[PATCH 0/2] mm/damon/sysfs-schemes: fix use-after-free for [memcg_]path

Next message: SeongJae Park: "[PATCH 1/2] mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock"
Previous message: Sean Christopherson: "[PATCH v2 3/4] perf/x86/intel: Make @data a mandatory param for intel_guest_get_msrs()"
Next in thread: SeongJae Park: "[PATCH 2/2] mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: SeongJae Park

Date: Thu Apr 23 2026 - 11:09:05 EST

Reads of 'memcg_path' and 'path' files in DAMON sysfs interface could
race with their writes, results in use-after-free. Fix those.

Changes from RFC
- rfc: https://lore.kernel.org/20260422144059.72000-1-sj@xxxxxxxxxx
- Fix a typo in commit description.
- Drop RFC tag.
- Rebase to latest mm-hotfixes-unstable.
Changes from v2
- v2: https://lore.kernel.org/20260420125405.362137-1-qjx1298677004@xxxxxxxxx
- Split patch for individual fixes commits.
- Hand-off authorship to SJ, give Co-developed-by: to Junxi.
- Use mutex_trylock() instead of mutex_lock().
- Add RFC tag for Sashiko review round.
- Wordsmith commit messages.
Changes from v1
- v1: https://lore.kernel.org/20260420085332.178473-1-qjx1298677004@xxxxxxxxx
- Protect not only user-writes but also user-reads.

SeongJae Park (2):
mm/damon/sysfs-schemes: protect memcg_path kfree() with
damon_sysfs_lock
mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock

mm/damon/sysfs-schemes.c | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)

base-commit: 26232ccdfcc7029d92b633b01f5f22913ab72168
--
2.47.3