On 2019/8/21 0:02, Oleg Nesterov wrote: > userfaultfd_release() should clear vm_flags/vm_userfaultfd_ctx even > if mm->core_state != NULL. > > Otherwise a page fault can see userfaultfd_missing() == T and use an > already freed userfaultfd_ctx. > > Reported-by: Kefeng Wang <[email protected]> > Fixes: 04f5866e41fb ("coredump: fix race condition between > mmget_not_zero()/get_task_mm() and core dumping") > Cc: [email protected] > Signed-off-by: Oleg Nesterov <[email protected]> > --- > fs/userfaultfd.c | 25 +++++++++++++------------ > 1 file changed, 13 insertions(+), 12 deletions(-)
Tested on lts4.4 and 5.3-rc4, Thanks.
