From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6AAC1C3DA63 for ; Tue, 23 Jul 2024 17:52:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A50326B0082; Tue, 23 Jul 2024 13:52:53 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A003F6B0083; Tue, 23 Jul 2024 13:52:53 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8EEA16B0085; Tue, 23 Jul 2024 13:52:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 7206E6B0082 for ; Tue, 23 Jul 2024 13:52:53 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id C291DA1F53 for ; Tue, 23 Jul 2024 17:52:52 +0000 (UTC) X-FDA: 82371762984.15.C1F7332 Received: from out-173.mta0.migadu.com (out-173.mta0.migadu.com [91.218.175.173]) by imf23.hostedemail.com (Postfix) with ESMTP id 7B24A14001D for ; Tue, 23 Jul 2024 17:52:49 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=pzv7MCOl; spf=pass (imf23.hostedemail.com: domain of shakeel.butt@linux.dev designates 91.218.175.173 as permitted sender) smtp.mailfrom=shakeel.butt@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1721757133; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=TZbuquas1x4ekbGGCHs5sl0uYWYOmkZYmxi5weGyLHg=; b=v5FYWvsipdRUokSVV01rPt1IA3Dv5gcUvhvO81U5oiyyrQoN/pil2zIkzACl0sB4iBAZbq 93dbZZVkz5ivHFjDfhQ0gcvba04BsnkQzxkJ/+7ry+zcVbOcUgs2btpTYl5JV1CYktPY89 i/xTKZ1JnfIypPKEtdHLhvGHGftSlko= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=pzv7MCOl; spf=pass (imf23.hostedemail.com: domain of shakeel.butt@linux.dev designates 91.218.175.173 as permitted sender) smtp.mailfrom=shakeel.butt@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1721757133; a=rsa-sha256; cv=none; b=4zE1obSA14kwlPEaMk2PxMdJk8NCVh2dzreEGLnaFTOLsHGVwgbm8N2WaSNEC4YP1dkmCq QVs3m1QoQkjDa7U6LdkaWF8tiu7sp9LMLboJo3Qwn++XiXV+NZ02sEZCedRwQIHcxH4dcn 9uv7eevLet6FEUudlz0di1wyUHAVlW4= X-Envelope-To: songmuchun@bytedance.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1721757167; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=TZbuquas1x4ekbGGCHs5sl0uYWYOmkZYmxi5weGyLHg=; b=pzv7MCOlKa3poeF9ON9PQQt6Jbxsr+ATv6w5NP7DoQTF/P1VHJQpdDot/z1yron/pqLvYZ JdYBz/piBlBkq8sXfu23Wxx6J7UZXQ9Pkun7tZrbVUCnuUKudlbvMcEdRQYvlJWvGE62QJ 1jXS75c8pLk/OM1rZEemTcNAjLjyeJQ= X-Envelope-To: akpm@linux-foundation.org X-Envelope-To: hannes@cmpxchg.org X-Envelope-To: muchun.song@linux.dev X-Envelope-To: nphamcs@gmail.com X-Envelope-To: linux-mm@kvack.org X-Envelope-To: linux-kernel@vger.kernel.org Date: Tue, 23 Jul 2024 10:52:42 -0700 X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Shakeel Butt To: Muchun Song Cc: akpm@linux-foundation.org, hannes@cmpxchg.org, muchun.song@linux.dev, nphamcs@gmail.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mm: list_lru: fix UAF for memory cgroup Message-ID: References: <20240718083607.42068-1-songmuchun@bytedance.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240718083607.42068-1-songmuchun@bytedance.com> X-Migadu-Flow: FLOW_OUT X-Stat-Signature: qpzha1brhyik7mrydbkzdh3xmrpky86y X-Rspam-User: X-Rspamd-Queue-Id: 7B24A14001D X-Rspamd-Server: rspam02 X-HE-Tag: 1721757169-174951 X-HE-Meta: U2FsdGVkX18p1zg1TR5UWm2Sh18zZz9RKkA2pxbO44qcz4Ra7ZdauH07o2jhHJNAWiGGDq5atT0SKyw4y7LuScV+LxjAz2kuaCMZFvMGyg9h1MTpaBTNnvuTMehgPwG6VT2JVKjSUgaYFDSoHpejoQblKu6h00q0PKuPfCEChkI6L1Loi+5JPoshNC2M0QraL7v3vI8kW1xUNNcX9MFslXTho2qSJyi6EeBJj+hPQmafzMbeRHf+zQzpbnQPVi5nS7g3QpT0jgq/SjdNhtE+xsUi/WKt6PWaJ7H6FP5ETyW1rYjBkBvcXdG9kVFjPciQRe1xd8XTm2d1SWCDIglolVjewySFRk1TQHeFLREkU+yDLib3W7dvXjdVzF9cYDWYgz+db+6FTbqlfXga/9FGrFsuWjCvnGER23f0NkRhsi0L+OnNXsRFhzkPFjL5/Yeg5E0KE898QkcwsiEHyfhpyUtKLFyRRpdmErsIeQfmEJUs1ak7DRwn7zOttDmrtRkgnGgo0mAkaPylOF34QHLYc/2ElRqXLted/nCPkPFRUB4El2yQJIfH03a60i+oyyY++vZPBUuZnftI7rr4mbu8h6kUI7SguUJRbd1pM89YTheUFoXx3rwCUBsesOBDotjKvU8Oxn07X4/FTboR5KawhuyJH/a9PF0sh2GUgYby8ttUsWrRTCdE816Afgw2z2uwwroqjKQ9AYW6OBOlqTWtsgoXuA2TsQ1yapAU2Cu7uekvScPJGQAi9WkOCImQyc9gACRDaLRacCpVz0z40jPr5pNN5CEhIbW6lbBr3lMVSfL7H/ld/mbarcHN4adudPzCWeXIDmz2cwg2IrwrfvDYdUCpXlgavMwgFNhcLptn8924+dnJvkIJVDoEnyC5BETbr9WcPoYHfxdBk42+3KpByzT4MRxUUJiihqArWT9yXLl7BFIBlEYOY/HtLlqegxNaLyZpOTAUUum+NuWVABk JNFo8+Pg 6HG3cXZensni3l6/oGcyN8M85zPlAWHQuFIKYzWkt1WihU63b9IO0eUJbtdYN3e2q+XnbPcb47YkctDHMnlW0BQE+meIS8T5VPWwDL0/7Y/exGt3V+XjXaNnAKyEQsrf1/wM8pvaZIO/KhzlKrdlBesw0w0haT2PNBRBGoFiVAVPxYriYl8tO+lUCo1akdGwwfArgvwD4qiiuJ3qiyhBdrq0CzGHF34sMV3Ez X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Jul 18, 2024 at 04:36:07PM GMT, Muchun Song wrote: > The mem_cgroup_from_slab_obj() is supposed to be called under rcu > lock or cgroup_mutex or others which could prevent returned memcg > from being freed. Fix it by adding missing rcu read lock. > > Fixes: 0a97c01cd20bb ("list_lru: allow explicit memcg and NUMA node selection) > Signed-off-by: Muchun Song Yup I noticed these as well while reviewing Kairui's patches. Acked-by: Shakeel Butt