averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-03 12:05:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e52391c3530288596fd507fcf4e54de347f3f9f3
linux-stable-mirror/kernel
History
Peter Zijlstra ee96f47123 task_work: Fix NMI race condition 
[ Upstream commit ef1ea98c8f ]

  __schedule()
  // disable irqs
      <NMI>
	  task_work_add(current, work, TWA_NMI_CURRENT);
      </NMI>
  // current = next;
  // enable irqs
      <IRQ>
	  task_work_set_notify_irq()
	  test_and_set_tsk_thread_flag(current,
                                       TIF_NOTIFY_RESUME); // wrong task!
      </IRQ>
  // original task skips task work on its next return to user (or exit!)

Fixes: 466e4d801c ("task_work: Add TWA_NMI_CURRENT as an additional notify mode.")
Reported-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Link: https://patch.msgid.link/20250924080118.425949403@infradead.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-12-18 13:54:50 +01:00
..
bpf
bpf: Fix stackmap overflow check in __bpf_get_stackid()
2025-12-18 13:54:50 +01:00
cgroup
bpf: Do not limit bpf_cgroup_from_id to current's namespace
2025-11-13 15:34:06 -05:00
configs
tinyconfig: remove unnecessary 'is not set' for choice blocks
2024-09-01 20:34:38 +09:00
debug
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
dma
dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC
2025-10-29 14:08:55 +01:00
entry
treewide: context_tracking: Rename CONTEXT_* into CT_STATE_*
2024-07-29 07:33:10 +05:30
events
perf: Remove get_perf_callchain() init_nr argument
2025-12-18 13:54:49 +01:00
futex
futex: Don't leak robust_list pointer on exec race
2025-11-13 15:34:06 -05:00
gcov
gcov: add support for GCC 15
2025-11-24 10:35:59 +01:00
irq
genirq/irq_sim: Initialize work context pointers properly
2025-07-10 16:05:07 +02:00
kcsan
kcsan: test: Initialize dummy variable
2025-08-15 12:13:46 +02:00
livepatch
locking
locking/spinlock/debug: Fix data-race in do_raw_write_lock
2025-12-12 18:37:18 +01:00
module
module: Prevent silent truncation of module name in delete_module(2)
2025-08-20 18:30:46 +02:00
power
PM: hibernate: Use atomic64_t for compressed_size variable
2025-11-24 10:36:03 +01:00
printk
printk: nbcon: Allow reacquire during panic
2025-08-20 18:30:47 +02:00
rcu
rcu: Fix racy re-initialization of irq_work causing hangs
2025-08-20 18:30:58 +02:00
sched
sched/fair: Forfeit vruntime on yield
2025-12-18 13:54:42 +01:00
time
timers: Fix NULL function pointer race in timer_shutdown_sync()
2025-12-01 11:43:18 +01:00
trace
ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct()
2025-12-12 18:37:19 +01:00
.gitignore
acct.c
acct: block access to kernel internal filesystems
2025-02-27 04:30:23 -08:00
async.c
audit_fsnotify.c
audit_tree.c
audit_watch.c
audit.c
audit: Make use of str_enabled_disabled() helper
2024-09-03 16:35:16 -04:00
audit.h
audit,module: restore audit logging in load failure case
2025-08-15 12:13:31 +02:00
auditfilter.c
audit: use task_tgid_nr() instead of task_pid_nr()
2024-08-28 16:48:28 -04:00
auditsc.c
audit,module: restore audit logging in load failure case
2025-08-15 12:13:31 +02:00
backtracetest.c
bounds.c
capability.c
cfi.c
compat.c
configs.c
context_tracking.c
context_tracking, rcu: Rename rcu_dyntick trace event into rcu_watching
2024-08-15 21:30:43 +05:30
cpu_pm.c
cpu.c
watchdog/hardlockup/perf: Fix perf_event memory leak
2025-04-10 14:39:11 +02:00
crash_core.c
crash: fix crashkernel resource shrink
2025-11-24 10:36:01 +01:00
crash_reserve.c
crash: fix crash memory reserve exceed system memory bug
2024-09-01 20:43:30 -07:00
cred.c
delayacct.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
dma.c
elfcorehdr.c
exec_domain.c
exit.c
perf: Fix sample vs do_exit()
2025-06-27 11:11:45 +01:00
exit.h
extable.c
fail_function.c
fork.c
copy_sighand: Handle architectures where sizeof(unsigned long) < sizeof(u64)
2025-10-19 16:33:48 +02:00
freezer.c
sched,freezer: Remove unnecessary warning in __thaw_task
2025-07-24 08:56:37 +02:00
gen_kheaders.sh
kheaders: Ignore silly-rename files
2025-01-23 17:22:55 +01:00
groups.c
hung_task.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
iomem.c
irq_work.c
jump_label.c
jump_label: Fix static_key_slow_dec() yet again
2024-09-10 11:57:27 +02:00
kallsyms_internal.h
kallsyms_selftest.c
kallsyms: Match symbols exactly with CONFIG_LTO_CLANG
2024-08-15 09:33:35 -07:00
kallsyms_selftest.h
kallsyms.c
kallsyms: Match symbols exactly with CONFIG_LTO_CLANG
2024-08-15 09:33:35 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.kexec
crash, powerpc: default to CRASH_DUMP=n on PPC_BOOK3S_32
2024-11-14 22:43:48 -08:00
Kconfig.locks
Kconfig.preempt
sched_ext: Build fix on !CONFIG_STACKTRACE[_SUPPORT]
2024-08-01 07:08:01 -10:00
kcov.c
kcov: mark in_softirq_really() as __always_inline
2025-01-09 13:33:49 +01:00
kexec_core.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
kexec_elf.c
kexec: initialize ELF lowest address to ULONG_MAX
2025-04-10 14:39:24 +02:00
kexec_file.c
kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y
2024-09-01 17:59:01 -07:00
kexec_internal.h
kexec: use atomic_try_cmpxchg_acquire() in kexec_trylock()
2024-09-01 20:43:23 -07:00
kexec.c
kheaders.c
kprobes.c
kprobes: Fix to check symbol prefixes correctly
2024-08-05 14:04:03 +09:00
ksyms_common.c
ksysfs.c
profiling: remove prof_cpu_mask
2024-07-29 10:45:54 -07:00
kthread.c
kthread: unpark only parked kthread
2024-10-09 12:47:19 -07:00
latencytop.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
Makefile
mm: move kernel/numa.c to mm/
2024-09-03 21:15:26 -07:00
module_signature.c
notifier.c
nsproxy.c
introduce fd_file(), convert all accessors to it.
