From 22cfd78a5f58f72a37a1971af8633c50d7e8f468 Mon Sep 17 00:00:00 2001
From: Portia Stephens <portia.stephens@canonical.com>
Date: Mon, 22 Jul 2024 16:34:37 -0400
Subject: [PATCH] Revert "fork: defer linking file vma until vma is fully
 initialized"

BugLink: https://bugs.launchpad.net/bugs/2074091

This reverts commit 073dd4b2ab7a0de00982223caad8cb7691d024ee.

Signed-off-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
---
 kernel/fork.c | 33 ++++++++++++++++-----------------
 1 file changed, 16 insertions(+), 17 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 92436fff039b..172fc8c09973 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -717,23 +717,6 @@ static __latent_entropy int dup_mmap(struct mm_struct *mm,
 		} else if (anon_vma_fork(tmp, mpnt))
 			goto fail_nomem_anon_vma_fork;
 		vm_flags_clear(tmp, VM_LOCKED_MASK);
-		/*
-		 * Copy/update hugetlb private vma information.
-		 */
-		if (is_vm_hugetlb_page(tmp))
-			hugetlb_dup_vma_private(tmp);
-
-		/*
-		 * Link the vma into the MT. After using __mt_dup(), memory
-		 * allocation is not necessary here, so it cannot fail.
-		 */
-		vma_iter_bulk_store(&vmi, tmp);
-
-		mm->map_count++;
-
-		if (tmp->vm_ops && tmp->vm_ops->open)
-			tmp->vm_ops->open(tmp);
-
 		file = tmp->vm_file;
 		if (file) {
 			struct address_space *mapping = file->f_mapping;
@@ -750,9 +733,25 @@ static __latent_entropy int dup_mmap(struct mm_struct *mm,
 			i_mmap_unlock_write(mapping);
 		}
 
+		/*
+		 * Copy/update hugetlb private vma information.
+		 */
+		if (is_vm_hugetlb_page(tmp))
+			hugetlb_dup_vma_private(tmp);
+
+		/*
+		 * Link the vma into the MT. After using __mt_dup(), memory
+		 * allocation is not necessary here, so it cannot fail.
+		 */
+		vma_iter_bulk_store(&vmi, tmp);
+
+		mm->map_count++;
 		if (!(tmp->vm_flags & VM_WIPEONFORK))
 			retval = copy_page_range(tmp, mpnt);
 
+		if (tmp->vm_ops && tmp->vm_ops->open)
+			tmp->vm_ops->open(tmp);
+
 		if (retval) {
 			mpnt = vma_next(&vmi);
 			goto loop_out;