rcu-tasks: Don't delete holdouts within trc_inspect_reader()
stable inclusion from stable-5.10.55 commit 55ddab2bfd7035347765e62748fd1e30cb3528d6 bugzilla: 175636 https://gitee.com/openeuler/kernel/issues/I4DYWD Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55ddab2bfd7035347765e62748fd1e30cb3528d6 -------------------------------- [ Upstream commit 1d10bf55 ] As Yanfei pointed out, although invoking trc_del_holdout() is safe from the viewpoint of the integrity of the holdout list itself, the put_task_struct() invoked by trc_del_holdout() can result in use-after-free errors due to later accesses to this task_struct structure by the RCU Tasks Trace grace-period kthread. This commit therefore removes this call to trc_del_holdout() from trc_inspect_reader() in favor of the grace-period thread's existing call to trc_del_holdout(), thus eliminating that particular class of use-after-free errors. Reported-by:"Xu, Yanfei" <yanfei.xu@windriver.com> Signed-off-by:
Loading
Please sign in to comment