Re: [PATCH] sched/mmcid: Don't assume CID is CPU owned on mode switch

Next message: Florian Bezdeka: "[PATCH net-next 0/2] net: stmmac: Fix MSI vector leak, make stmmac NUMA aware"
Previous message: Matthew Wilcox: "Re: [PATCH] mm: map maximum pages possible in finish_fault"
In reply to: Thomas Gleixner: "[PATCH] sched/mmcid: Don't assume CID is CPU owned on mode switch"
Next in thread: Takashi Iwai: "Re: [PATCH] sched/mmcid: Don't assume CID is CPU owned on mode switch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Mathieu Desnoyers

Date: Tue Feb 10 2026 - 11:28:28 EST

On 2026-02-10 11:20, Thomas Gleixner wrote:

Shinichiro reported a KASAN UAF, which is actually an out of bounds access
in the MMCID management code.

[...]

Fixes: 007d84287c74 ("sched/mmcid: Drop per CPU CID immediately when switching to per task mode")
Reported-by: Shinichiro Kawasaki <shinichiro.kawasaki@xxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxx>
Tested-by: Shinichiro Kawasaki <shinichiro.kawasaki@xxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Closes: https://lore.kernel.org/aYsZrixn9b6s_2zL@shinmob
---

Linus, can you please take that directly?

Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>

--
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com