hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/release-management/issues/ID5CMS -------------------------------- We add a xcall mmu notifier in xcall_area to provide a window for each hijacked process to release their own private data. You should register your notifier callback in kernel module. And the notifier unregister will be done in clear_xcall_area. Signed-off-by: Xinyu Zheng <zhengxinyu6@huawei.com> --- arch/arm64/include/asm/xcall.h | 2 ++ arch/arm64/kernel/xcall/core.c | 3 +++ drivers/staging/xcall/prefetch.c | 7 ++----- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/xcall.h b/arch/arm64/include/asm/xcall.h index c9143b7d2096..b6bcc120575a 100644 --- a/arch/arm64/include/asm/xcall.h +++ b/arch/arm64/include/asm/xcall.h @@ -4,6 +4,7 @@ #include <linux/jump_label.h> #include <linux/mm_types.h> +#include <linux/mmu_notifier.h> #include <linux/sched.h> #include <linux/xcall.h> #include <linux/refcount.h> @@ -48,6 +49,7 @@ struct xcall_area { refcount_t ref; struct xcall *xcall; void *sys_call_data[NR_syscalls]; + struct mmu_notifier xcall_mmu_notifier; }; extern const syscall_fn_t *default_sys_call_table(void); diff --git a/arch/arm64/kernel/xcall/core.c b/arch/arm64/kernel/xcall/core.c index a88c4ed6e575..8a3e984f2f6b 100644 --- a/arch/arm64/kernel/xcall/core.c +++ b/arch/arm64/kernel/xcall/core.c @@ -277,6 +277,9 @@ void clear_xcall_area(struct mm_struct *mm) if (!refcount_dec_and_test(&area->ref)) return; + if (area->xcall_mmu_notifier.mm == mm && atomic_read(&mm->mm_count) > 1) + mmu_notifier_unregister(&area->xcall_mmu_notifier, mm); + if (area->xcall) put_xcall(area->xcall); diff --git a/drivers/staging/xcall/prefetch.c b/drivers/staging/xcall/prefetch.c index 5486684bea95..4e372767f5b3 100644 --- a/drivers/staging/xcall/prefetch.c +++ b/drivers/staging/xcall/prefetch.c @@ -223,10 +223,6 @@ static struct mmu_notifier_ops xcall_mmu_notifier_ops = { .release = prefetch_pfi_release, }; -static struct mmu_notifier xcall_mmu_notifier = { - .ops = &xcall_mmu_notifier_ops, -}; - static void xcall_cancel_work(unsigned int fd) { struct prefetch_item *pfi = current_prefetch_items() + fd; @@ -364,7 +360,8 @@ static long __do_sys_epoll_create(struct pt_regs *regs) items[i].file = NULL; set_prefetch_numa_cpu(&items[i]); } - mmu_notifier_register(&xcall_mmu_notifier, current->mm); + area->xcall_mmu_notifier.ops = &xcall_mmu_notifier_ops; + mmu_notifier_register(&area->xcall_mmu_notifier, current->mm); return ret; } -- 2.34.1