mm/mmap: properly unaccount memory on mas_preallocate() failure

security_vm_enough_memory_mm() accounts memory via a call to
vm_acct_memory().  Therefore any subsequent failures should unaccount for
this memory prior to returning the error.

Link: https://lkml.kernel.org/r/20221202045339.2999017-1-apopple@nvidia.com
Fixes: 28c5609fb2 ("mm/mmap: preallocate maple nodes for brk vma expansion")
Signed-off-by: Alistair Popple <apopple@nvidia.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
This commit is contained in:
Alistair Popple 2022-12-02 15:53:39 +11:00 committed by Andrew Morton
parent 1bda9dad5a
commit 675eaca1f4

View File

@ -2953,7 +2953,7 @@ static int do_brk_flags(struct ma_state *mas, struct vm_area_struct *vma,
addr >> PAGE_SHIFT, NULL_VM_UFFD_CTX, NULL)) {
mas_set_range(mas, vma->vm_start, addr + len - 1);
if (mas_preallocate(mas, vma, GFP_KERNEL))
return -ENOMEM;
goto unacct_fail;
vma_adjust_trans_huge(vma, vma->vm_start, addr + len, 0);
if (vma->anon_vma) {
@ -2975,7 +2975,7 @@ static int do_brk_flags(struct ma_state *mas, struct vm_area_struct *vma,
/* create a vma struct for an anonymous mapping */
vma = vm_area_alloc(mm);
if (!vma)
goto vma_alloc_fail;
goto unacct_fail;
vma_set_anonymous(vma);
vma->vm_start = addr;
@ -3000,7 +3000,7 @@ static int do_brk_flags(struct ma_state *mas, struct vm_area_struct *vma,
mas_store_fail:
vm_area_free(vma);
vma_alloc_fail:
unacct_fail:
vm_unacct_memory(len >> PAGE_SHIFT);
return -ENOMEM;
}