From afd616d5fe8fa876646d92ce00a363f8a06dc6ee Mon Sep 17 00:00:00 2001 From: Peter Zijlstra Date: Wed, 5 Feb 2020 12:30:52 +0800 Subject: [PATCH] membarrier: Fix RCU locking bug caused by faulty merge mainline inclusion from mainline-5.4-rc2 commit 73956fc07dd7b25d4a33ab3fdd6247c60d0b237c category: bugfix bugzilla: 28332 CVE: NA ------------------------------------------------- The following commit: 227a4aadc75b ("sched/membarrier: Fix p->mm->membarrier_state racy load") got fat fingered by me when merging it with other patches. It meant to move the RCU section out of the for loop but ended up doing it partially, leaving a superfluous rcu_read_lock() inside, causing havok. Reported-by: Ingo Molnar Signed-off-by: Peter Zijlstra (Intel) Cc: Borislav Petkov Cc: Chris Metcalf Cc: Christoph Lameter Cc: Eric W. Biederman Cc: Kirill Tkhai Cc: Linus Torvalds Cc: Mathieu Desnoyers Cc: Mike Galbraith Cc: Oleg Nesterov Cc: Paul E. McKenney Cc: Peter Zijlstra Cc: Russell King - ARM Linux admin Cc: Thomas Gleixner Cc: linux-tip-commits@vger.kernel.org Fixes: 227a4aadc75b ("sched/membarrier: Fix p->mm->membarrier_state racy load") Link: https://lkml.kernel.org/r/20191001085033.GP4519@hirez.programming.kicks-ass.net Signed-off-by: Ingo Molnar Signed-off-by: Cheng Jian Reviewed-By: Xie XiuQi Signed-off-by: Yang Yingliang --- kernel/sched/membarrier.c | 1 - 1 file changed, 1 deletion(-) diff --git a/kernel/sched/membarrier.c b/kernel/sched/membarrier.c index 436c427b27dd..c4ea07e85798 100644 --- a/kernel/sched/membarrier.c +++ b/kernel/sched/membarrier.c @@ -183,7 +183,6 @@ static int membarrier_private_expedited(int flags) */ if (cpu == raw_smp_processor_id()) continue; - rcu_read_lock(); p = task_rcu_dereference(&cpu_rq(cpu)->curr); if (p && p->mm == mm) __cpumask_set_cpu(cpu, tmpmask); -- GitLab