On 02.07.25 15:53, Jeongjun Park wrote:
In do_procmap_query(), we are allocating name_buf as much as name_buf_sz
with kmalloc().
However, due to the previous commit eff061546ca5
("mm/maps: execute PROCMAP_QUERY ioctl under per-vma locks"),
the location of kmalloc() is located inside the RCU critical section.
This causes might_sleep_if() to be called inside the RCU critical section,
so we need to move the call location of kmalloc() outside the RCU critical
section to prevent this.
Reported-by: syzbot+6246a83e7bd9f8a3e239@xxxxxxxxxxxxxxxxxxxxxxxxx
Closes: https://syzkaller.appspot.com/bug?extid=6246a83e7bd9f8a3e239
Fixes: eff061546ca5 ("mm/maps: execute PROCMAP_QUERY ioctl under per-vma locks")
That commit is not upstream yet (and the commit id is not stable), so it
should be squashed into the problematic commit.
As a side note: the patch subject of this and the original patch should
start with "fs/proc/task_mmu", not "mm/maps".
--
Cheers,
David / dhildenb
