github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-25 07:32:11 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
26064848ef
linux/drivers
History
Frederic Barrat d497ebf5fb ocxl: Fix page fault handler in case of fault on dying process 
If a process exits without doing proper cleanup, there's a window
where an opencapi device can try to access the memory of the dying
process and may trigger a page fault. That's an expected scenario and
the ocxl driver holds a reference on the mm_struct of the process
until the opencapi device is notified of the process exiting.
However, if mm_users is already at 0, i.e. the address space of the
process has already been destroyed, the driver shouldn't try resolving
the page fault, as it will fail, but it can also try accessing already
freed data.

It is fixed by only calling the bottom half of the page fault handler
if mm_users is greater than 0 and get a reference on mm_users instead
of mm_count. Otherwise, we can safely return a translation fault to
the device, as its associated memory context is being removed. The
opencapi device will be properly cleaned up shortly after when closing
the file descriptors.

Fixes: 5ef3166e8a ("ocxl: Driver code for 'generic' opencapi devices")
Cc: stable@vger.kernel.org # v4.16+
Signed-off-by: Frederic Barrat <fbarrat@linux.ibm.com>
Reviewed-By: Alastair D'Silva <alastair@d-silva.org>
Acked-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2018-07-02 23:59:45 +10:00
..
accessibility
acpi
amba
android
ata
atm
auxdisplay
base
bcma
block for-linus-20180629 2018-06-30 10:47:46 -07:00
bluetooth
bus
cdrom
char Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
clk
clocksource
connector
cpufreq
cpuidle
crypto
dax dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() 2018-06-28 16:06:08 -04:00
dca
devfreq
dio
dma
dma-buf
edac
eisa
extcon
firewire
firmware
fmc
fpga
fsi
gpio
gpu for-linus-20180629 2018-06-30 10:47:46 -07:00
hid
hsi
hv
hwmon
hwspinlock
hwtracing
i2c i2c: gpio: initialize SCL to HIGH again 2018-06-29 08:23:12 +02:00
ide
idle
iio
infiniband
input
iommu
ipack
irqchip
isdn Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
leds
lightnvm
macintosh
mailbox
mcb
md dm: prevent DAX mounts if not supported 2018-06-28 16:06:14 -04:00
media
memory
memstick
message
mfd
misc ocxl: Fix page fault handler in case of fault on dying process 2018-07-02 23:59:45 +10:00
mmc
mtd
mux
net Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
nfc
ntb
nubus
nvdimm pmem: only set QUEUE_FLAG_DAX for fsdax mode 2018-06-28 16:05:59 -04:00
nvme
nvmem
of
opp
oprofile
parisc
parport
pci
pcmcia
perf
phy
pinctrl
platform
pnp
power
powercap
pps
ps3
ptp
pwm
rapidio
ras
regulator
remoteproc
reset
rpmsg
rtc
s390
sbus
scsi
sfi
sh
siox
slimbus
sn
soc
soundwire
spi
spmi
ssb
staging Staging/IIO fixes for 4.18-rc3 2018-07-01 12:20:20 -07:00
target
tc
tee
thermal
thunderbolt
tty
uio
usb
uwb
vfio
vhost
video
virt
virtio
visorbus
vlynq
vme
w1
watchdog
xen
zorro
Kconfig
Makefile