Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT

Next message: Sebastian Andrzej Siewior: "Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT"
Previous message: Alex Williamson: "Re: [PATCH v11 9/9] vfio: Remove the pcie check for VFIO_PCI_ERR_IRQ_INDEX"
In reply to: Sebastian Andrzej Siewior: "Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT"
Next in thread: Sebastian Andrzej Siewior: "Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steven Rostedt

Date: Wed Mar 25 2026 - 13:51:12 EST

On Wed, 25 Mar 2026 18:05:39 +0100
Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx> wrote:

> Why not just having the synchronize_rcu()?
>
> > Callers that free the containing structure would switch to
> > irq_work_synchronize_free(), or use kfree_rcu() if appropriate
>
> If we provide the irq_work_synchronize_free() then using kfree_rcu()
> would sort of open code irq_work_synchronize_free() since we couldn't
> simply replace synchronize_rcu() with something else and update the
> irq_work core side (we would also have to update all users). I guess
> that was Steven's idea in providing a helper for synchronisation.
>

Yeah, the helper was just document that free work needs synchronization.

Perhaps Jiayuan's idea is better as it will not require modifying current
callers and does fix the issue.

But it would still need helper functions from RCU as I really do not think
it's a good idea to open code the rcuwait logic.

-- Steve