xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a13f58a0cafa7b0416a2898bc3b0defbb305d108
android_kernel_xiaomi_sm8450/kernel
History
Qian Cai d22cc7f67d locking/percpu-rwsem: Fix a task_struct refcount 
The following commit:

  7f26482a87 ("locking/percpu-rwsem: Remove the embedded rwsem")

introduced task_struct memory leaks due to messing up the task_struct
refcount.

At the beginning of percpu_rwsem_wake_function(), it calls get_task_struct(),
but if the trylock failed, it will remain in the waitqueue. However, it
will run percpu_rwsem_wake_function() again with get_task_struct() to
increase the refcount but then only call put_task_struct() once the trylock
succeeded.

Fix it by adjusting percpu_rwsem_wake_function() a bit to guard against
when percpu_rwsem_wait() observing !private, terminating the wait and
doing a quick exit() while percpu_rwsem_wake_function() then doing
wake_up_process(p) as a use-after-free.

Fixes: 7f26482a87 ("locking/percpu-rwsem: Remove the embedded rwsem")
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Qian Cai <cai@lca.pw>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lkml.kernel.org/r/20200330213002.2374-1-cai@lca.pw
2020-04-08 12:05:06 +02:00
..
bpf
Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2020-03-30 19:52:37 -07:00
cgroup
Merge branch 'for-5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
2020-04-03 11:30:20 -07:00
configs
compiler: remove CONFIG_OPTIMIZE_INLINING entirely
2020-04-07 10:43:42 -07:00
debug
Merge tag 'spdx-5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx
2020-04-03 13:12:26 -07:00
dma
Merge tag 'dma-mapping-5.7' of git://git.infradead.org/users/hch/dma-mapping
2020-04-04 10:12:47 -07:00
events
mm/vma: replace all remaining open encodings with is_vm_hugetlb_page()
2020-04-07 10:43:37 -07:00
gcov
kernel/gcov/fs.c: replace zero-length array with flexible-array member
2020-04-07 10:43:44 -07:00
irq
Merge tag 'x86-entry-2020-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2020-03-30 19:14:28 -07:00
livepatch
Merge tag 'trace-v5.5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2019-11-27 11:42:01 -08:00
locking
locking/percpu-rwsem: Fix a task_struct refcount
2020-04-08 12:05:06 +02:00
power
Merge tag 'pm-5.7-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
2020-04-06 10:14:39 -07:00
printk
console: Introduce ->exit() callback
2020-02-11 10:44:22 +01:00
rcu
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2020-03-30 16:17:15 -07:00
sched
mm/vma: make vma_is_accessible() available for general use
2020-04-07 10:43:37 -07:00
time
hrtimer: Don't dereference the hrtimer pointer after the callback
2020-04-01 13:20:14 +02:00
trace
Merge tag 'trace-v5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2020-04-05 10:36:18 -07:00
.gitignore
.gitignore: add SPDX License Identifier
2020-03-25 11:50:48 +01:00
acct.c
acct: stop using get_seconds()
2019-12-18 18:07:31 +01:00
async.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
audit_fsnotify.c
fsnotify: use helpers to access data by data_type
2020-03-23 18:19:06 +01:00
audit_tree.c
audit_watch.c
Merge tag 'fsnotify_for_v5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2020-04-06 08:58:42 -07:00
audit.c
Merge tag 'audit-pr-20200330' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2020-03-31 15:04:17 -07:00
audit.h
audit: trigger accompanying records when no rules present
2020-03-12 10:42:51 -04:00
auditfilter.c
audit: fix error handling in audit_data_to_entry()
2020-02-22 20:36:47 -05:00
auditsc.c
audit: trigger accompanying records when no rules present
2020-03-12 10:42:51 -04:00
backtracetest.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
bounds.c
capability.c
