -947,8 +947,11 @@ static __always_inline long __get_user_pages_locked(struct task_struct *tsk, * start trying again otherwise it can loop forever. */

- if (fatal_signal_pending(current)) + if (fatal_signal_pending(current)) { + if (!pages_done) + pages_done = -EINTR; break; + }

*locked = 1; down_read(&mm->mmap_sem);