From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-dy1-f201.google.com (mail-dy1-f201.google.com [74.125.82.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9586236A03B for ; Fri, 24 Apr 2026 19:16:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.82.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777058215; cv=none; b=ZHDQeleQ0p4dYkEJ+sgZ0oPSeZrhYvlML1nfsuozQWlMyp3PZPb9EJcK1Rkfj+rPlY+nq3aIudrxx1JDz+QbPH0EnyASNVmH5AN7W2eGOuhdj0EzLNBOIh283XN1zR9Yfd23lFLT3zuyNJRXRFhiVwU3CBYt8sAKBy98bkuSnpU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777058215; c=relaxed/simple; bh=nQS6eXBrY3KPwkyShBSngvf9zYZxFsF3HnayMzV/8RU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ddAFI6yC3iwKXApWT+56+TYO12UKsfjvWnx3tXcJjgLsoYkkidDwsFaVBIQbx2XTu7SAY2JNa0tFHSUHraI8hQHokdhqPnGRiez3876CB4OP4dF86SSS5Hahy1bJmrkKAp55j/RCNORqkSMAE4kWmUEfACd4PFx6eoh9aylKUPU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--stevensd.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=cpEuia10; arc=none smtp.client-ip=74.125.82.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--stevensd.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="cpEuia10" Received: by mail-dy1-f201.google.com with SMTP id 5a478bee46e88-2ba9a744f7dso10721360eec.0 for ; Fri, 24 Apr 2026 12:16:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1777058214; x=1777663014; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=9JB7NKoMb7Kcix3lOCCD+xHQKh1dK9y1oER4KZfFKa0=; b=cpEuia10ThlYXXyhnavjYiCqDCVGYHkK1Sr7rKLQddh+7Rs5lVSzdt3d4uc4vWqXya /uaYblfVzL1lujAQgt90RKTStTw5npglUaWYGwkcmOVXdYuAHPWfqzW+OFkUZawp1R5w aWKg9oYIgYZVabaXLtYhrf0wZWyA+Z++f2G4AYWughDHbqzVV2aAEu6Co+P4w+H4XqVy 1MTz1n4mUZeGvlmkXGoGWAsPVZm3Bd1VjQdqzwzdnXpn0KdeYecNR+TzTg7TfXV8Jtv+ NZ0Jtv0h0Niyx88UOxIjTOYIWS3sbsXQG4Iy6oWwlDzUH4hW/c2g+dr9vduJGN+ClOJd Es4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777058214; x=1777663014; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9JB7NKoMb7Kcix3lOCCD+xHQKh1dK9y1oER4KZfFKa0=; b=nXMXuk3QY45L5geKWNOwFmeNEb/CFzBT1IYafAPOwp2Q2rCRrf2qKkIOcnsWVxmqR1 FVD6A119Pnpjc8UkiRlN3zQWACPnxxd7knoF9o9A2R2qIWluMNBvl0VZIUd7U8iRt0Xv SZPnNulUt9dakYqINxj8D7yHfCc5k3Mmf8E2Ou4a+jNP6t10kkitIlU8N3YeDwJyCTmO 1buqB0KeNoBZWqGSE/RIc5uK8hpwClTNpRcfCiNbiBr/VCVSM30RHWusmNZZflt1xLR4 +DvmLK4NyWkU4OONceRMpBNbgbGOJxgGhgFsmr1LoGn3mh1GEYbP11jQ7qsKPShjLYSf cveQ== X-Forwarded-Encrypted: i=1; AFNElJ+iD+Ydh6Tdiw5pqtvw/MLlV5mlznnVivNIVM/nJsEaaA6QHAuEDQ80aRP5/KZU1PK8f2oOHPq4rJ2YY90=@vger.kernel.org X-Gm-Message-State: AOJu0YzaCNyEFoE/RErIQS4AYYWsId9uAorFUr35huXpnvy5rwMJTSWt RwoEI/EiGBiXtphYg+5nCFOWu0UzVAVE4t8g8Bqxl4sF+G+l/dH894oZ5/2tFQYUdw4JwWJONv0 SHKrjugj0KofqKw== X-Received: from dlam10.prod.google.com ([2002:a05:701b:208a:b0:12c:912f:7d3f]) (user=stevensd job=prod-delivery.src-stubby-dispatcher) by 2002:a05:7022:2602:b0:128:d23d:81a2 with SMTP id a92af1059eb24-12c73f9ae5cmr16959290c88.29.1777058213588; Fri, 24 Apr 2026 12:16:53 -0700 (PDT) Date: Fri, 24 Apr 2026 12:14:46 -0700 In-Reply-To: <20260424191456.2679717-1-stevensd@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260424191456.2679717-1-stevensd@google.com> X-Mailer: git-send-email 2.54.0.rc2.544.gc7ae2d5bb8-goog Message-ID: <20260424191456.2679717-4-stevensd@google.com> Subject: [PATCH v2 03/13] fork: Move vm_stack to the beginning of the stack From: David Stevens To: Pasha Tatashin , Linus Walleij , Will Deacon , Quentin Perret , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andy Lutomirski , Xin Li , Peter Zijlstra , Andrew Morton , David Hildenbrand , Lorenzo Stoakes , "Liam R. Howlett" , Vlastimil Babka , Mike Rapoport , Suren Baghdasaryan , Michal Hocko , Uladzislau Rezki , Kees Cook Cc: David Stevens , linux-kernel@vger.kernel.org, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" The vm_stack struct used to free stacks via an RCU callback is stored directly in the stack being freed. Make sure it's stored at the beginning of the stack regardless of stack growth direction, to avoid faults on partially allocated dynamic stacks. Signed-off-by: David Stevens --- kernel/fork.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/kernel/fork.c b/kernel/fork.c index 50772c0cc5da..72c081db492c 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -282,7 +282,12 @@ static void thread_stack_free_rcu(struct rcu_head *rh) static void thread_stack_delayed_free(struct task_struct *tsk) { - struct vm_stack *vm_stack = tsk->stack; + struct vm_stack *vm_stack; + + if (IS_ENABLED(CONFIG_STACK_GROWSUP)) + vm_stack = tsk->stack; + else + vm_stack = tsk->stack + THREAD_SIZE - sizeof(*vm_stack); vm_stack->stack_vm_area = tsk->stack_vm_area; call_rcu(&vm_stack->rcu, thread_stack_free_rcu); -- 2.54.0.rc2.544.gc7ae2d5bb8-goog