lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250902-cpuset-free-on-condition-v1-1-f46ffab53eac@quicinc.com>
Date: Tue, 2 Sep 2025 09:56:17 +0530
From: Ashay Jaiswal <quic_ashayj@...cinc.com>
To: Waiman Long <longman@...hat.com>, Tejun Heo <tj@...nel.org>,
        "Johannes
 Weiner" <hannes@...xchg.org>,
        Michal Koutný
	<mkoutny@...e.com>,
        "Peter Zijlstra (Intel)" <peterz@...radead.org>
CC: <cgroups@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <stable@...r.kernel.org>, Ashay Jaiswal <quic_ashayj@...cinc.com>
Subject: [PATCH] cpuset: prevent freeing unallocated cpumask in hotplug
 handling

In cpuset hotplug handling, temporary cpumasks are allocated only when
running under cgroup v2. The current code unconditionally frees these
masks, which can lead to a crash on cgroup v1 case.

Free the temporary cpumasks only when they were actually allocated.

Fixes: 4b842da276a8 ("cpuset: Make CPU hotplug work with partition")
Cc: stable@...r.kernel.org
Signed-off-by: Ashay Jaiswal <quic_ashayj@...cinc.com>
---
 kernel/cgroup/cpuset.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
index a78ccd11ce9b43c2e8b0e2c454a8ee845ebdc808..a4f908024f3c0a22628a32f8a5b0ae96c7dccbb9 100644
--- a/kernel/cgroup/cpuset.c
+++ b/kernel/cgroup/cpuset.c
@@ -4019,7 +4019,8 @@ static void cpuset_handle_hotplug(void)
 	if (force_sd_rebuild)
 		rebuild_sched_domains_cpuslocked();
 
-	free_tmpmasks(ptmp);
+	if (on_dfl && ptmp)
+		free_tmpmasks(ptmp);
 }
 
 void cpuset_update_active_cpus(void)

---
base-commit: 33bcf93b9a6b028758105680f8b538a31bc563cf
change-id: 20250902-cpuset-free-on-condition-85cf4eadb18c

Best regards,
-- 
Ashay Jaiswal <quic_ashayj@...cinc.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