From 3c9a39c770fa7adfe552ac44259197eaa434d2e8 Mon Sep 17 00:00:00 2001
From: Kalesh Singh <kaleshsingh@google.com>
Date: Tue, 21 Jan 2025 23:33:43 +0000
Subject: [PATCH] ANDROID: 16K: Fix mincore emulation

Since the temporary page to process the mincore range is reused
and __collapse_mincore_results() bitwise ORs X contiguous entries
with the initial buffer value; clear the previous results when
emulating the page size to avoid corruption from the previous
processed entries.

Bug: 383389337
Bug: 390505059
Bug: 385169772
Bug: 390404912
Test: atest
     vts_ltp_test_x86_64:syscalls.mlock201_64bit#syscalls.mlock201_64bit
          --iterations 10
Change-Id: I816b8952f8d544ab37298582e626ab3f8bbcab7f
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 mm/mincore.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/mm/mincore.c b/mm/mincore.c
index bd677567bc9d..7f0606cfb3c7 100644
--- a/mm/mincore.c
+++ b/mm/mincore.c
@@ -302,6 +302,14 @@ SYSCALL_DEFINE3(mincore, unsigned long, start, size_t, len,
 			retval = -EFAULT;
 			break;
 		}
+
+		/*
+		 * If emulating the page size, clear the old results, to avoid
+		 * corrupting the next __collapse_mincore_result()
+		 */
+		if (nr_subpages > 1)
+			memset(res, 0, retval / nr_subpages);
+
 		pages -= retval;
 		vec += retval / nr_subpages;
 		start += retval << PAGE_SHIFT;