Message ID | 20231122141559.4228-4-laoar.shao@gmail.com (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | mm, security, bpf: Fine-grained control over memory policy adjustments with lsm bpf | expand |
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 10a590ee1c89..ded2e0e62e24 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1259,8 +1259,15 @@ static long do_mbind(unsigned long start, unsigned long len, if (!new) flags |= MPOL_MF_DISCONTIG_OK; - if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) + if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) { + err = security_task_movememory(current); + if (err) { + mpol_put(new); + return err; + } lru_cache_disable(); + } + { NODEMASK_SCRATCH(scratch); if (scratch) {
Considering that mbind(2) using either MPOL_MF_MOVE or MPOL_MF_MOVE_ALL is capable of memory movement, it's essential to include security_task_movememory() to cover this functionality as well. It was identified during a code review. Signed-off-by: Yafang Shao <laoar.shao@gmail.com> --- mm/mempolicy.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-)