compat.c
y2038: remove unused time32 interfaces
2020-02-21 11:22:15 -08:00
configs.c
proc: convert everything to "struct proc_ops"
2020-02-04 03:05:26 +00:00
context_tracking.c
context-tracking: Introduce CONFIG_HAVE_TIF_NOHZ
2020-02-14 16:05:04 +01:00
cpu_pm.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282
2019-06-05 17:36:37 +02:00
cpu.c
Merge tag 'smp-core-2020-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2020-03-30 18:06:39 -07:00
crash_core.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230
2019-06-19 17:09:06 +02:00
crash_dump.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
cred.c
kernel: doc: remove outdated comment cred.c
2020-03-25 10:04:01 -05:00
delayacct.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25
2019-05-21 11:52:39 +02:00
dma.c
elfcore.c
kernel/elfcore.c: include proper prototypes
2019-09-25 17:51:39 -07:00
exec_domain.c
exit.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-04-02 11:22:17 -07:00
extable.c
kernel/extable.c: use address-of operator on section symbols
2020-04-07 10:43:42 -07:00
fail_function.c
fail_function: no need to check return value of debugfs_create functions
2019-06-03 15:49:06 +02:00
fork.c
mm: set vm_next and vm_prev to NULL in vm_area_dup()
2020-04-07 10:43:37 -07:00
freezer.c
Revert "libata, freezer: avoid block device removal while system is frozen"
2019-10-06 09:11:37 -06:00
futex.c
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2020-03-30 16:17:15 -07:00
gen_kheaders.sh
kheaders: explain why include/config/autoconf.h is excluded from md5sum
2019-11-11 20:10:01 +09:00
groups.c
hung_task.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
iomem.c
mm/nvdimm: add is_ioremap_addr and use that to check ioremap address
2019-07-12 11:05:40 -07:00
irq_work.c
lockdep: Annotate irq_work
2020-03-21 16:00:24 +01:00
jump_label.c
jump_label: Don't warn on __exit jump entries
2019-08-29 15:10:10 +01:00
kallsyms.c
kallsyms: unexport kallsyms_lookup_name() and kallsyms_on_each_symbol()
2020-04-07 10:43:44 -07:00
kcmp.c
kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve
2020-03-25 10:04:01 -05:00
Kconfig.freezer
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Kconfig.hz
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Kconfig.locks
sched/rt, locking: Use CONFIG_PREEMPTION
2019-12-08 14:37:36 +01:00
Kconfig.preempt
sched/Kconfig: Fix spelling mistake in user-visible help text
2019-11-12 11:35:32 +01:00
kcov.c
kcov: remote coverage support
2019-12-04 19:44:14 -08:00
kexec_core.c
kexec: add machine_kexec_post_load()
2020-01-08 16:32:55 +00:00
kexec_elf.c
kexec_elf: support 32 bit ELF files
2019-09-06 23:58:44 +02:00
kexec_file.c
kexec: add machine_kexec_post_load()
2020-01-08 16:32:55 +00:00
kexec_internal.h
kexec: add machine_kexec_post_load()
2020-01-08 16:32:55 +00:00
kexec.c
kexec: add machine_kexec_post_load()
2020-01-08 16:32:55 +00:00
kheaders.c
kheaders: Move from proc to sysfs
2019-05-24 20:16:01 +02:00
kmod.c
kernel/kmod.c: fix a typo "assuems" -> "assumes"
2020-04-07 10:43:44 -07:00
kprobes.c
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
2020-01-09 12:40:13 +01:00
ksysfs.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 170
2019-05-30 11:26:39 -07:00
kthread.c
kthread: Do not preempt current task if it is going to call schedule()
2020-03-20 13:06:20 +01:00
latencytop.c
proc: convert everything to "struct proc_ops"
2020-02-04 03:05:26 +00:00
Makefile
kcov: ignore fault-inject and stacktrace
2020-01-31 10:30:41 -08:00
module_signature.c
MODSIGN: Export module signature definitions
2019-08-05 18:39:56 -04:00
module_signing.c
MODSIGN: Export module signature definitions
2019-08-05 18:39:56 -04:00
