CVS commit: src/sys/uvm

[Taylor R Campbell]

Module Name:    src
Committed By:   riastradh
Date:           Tue Apr 19 22:53:34 UTC 2022

Modified Files:
        src/sys/uvm: uvm_mmap.c

Log Message:
Revert "mmap(2): If we fail with a hint, try again without it."

This doesn't work, because uvm_mmap releases the uobj when it fails.
Should factor this more coherently, but let's just revert for now.

Reported-by: syzbot+d347c8951821b2361...@syzkaller.appspotmail.com
Reported-by: syzbot+7643d1b769fdfa18c...@syzkaller.appspotmail.com
Reported-by: syzbot+44f4b39671dd580cb...@syzkaller.appspotmail.com
Reported-by: syzbot+b5a422299ca4ffe85...@syzkaller.appspotmail.com
Reported-by: syzbot+22681822db67b6e90...@syzkaller.appspotmail.com
Reported-by: syzbot+e59f493ceef72b925...@syzkaller.appspotmail.com
Reported-by: syzbot+666f3fe8364f47e86...@syzkaller.appspotmail.com
Reported-by: syzbot+511d4572f52f1fd9b...@syzkaller.appspotmail.com


To generate a diff of this commit:
cvs rdiff -u -r1.178 -r1.179 src/sys/uvm/uvm_mmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/uvm/uvm_mmap.c
diff -u src/sys/uvm/uvm_mmap.c:1.178 src/sys/uvm/uvm_mmap.c:1.179
--- src/sys/uvm/uvm_mmap.c:1.178	Tue Apr 19 01:34:52 2022
+++ src/sys/uvm/uvm_mmap.c	Tue Apr 19 22:53:34 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: uvm_mmap.c,v 1.178 2022/04/19 01:34:52 riastradh Exp $	*/
+/*	$NetBSD: uvm_mmap.c,v 1.179 2022/04/19 22:53:34 riastradh Exp $	*/
 
 /*
  * Copyright (c) 1997 Charles D. Cranor and Washington University.
@@ -46,7 +46,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uvm_mmap.c,v 1.178 2022/04/19 01:34:52 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uvm_mmap.c,v 1.179 2022/04/19 22:53:34 riastradh Exp $");
 
 #include "opt_compat_netbsd.h"
 #include "opt_pax.h"
@@ -277,8 +277,7 @@ sys_mmap(struct lwp *l, const struct sys
 	vsize_t size, pageoff, newsize;
 	vm_prot_t prot, maxprot, extraprot;
 	int flags, fd, advice;
-	vaddr_t defaddr = 0;	/* XXXGCC */
-	bool addrhint = false;
+	vaddr_t defaddr;
 	struct file *fp = NULL;
 	struct uvm_object *uobj;
 	int error;
@@ -350,12 +349,6 @@ sys_mmap(struct lwp *l, const struct sys
 			addr = MAX(addr, defaddr);
 		else
 			addr = MIN(addr, defaddr);
-
-		/*
-		 * If addr is nonzero and not the default, then the
-		 * address is a hint.
-		 */
-		addrhint = (addr != 0 && addr != defaddr);
 	}
 
 	/*
@@ -408,21 +401,10 @@ sys_mmap(struct lwp *l, const struct sys
 	/*
 	 * now let kernel internal function uvm_mmap do the work.
 	 */
+
 	error = uvm_mmap(&p->p_vmspace->vm_map, &addr, size, prot, maxprot,
 	    flags, advice, uobj, pos, p->p_rlimit[RLIMIT_MEMLOCK].rlim_cur);
 
-	/*
-	 * If the user provided a hint, and we couldn't satisfy that
-	 * hint, try again with the default address.
-	 */
-	if (error && addrhint) {
-		addr = defaddr;
-		pax_aslr_mmap(l, &addr, orig_addr, flags);
-		error = uvm_mmap(&p->p_vmspace->vm_map, &addr, size, prot,
-		    maxprot, flags, advice, uobj, pos,
-		    p->p_rlimit[RLIMIT_MEMLOCK].rlim_cur);
-	}
-
 	/* remember to add offset */
 	*retval = (register_t)(addr + pageoff);