Re: [PATCH v5] watchdog/hardlockup: Fix UAF in perf event cleanup due to migration race

Next message: David Lechner: "Re: [PATCH 2/2] iio: light: Add support for Capella cm36686 and cm36672p sensors"
Previous message: Alexei Starovoitov: "Re: [PATCH] bpf: add missing __printf attributes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Petr Mladek

Date: Tue Feb 03 2026 - 11:42:56 EST

On Mon 2026-01-26 21:22:24, Qiliang Yuan wrote:
> The hardlockup detector's probe path (watchdog_hardlockup_probe()) can
> be executed in a non-pinned context, such as during the asynchronous
> retry mechanism (lockup_detector_delay_init) which runs in a standard
> unbound workqueue.

[...]

> Refactor hardlockup_detector_event_create() to be stateless by returning
> the created perf_event pointer instead of directly modifying the per-cpu
> 'watchdog_ev' variable. This allows the probe logic to safely manage
> the temporary event. Use cpu_hotplug_disable() during the probe to ensure
> the target CPU remains valid throughout the check.
>
> Fixes: 930d8f8dbab9 ("watchdog/perf: adapt the watchdog_perf interface for async model")
> Signed-off-by: Shouxin Sun <sunshx@xxxxxxxxxxxxxxx>
> Signed-off-by: Junnan Zhang <zhangjn11@xxxxxxxxxxxxxxx>
> Signed-off-by: Qiliang Yuan <realwujing@xxxxxxxxx>
> Signed-off-by: Qiliang Yuan <yuanql9@xxxxxxxxxxxxxxx>
> Cc: Song Liu <song@xxxxxxxxxx>
> Cc: Douglas Anderson <dianders@xxxxxxxxxxxx>
> Cc: Jinchao Wang <wangjinchao600@xxxxxxxxx>
> Cc: <stable@xxxxxxxxxxxxxxx>

Please, do not remove people from Cc, especially when you send new
versions on such a rapid speed.

I was on Cc only for this version. There were no replies. I started
review just to realize that another 4 versions were sent within
a week and they got some proper review and v9 already ended in
linux-next...

Best Regards,
Petr