module-internal.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36
2019-05-24 17:27:11 +02:00
module.c
proc: faster open/read/close with "permanent" files
2020-04-07 10:43:42 -07:00
notifier.c
x86/mm: split vmalloc_sync_all()
2020-03-21 18:56:06 -07:00
nsproxy.c
ns: Introduce Time Namespace
2020-01-14 12:20:48 +01:00
padata.c
crypto: pcrypt - simplify error handling in pcrypt_create_aead()
2020-03-06 12:28:24 +11:00
panic.c
locking/refcount: Remove unused 'refcount_error_report()' function
2019-11-25 09:15:42 +01:00
params.c
lockdown: Lock down module params that specify hardware parameters (eg. ioport)
2019-08-19 21:54:16 -07:00
pid_namespace.c
pid: Improve the comment about waiting in zap_pid_ns_processes
2020-02-28 16:29:12 -06:00
pid.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-04-02 11:22:17 -07:00
profile.c
proc: convert everything to "struct proc_ops"
2020-02-04 03:05:26 +00:00
ptrace.c
ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()
2020-01-18 13:51:39 +01:00
range.c
reboot.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
relay.c
resource.c
mm/memory_hotplug.c: use PFN_UP / PFN_DOWN in walk_system_ram_range()
2019-09-24 15:54:09 -07:00
rseq.c
rseq: Reject unknown flags on rseq unregister
2019-12-25 10:41:20 +01:00
seccomp.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2020-03-31 17:29:33 -07:00
signal.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-04-02 11:22:17 -07:00
smp.c
cpu/hotplug: Move bringup of secondary CPUs out of smp_init()
2020-03-25 12:59:37 +01:00
smpboot.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
smpboot.h
softirq.c
lockdep: Rename trace_{hard,soft}{irq_context,irqs_enabled}()
2020-03-21 16:03:54 +01:00
stackleak.c
stacktrace.c
stacktrace: Get rid of unneeded '!!' pattern
2019-11-11 10:30:59 +01:00
stop_machine.c
stop_machine: Make stop_cpus() static
2020-01-17 10:19:21 +01:00
sys_ni.c
y2038: allow disabling time32 system calls
2019-11-15 14:38:30 +01:00
sys.c
sys/sysinfo: Respect boottime inside time namespace
2020-03-03 19:34:32 +01:00
sysctl_binary.c
sysctl: Remove the sysctl system call
2019-11-26 13:03:56 -06:00
sysctl-test.c
kunit: allow kunit tests to be loaded as a module
2020-01-09 16:42:29 -07:00
sysctl.c
mm/compaction: Disable compact_unevictable_allowed on RT
2020-04-02 09:35:31 -07:00
task_work.c
task_work_run: don't take ->pi_lock unconditionally
2020-03-02 14:06:33 -07:00
taskstats.c
taskstats: fix data-race
2019-12-04 15:18:39 +01:00
test_kprobes.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25
2019-05-21 11:52:39 +02:00
torture.c
Merge tag 'smp-core-2020-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2020-03-30 18:06:39 -07:00
tracepoint.c
Merge tag 'trace-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2019-07-18 11:51:00 -07:00
tsacct.c
tsacct: add 64-bit btime field
2019-12-18 18:07:31 +01:00
ucount.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
uid16.c
uid16.h
umh.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
up.c
smp/up: Make smp_call_function_single() match SMP semantics
2020-02-07 15:34:12 +01:00
user_namespace.c
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
2019-07-08 19:36:47 -07:00
user-return-notifier.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
user.c
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
2019-07-08 19:36:47 -07:00
utsname_sysctl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
utsname.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
watchdog_hld.c
watchdog.c
watchdog/softlockup: Enforce that timestamp is valid on boot
2020-01-17 11:19:22 +01:00
workqueue_internal.h
workqueue.c
Merge branch 'for-5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2020-04-03 12:27:36 -07:00