[PATCH v5 01/17] powerpc/powernv/vas: Release reference to tgid during window close

Nicholas Piggin npiggin at gmail.com
Mon Jun 14 12:11:41 AEST 2021


Excerpts from Haren Myneni's message of June 13, 2021 8:54 pm:
> 
> The kernel handles the NX fault by updating CSB or sending
> signal to process. In multithread applications, children can
> open VAS windows and can exit without closing them. But the
> parent can continue to send NX requests with these windows. To
> prevent pid reuse, reference will be taken on pid and tgid
> when the window is opened and release them during window close.
> 
> The current code is not releasing the tgid reference which can
> cause pid leak and this patch fixes the issue.
> 
> Fixes: db1c08a740635 ("powerpc/vas: Take reference to PID and mm for user space windows")
> Cc: stable at vger.kernel.org # 5.8+
> Signed-off-by: Haren Myneni <haren at linux.ibm.com>
> Reported-by: Nicholas Piggin <npiggin at gmail.com>

Reviewed-by: Nicholas Piggin <npiggin at gmail.com>

Thanks,
Nick

> ---
>  arch/powerpc/platforms/powernv/vas-window.c | 9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/arch/powerpc/platforms/powernv/vas-window.c b/arch/powerpc/platforms/powernv/vas-window.c
> index 5f5fe63a3d1c..7ba0840fc3b5 100644
> --- a/arch/powerpc/platforms/powernv/vas-window.c
> +++ b/arch/powerpc/platforms/powernv/vas-window.c
> @@ -1093,9 +1093,9 @@ struct vas_window *vas_tx_win_open(int vasid, enum vas_cop_type cop,
>  		/*
>  		 * Process closes window during exit. In the case of
>  		 * multithread application, the child thread can open
> -		 * window and can exit without closing it. Expects parent
> -		 * thread to use and close the window. So do not need
> -		 * to take pid reference for parent thread.
> +		 * window and can exit without closing it. so takes tgid
> +		 * reference until window closed to make sure tgid is not
> +		 * reused.
>  		 */
>  		txwin->tgid = find_get_pid(task_tgid_vnr(current));
>  		/*
> @@ -1339,8 +1339,9 @@ int vas_win_close(struct vas_window *window)
>  	/* if send window, drop reference to matching receive window */
>  	if (window->tx_win) {
>  		if (window->user_win) {
> -			/* Drop references to pid and mm */
> +			/* Drop references to pid. tgid and mm */
>  			put_pid(window->pid);
> +			put_pid(window->tgid);
>  			if (window->mm) {
>  				mm_context_remove_vas_window(window->mm);
>  				mmdrop(window->mm);
> -- 
> 2.18.2
> 
> 
> 


More information about the Linuxppc-dev mailing list