[PATCH v2 03/13] fork: Move vm_stack to the beginning of the stack

Next message: David Stevens: "[PATCH v2 04/13] fork: separate vmap stack allocation and free calls"
Previous message: David Stevens: "[PATCH v2 02/13] fork: Don't assume fully populated stack during reuse"
In reply to: David Stevens: "[PATCH v2 02/13] fork: Don't assume fully populated stack during reuse"
Next in thread: David Stevens: "[PATCH v2 04/13] fork: separate vmap stack allocation and free calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Stevens

Date: Fri Apr 24 2026 - 15:19:52 EST

The vm_stack struct used to free stacks via an RCU callback is stored
directly in the stack being freed. Make sure it's stored at the
beginning of the stack regardless of stack growth direction, to avoid
faults on partially allocated dynamic stacks.

Signed-off-by: David Stevens <stevensd@xxxxxxxxxx>
---
kernel/fork.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 50772c0cc5da..72c081db492c 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -282,7 +282,12 @@ static void thread_stack_free_rcu(struct rcu_head *rh)

static void thread_stack_delayed_free(struct task_struct *tsk)
{
- struct vm_stack *vm_stack = tsk->stack;
+ struct vm_stack *vm_stack;
+
+ if (IS_ENABLED(CONFIG_STACK_GROWSUP))
+ vm_stack = tsk->stack;
+ else
+ vm_stack = tsk->stack + THREAD_SIZE - sizeof(*vm_stack);

vm_stack->stack_vm_area = tsk->stack_vm_area;
call_rcu(&vm_stack->rcu, thread_stack_free_rcu);
--
2.54.0.rc2.544.gc7ae2d5bb8-goog