On Wed, 14 May 2025 17:19:48 +0100, Yeoreum Yun wrote:

While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This could make UAF issue in below scenario:

CPU0 CPU1 (sysfs enable) load module cscfg_load_config_sets() activate config. // sysfs (sys_active_cnt == 1) ... cscfg_csdev_enable_active_config() lock(csdev->cscfg_csdev_lock) // here load config activate by CPU1 unlock(csdev->cscfg_csdev_lock)

[...]

Applied, thanks!

[1/3] coresight/etm4: fix missing disable active config https://git.kernel.org/coresight/c/895b12b7 [2/3] coresight: holding cscfg_csdev_lock while removing cscfg from csdev https://git.kernel.org/coresight/c/53b9e265 [3/3] coresight: prevent deactivate active config while enabling the config https://git.kernel.org/coresight/c/408c97c4

Best regards,