Hi Andrew, We need to also update those callers that unconditionally set VMA flags via vm_flags_reset() and vm_flags_reset_once() to account for sticky flags.
Please apply the attached fix-patch to fix this :) Thanks, Lorenzo ----8<---- >From 15c8661499f118ac8d422a8344c8017f24590ad0 Mon Sep 17 00:00:00 2001 From: Lorenzo Stoakes <[email protected]> Date: Mon, 17 Nov 2025 13:24:37 +0000 Subject: [PATCH] fixup Signed-off-by: Lorenzo Stoakes <[email protected]> --- mm/madvise.c | 3 +++ mm/mlock.c | 3 +++ mm/mprotect.c | 3 +++ 3 files changed, 9 insertions(+) diff --git a/mm/madvise.c b/mm/madvise.c index fb1c86e630b6..e651675eaaaf 100644 --- a/mm/madvise.c +++ b/mm/madvise.c @@ -172,6 +172,9 @@ static int madvise_update_vma(vm_flags_t new_flags, if (IS_ERR(vma)) return PTR_ERR(vma); + /* Account for sticky flags. */ + new_flags |= vma->vm_flags; + madv_behavior->vma = vma; /* vm_flags is protected by the mmap_lock held in write mode. */ diff --git a/mm/mlock.c b/mm/mlock.c index bb0776f5ef7c..7455a1f6a98c 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -484,6 +484,9 @@ static int mlock_fixup(struct vma_iterator *vmi, struct vm_area_struct *vma, goto out; } + /* Account for sticky flags. */ + newflags |= vma->vm_flags; + /* * Keep track of amount of locked VM. */ diff --git a/mm/mprotect.c b/mm/mprotect.c index ab4e06cd9a69..145417471201 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -762,6 +762,9 @@ mprotect_fixup(struct vma_iterator *vmi, struct mmu_gather *tlb, goto fail; } + /* Account for sticky flags. */ + newflags |= vma->vm_flags; + *pprev = vma; /* -- 2.51.0
