OpenCloudOS-Kernel/arch/arm64/kernel
Masayoshi Mizuma 4585fc59c0 arm64/sve: Fix wrong free for task->thread.sve_state
The system which has SVE feature crashed because of
the memory pointed by task->thread.sve_state was destroyed
by someone.

That is because sve_state is freed while the forking the
child process. The child process has the pointer of sve_state
which is same as the parent's because the child's task_struct
is copied from the parent's one. If the copy_process()
fails as an error on somewhere, for example, copy_creds(),
then the sve_state is freed even if the parent is alive.
The flow is as follows.

copy_process
        p = dup_task_struct
            => arch_dup_task_struct
                *dst = *src;  // copy the entire region.
:
        retval = copy_creds
        if (retval < 0)
                goto bad_fork_free;
:
bad_fork_free:
...
        delayed_free_task(p);
          => free_task
             => arch_release_task_struct
                => fpsimd_release_task
                   => __sve_free
                      => kfree(task->thread.sve_state);
                         // free the parent's sve_state

Move child's sve_state = NULL and clearing TIF_SVE flag
to arch_dup_task_struct() so that the child doesn't free the
parent's one.
There is no need to wait until copy_process() to clear TIF_SVE for
dst, because the thread flags for dst are initialized already by
copying the src task_struct.
This change simplifies the code, so get rid of comments that are no
longer needed.

As a note, arm64 used to have thread_info on the stack. So it
would not be possible to clear TIF_SVE until the stack is initialized.
From commit c02433dd6d ("arm64: split thread_info from task stack"),
the thread_info is part of the task, so it should be valid to modify
the flag from arch_dup_task_struct().

