* [GIT pull] core fix for 4.9
@ 2016-11-05 16:15 Thomas Gleixner
0 siblings, 0 replies; only message in thread
From: Thomas Gleixner @ 2016-11-05 16:15 UTC (permalink / raw)
To: Linus Torvalds; +Cc: LKML, Andrew Morton, Ingo Molnar, H. Peter Anvin
Linus,
please pull the latest core-urgent-for-linus git tree from:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git core-urgent-for-linus
Add a sanity check into release_task_stack() to catch problems with task
stack references.
Thanks,
tglx
------------------>
Andy Lutomirski (1):
fork: Add task stack refcounting sanity check and prevent premature task stack freeing
kernel/fork.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/kernel/fork.c b/kernel/fork.c
index 623259fc794d..997ac1d584f7 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -315,6 +315,9 @@ static void account_kernel_stack(struct task_struct *tsk, int account)
static void release_task_stack(struct task_struct *tsk)
{
+ if (WARN_ON(tsk->state != TASK_DEAD))
+ return; /* Better to leak the stack than to free prematurely */
+
account_kernel_stack(tsk, -1);
arch_release_thread_stack(tsk->stack);
free_thread_stack(tsk);
@@ -1862,6 +1865,7 @@ static __latent_entropy struct task_struct *copy_process(
atomic_dec(&p->cred->user->processes);
exit_creds(p);
bad_fork_free:
+ p->state = TASK_DEAD;
put_task_stack(p);
free_task(p);
fork_out:
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2016-11-05 16:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-05 16:15 [GIT pull] core fix for 4.9 Thomas Gleixner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).