Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 's390-6.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull s390 fixes from Vasily Gorbik:
- Fix double free of guarded storage and runtime instrumentation
control blocks on fork() failure
- Fix triggering write fault when VMA does not allow VM_WRITE
* tag 's390-6.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
s390/mm: do not trigger write fault when vma does not allow VM_WRITE
s390: fix double free of GS and RI CBs on fork() failure
+19
-7
+16
-6
arch/s390/kernel/process.c
+16
-6
arch/s390/kernel/process.c
···
91
91
92
92
memcpy(dst, src, arch_task_struct_size);
93
93
dst->thread.fpu.regs = dst->thread.fpu.fprs;
94
+
95
+
/*
96
+
* Don't transfer over the runtime instrumentation or the guarded
97
+
* storage control block pointers. These fields are cleared here instead
98
+
* of in copy_thread() to avoid premature freeing of associated memory
99
+
* on fork() failure. Wait to clear the RI flag because ->stack still
100
+
* refers to the source thread.
101
+
*/
102
+
dst->thread.ri_cb = NULL;
103
+
dst->thread.gs_cb = NULL;
104
+
dst->thread.gs_bc_cb = NULL;
105
+
94
106
return 0;
95
107
}
96
108
···
162
150
frame->childregs.flags = 0;
163
151
if (new_stackp)
164
152
frame->childregs.gprs[15] = new_stackp;
165
-
166
-
/* Don't copy runtime instrumentation info */
167
-
p->thread.ri_cb = NULL;
153
+
/*
154
+
* Clear the runtime instrumentation flag after the above childregs
155
+
* copy. The CB pointer was already cleared in arch_dup_task_struct().
156
+
*/
168
157
frame->childregs.psw.mask &= ~PSW_MASK_RI;
169
-
/* Don't copy guarded storage control block */
170
-
p->thread.gs_cb = NULL;
171
-
p->thread.gs_bc_cb = NULL;
172
158
173
159
/* Set a new TLS ? */
174
160
if (clone_flags & CLONE_SETTLS) {
+3
-1
arch/s390/mm/fault.c
+3
-1
arch/s390/mm/fault.c