On 7/4/25 08:07, Suren Baghdasaryan wrote:
> --- a/mm/mmap_lock.c
> +++ b/mm/mmap_lock.c
> @@ -178,6 +178,94 @@ struct vm_area_struct *lock_vma_under_rcu(struct
> mm_struct *mm,
> count_vm_vma_lock_event(VMA_LOCK_ABORT);
> return NULL;
> }
> +
> +static struct vm_area_struct *lock_vma_under_mmap_lock(struct mm_struct *mm,
> + struct vma_iterator
> *iter,
> + unsigned long address)
> +{
> + struct vm_area_struct *vma;
> + int ret;
> +
> + ret = mmap_read_lock_killable(mm);
> + if (ret)
> + return ERR_PTR(ret);
> +
> + /* Lookup the vma at the last position again under mmap_read_lock */
> + vma_iter_init(iter, mm, address);
> + vma = vma_next(iter);
> + if (vma)
> + vma_start_read_locked(vma);
This can in theory return false (refcount overflow?) so it should be handled?
> +
> + mmap_read_unlock(mm);
> +
> + return vma;
> +}
> +