Cc: stable@vger.kernel.org # 4.15.x-
Fixes: bc0ee47603 ("arm64/sve: Core task context handling")
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reported-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Suggested-by: Dave Martin <Dave.Martin@arm.com>
Reviewed-by: Dave Martin <Dave.Martin@arm.com>
Tested-by: Julien Grall <julien.grall@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>
2019-10-01 13:30:52 +01:00
..
probes arm64: kprobes: Recover pstate.D in single-step exception handler 2019-08-02 11:55:50 +01:00
vdso arm64: vdso: Cleanup Makefiles 2019-07-22 10:37:33 +01:00
vdso32 arm64: vdso: Cleanup Makefiles 2019-07-22 10:37:33 +01:00
.gitignore arm64: Build infrastructure 2012-09-17 13:42:21 +01:00
Makefile arm64: vdso: Enable vDSO compat support 2019-06-22 21:21:09 +02:00
acpi.c arm64 updates for 5.3: 2019-07-08 09:54:55 -07:00
acpi_numa.c acpi: Create subtable parsing infrastructure 2019-04-04 18:41:12 +02:00
acpi_parking_protocol.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
alternative.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
armv8_deprecated.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
asm-offsets.c arm64: vdso: Remove unnecessary asm-offsets.c definitions 2019-06-26 07:28:10 +02:00
cacheinfo.c arm64 updates for 5.3: 2019-07-08 09:54:55 -07:00
cpu-reset.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cpu-reset.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cpu_errata.c arm64: errata: Update stale comment 2019-10-01 13:30:17 +01:00
cpu_ops.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
cpufeature.c arm64 updates for 5.4: 2019-09-16 14:31:40 -07:00
cpuidle.c PSCI: cpuidle: Refactor CPU suspend power_state parameter handling 2019-08-09 17:51:39 +01:00
cpuinfo.c arm64: constify icache_policy_str[] 2019-08-13 18:32:17 +01:00
crash_core.c arm64: kernel: arch_crash_save_vmcoreinfo() should depend on CONFIG_CRASH_CORE 2018-09-11 11:08:49 +01:00
crash_dump.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
debug-monitors.c arm64: Remove unneeded rcu_read_lock from debug handlers 2019-08-01 15:00:27 +01:00
efi-entry.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
efi-header.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
efi-rt-wrapper.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
efi.c mm/pgtable: drop pgtable_t variable from pte_fn_t functions 2019-07-12 11:05:46 -07:00
entry-fpsimd.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
entry-ftrace.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
entry.S arm64: entry: Move ct_user_exit before any other exception 2019-08-21 18:45:52 +01:00
fpsimd.c arm64/sve: Fix a couple of magic numbers for the Z-reg count 2019-07-22 11:49:03 +01:00
ftrace.c arm64: ftrace: Ensure module ftrace trampoline is coherent with I-side 2019-08-16 17:40:03 +01:00
head.S Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
hibernate-asm.S arm64: mm: Logic to make offset_ttbr1 conditional 2019-08-09 11:17:24 +01:00
hibernate.c arm64: memory: rename VA_START to PAGE_END 2019-08-14 17:06:58 +01:00
hw_breakpoint.c arm64: hw_breakpoint: Fix warnings about implicit fallthrough 2019-07-29 11:59:15 +01:00
hyp-stub.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
image-vars.h arm64/efi: Move variable assignments after SECTIONS 2019-08-14 17:18:15 +01:00
image.h arm64/efi: Move variable assignments after SECTIONS 2019-08-14 17:18:15 +01:00
insn.c arm64: constify aarch64_insn_encoding_class[] 2019-08-13 18:32:17 +01:00
io.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
irq.c arm64 updates for 5.3: 2019-07-08 09:54:55 -07:00
jump_label.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
kaslr.c Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
kexec_image.c arm64/kexec: Use consistent convention of initializing 'kxec_buf.mem' with KEXEC_BUF_MEM_UNKNOWN 2019-08-05 11:06:33 +01:00
kgdb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
kuser32.S docs: arm: convert docs to ReST and rename to *.rst 2019-07-15 09:20:24 -03:00
machine_kexec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
machine_kexec_file.c Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
module-plts.c arm64: Replace strncmp with str_has_prefix 2019-08-05 11:06:34 +01:00
module.c arm64: module: Mark expected switch fall-through 2019-07-29 11:59:36 +01:00
module.lds arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
paravirt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
pci.c pci-v5.3-changes 2019-07-15 20:44:49 -07:00
perf_callchain.c arm64: stacktrace: Factor out backtrace initialisation 2019-07-22 11:44:08 +01:00
perf_event.c arm64: perf_event: Add missing header needed for smp_processor_id() 2019-08-20 17:10:05 +01:00
perf_regs.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
pointer_auth.c arm64: ptr auth: Move per-thread keys from thread_info to thread_struct 2018-12-13 16:42:47 +00:00
process.c arm64/sve: Fix wrong free for task->thread.sve_state 2019-10-01 13:30:52 +01:00
psci.c arm64: smp: disable hotplug on trusted OS resident CPU 2019-08-15 11:12:03 +01:00
ptrace.c arm64/ptrace: Fix typoes in sve_set() comment 2019-08-07 16:20:57 +01:00
reloc_test_core.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
reloc_test_syms.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
relocate_kernel.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
return_address.c arm64: unwind: Prohibit probing on return_address() 2019-08-01 15:00:26 +01:00
sdei.c arm64: fix wrong check of on_sdei_stack in nmi context 2019-04-04 16:02:25 +01:00
setup.c Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
signal.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
signal32.c arm64: compat: Get sigreturn trampolines from vDSO 2019-06-22 21:21:09 +02:00
sigreturn32.S arm64: compat: Split kuser32 2019-04-23 18:01:57 +01:00
sleep.S arm64: kernel: use aff3 instead of aff2 in comment 2019-06-04 14:51:01 +01:00
smccc-call.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
smp.c arm64: smp: Treat unknown boot failures as being 'stuck in kernel' 2019-08-27 17:37:05 +01:00
smp_spin_table.c arm64: prefer __section from compiler_attributes.h 2019-08-13 18:32:15 +01:00
ssbd.c arm64: ssbd: explicitly depend on <linux/prctl.h> 2019-06-17 18:38:10 +01:00
stacktrace.c arm64: unwind: Prohibit probing on return_address() 2019-08-01 15:00:26 +01:00
suspend.c arm64: mm: Support Common Not Private translations 2018-09-18 12:02:27 +01:00
sys.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
sys32.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 452 2019-06-19 17:09:08 +02:00
sys_compat.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
syscall.c arm64: errata: Add workaround for Cortex-A76 erratum #1463225 2019-05-23 11:38:10 +01:00
time.c arm64: stacktrace: Factor out backtrace initialisation 2019-07-22 11:44:08 +01:00
topology.c Merge tag 'common/for-v5.4-rc1/cpu-topology' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux into for-next/cpu-topology 2019-08-14 10:07:00 +01:00
trace-events-emulation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.c arm64 updates for 5.4: 2019-09-16 14:31:40 -07:00
vdso.c arm64: compat: VDSO setup for compat layer 2019-06-22 21:21:08 +02:00
vmlinux.lds.S arm64/efi: Move variable assignments after SECTIONS 2019-08-14 17:18:15 +01:00