2024-08-12 22:00:43 -04:00
padata.c
padata: Reset next CPU when reorder sequence wraps around
2025-10-23 16:20:42 +02:00
panic.c
objtool, panic: Disable SMAP in __stack_chk_fail()
2025-05-02 07:59:19 +02:00
params.c
module: ensure that kobject_put() is safe for module type kobjects
2025-05-18 08:24:54 +02:00
pid_namespace.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
pid_sysctl.h
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
pid.c
pid: Add a judgment for ns null in pid_nr_ns
2025-10-19 16:34:05 +02:00
profile.c
profiling: remove profile=sleep support
2024-08-04 13:36:28 -07:00
ptrace.c
range.c
reboot.c
Flush console log from kernel_power_off()
2025-04-20 10:15:12 +02:00
regset.c
relay.c
[tree-wide] finally take no_llseek out
2024-09-27 08:18:43 -07:00
resource_kunit.c
resource, kunit: fix user-after-free in resource_test_region_intersects()
2024-10-09 12:47:19 -07:00
resource.c
resource: fix false warning in __request_region()
2025-08-01 09:48:44 +01:00
rseq.c
rseq: Protect event mask against membarrier IPI
2025-10-19 16:33:34 +02:00
scftorture.c
scs.c
seccomp.c
seccomp: passthrough uprobe systemcall without filtering
2025-11-02 22:15:20 +09:00
signal.c
pidfs: improve multi-threaded exec and premature thread-group leader exit polling
2025-05-29 11:02:09 +02:00
smp.c
smp: Fix up and expand the smp_call_function_many() kerneldoc
2025-10-15 12:00:02 +02:00
smpboot.c
smpboot.h
softirq.c
lockdep: Fix wait context check on softirq for PREEMPT_RT
2025-05-29 11:02:08 +02:00
stackleak.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
stacktrace.c
static_call_inline.c
x86/static-call: provide a way to do very early static-call updates
2024-12-19 18:13:23 +01:00
static_call.c
stop_machine.c
sched/core: Fix migrate_swap() vs. hotplug
2025-07-17 18:37:03 +02:00
sys_ni.c
sys.c
kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths
2025-10-19 16:33:51 +02:00
sysctl-test.c
sysctl.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
task_work.c
task_work: Fix NMI race condition
2025-12-18 13:54:50 +01:00
taskstats.c
introduce fd_file(), convert all accessors to it.
2024-08-12 22:00:43 -04:00
torture.c
tracepoint.c
tracepoint: Support iterating tracepoints in a loading module
2024-09-25 23:23:44 +09:00
tsacct.c
ucount.c
ucount: fix atomic_long_inc_below() argument type
2025-08-15 12:13:59 +02:00
uid16.c
uid16.h
umh.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
up.c
user_namespace.c
user_namespace: use kmemdup_array() instead of kmemdup() for multiple allocation
2024-09-09 16:47:42 -07:00
user-return-notifier.c
user.c
uidgid: make sure we fit into one cacheline
2024-09-12 12:16:09 +02:00
usermode_driver.c
utsname_sysctl.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
utsname.c
vhost_task.c
vhost: Take a reference on the task in struct vhost_task.
2025-10-02 13:44:10 +02:00
vmcore_info.c
mm: support only one page_type per page
2024-09-03 21:15:43 -07:00
watch_queue.c
watch_queue: fix pipe accounting mismatch
2025-04-10 14:39:10 +02:00
watchdog_buddy.c
watchdog_perf.c
watchdog/hardlockup/perf: Fix perf_event memory leak
2025-04-10 14:39:11 +02:00
watchdog.c
watchdog: fix watchdog may detect false positive of softlockup
2025-06-27 11:11:22 +01:00
workqueue_internal.h
workqueue.c
workqueue: Initialize wq_isolated_cpumask in workqueue_init_early()
2025-06-27 11:11:42 +01:00