Re: [PATCH v3 2/2] ARM: mm: protect show_pte() in do_DataAbort() fallback path

Next message: Russell King: "Re: [PATCH v3 1/2] ARM: mm: fix use-after-free in __do_user_fault() under CONFIG_DEBUG_USER"
Previous message: Vincenzo Frascino: "Re: [PATCH v2 1/2] media: arm: mali-c55: Add support for CCM"
In reply to: Qi Xi: "[PATCH v3 2/2] ARM: mm: protect show_pte() in do_DataAbort() fallback path"
Next in thread: Xie Yuanbin: "Re: [PATCH v3 2/2] ARM: mm: protect show_pte() in do_DataAbort() fallback path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Russell King

Date: Fri Jun 26 2026 - 05:45:31 EST

On Fri, Jun 26, 2026 at 03:30:48PM +0800, Qi Xi wrote:
> The do_DataAbort() fallback path handles FSR types not serviced by
> do_page_fault() (fsr_info entries with fn=do_bad). This path also
> calls show_pte() without holding mmap_read_lock, exposing it to
> the same use-after-free issue.
>
> Since do_DataAbort() is an exception entry point that can be reached
> from contexts where sleeping is not allowed, use mmap_read_trylock().
> If the lock cannot be acquired, the page table dump is skipped.
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Suggested-by: Yuanbin Xie <xieyuanbin1@xxxxxxxxxx>
> Signed-off-by: Qi Xi <xiqi2@xxxxxxxxxx>

Same reason as patch 1. We can't take locks.

--
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 80Mbps down 10Mbps up. Decent connectivity at last!