Re: [RFC PATCH 0/2] mm/damon/sysfs-schemes: fix use-after-free for [memcg_]path

Next message: Mark Brown: "Re: [PATCH 1/2] spi: add new_device/delete_device sysfs interface"
Previous message: Shardul Bankar: "Re: [PATCH] mptcp: do not drop partial packets"
In reply to: SeongJae Park: "[RFC PATCH 2/2] mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: SeongJae Park

Date: Wed Apr 22 2026 - 10:47:00 EST

On Wed, 22 Apr 2026 07:34:59 -0700 SeongJae Park <sj@xxxxxxxxxx> wrote:

> Reads of 'path' and 'memcg_path' files in DAMON sysfs interface could
> race with their writes, results in use-after-free. Fix those.

Forgot adding change log, sorry.

Changes from v2
- v2: https://lore.kernel.org/20260420125405.362137-1-qjx1298677004@xxxxxxxxx
- Split patch for individual fixes commits.
- Hand-off authorship to SJ, give Co-developed-by: to Junxi.
- Use mutex_trylock() instead of mutex_lock().
- Add RFC tag for Sashiko review round.
- Wordsmith commit messages.
Changes from v1
- v1: https://lore.kernel.org/20260420085332.178473-1-qjx1298677004@xxxxxxxxx
- Protect not only user-writes but also user-reads.

Thanks,
SJ

>
> SeongJae Park (2):
> mm/damon/sysfs-schemes: protect memcg_path kfree() with
> damon_sysfs_lock
> mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock
>
> mm/damon/sysfs-schemes.c | 24 ++++++++++++++++++++++--
> 1 file changed, 22 insertions(+), 2 deletions(-)
>
>
> base-commit: 0d45806f3a75bf53e59475b0e56be324f650ab09
> --
> 2.47.3

Sent using hkml (https://github.com/sjp38/hackermail)