Re: [PATCH] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2019/8/21 0:02, Oleg Nesterov wrote:
> userfaultfd_release() should clear vm_flags/vm_userfaultfd_ctx even
> if mm->core_state != NULL.
>
> Otherwise a page fault can see userfaultfd_missing() == T and use an
> already freed userfaultfd_ctx.
>
> Reported-by: Kefeng Wang <wangkefeng.wang@xxxxxxxxxx>
> Fixes: 04f5866e41fb ("coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
> ---
>  fs/userfaultfd.c | 25 +++++++++++++------------
>  1 file changed, 13 insertions(+), 12 deletions(-)

Tested on lts4.4 and 5.3-rc4, Thanks.
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux