[GIT pull] core/urgent for v5.18-rc6

From: Thomas Gleixner
Date: Sun May 08 2022 - 08:05:30 EST

Next message: Thomas Gleixner: "[GIT pull] irq/urgent for v5.18-rc6"
Previous message: kernel test robot: "Re: [PATCH v2 2/3] mm: rmap: Fix CONT-PTE/PMD size hugetlb issue when migration"
Next in thread: Thomas Gleixner: "[GIT pull] irq/urgent for v5.18-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linus,

please pull the latest core/urgent branch from:

git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git core-urgent-2022-05-08

up to: 2667ed10d9f0: mm: Fix PASID use-after-free issue

A single bugfix for the PASID management code, which freed the PASID too
early. The PASID needs to be tied to the mm lifetime, not to the address
space lifetime.

Thanks,

tglx

------------------>
Fenghua Yu (1):
mm: Fix PASID use-after-free issue

kernel/fork.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 9796897560ab..35a3beff140b 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -792,6 +792,7 @@ void __mmdrop(struct mm_struct *mm)
mmu_notifier_subscriptions_destroy(mm);
check_mm(mm);
put_user_ns(mm->user_ns);
+ mm_pasid_drop(mm);
free_mm(mm);
}
EXPORT_SYMBOL_GPL(__mmdrop);
@@ -1190,7 +1191,6 @@ static inline void __mmput(struct mm_struct *mm)
}
if (mm->binfmt)
module_put(mm->binfmt->module);
- mm_pasid_drop(mm);
mmdrop(mm);
}

Next message: Thomas Gleixner: "[GIT pull] irq/urgent for v5.18-rc6"
Previous message: kernel test robot: "Re: [PATCH v2 2/3] mm: rmap: Fix CONT-PTE/PMD size hugetlb issue when migration"
Next in thread: Thomas Gleixner: "[GIT pull] irq/urgent for v5.18-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]