[PATCH] sched/core: Fix a potential double fetch bug on attr->size

From: Meng Xu `attr->size` after the second fetch `copy_from_user(attr, uattr, size)`, can be different from what is initially fetched in and checked `get_user(size, &uattr->size)` by racing condition in the userspace. The issue and the patch are both similar to commit f12f42a (in kernel/events/

Re: [PATCH] sched/core: Fix a potential double fetch bug on attr->size

Hi Peter, I am sorry, I thought the patch is included in the forwarded email. I just resent the patch. Please check. Best Regards, Meng On 09/25/2017 03:31 AM, Peter Zijlstra wrote: On Sat, Sep 23, 2017 at 10:05:56PM -0400, Meng Xu wrote: Hi Peter and Ingo, As a reminder, this is a very simi

Re: [PATCH] sched/core: Fix a potential double fetch bug on attr->size

On Sat, Sep 23, 2017 at 10:05:56PM -0400, Meng Xu wrote: > Hi Peter and Ingo, > > As a reminder, this is a very similar issue to perf_copy_attr (see following > patch) > https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=f12f42acdbb577a12eecfcebbbec41c81505c4dc > >

[PATCH] sched/core: Fix a potential double fetch bug on attr->size

From: Meng Xu `attr->size` after the second fetch `copy_from_user(attr, uattr, size)`, can be different from what is initially fetched in and checked `get_user(size, &uattr->size)` by racing condition in the userspace. The issue and the patch are both similar to commit f12f42a (in kernel/events/