From: Tiwei Bie <tiwei.btw@antgroup.com>
Date: Mon, 2 Mar 2026 23:52:23 +0000 (+0800)
Subject: um: Fix potential race condition in TLB sync
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=102331b66bcaf1f41f50b9c4cd5c36e46bafa9f3;p=thirdparty%2Flinux.git

um: Fix potential race condition in TLB sync

During the TLB sync, we need to traverse and modify the page table,
so we should hold the page table lock. Since full SMP support for
threads within the same process is still missing, let's disable the
split page table lock for simplicity.

Fixes: 1e4ee5135d81 ("um: Add initial SMP support")
Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
Link: https://patch.msgid.link/20260302235224.1915380-2-tiwei.btw@antgroup.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---

diff --git a/arch/um/kernel/tlb.c b/arch/um/kernel/tlb.c
index 39608cccf2c6..5386ab2d0da5 100644
--- a/arch/um/kernel/tlb.c
+++ b/arch/um/kernel/tlb.c
@@ -165,6 +165,7 @@ int um_tlb_sync(struct mm_struct *mm)
 	unsigned long addr, next;
 	int ret = 0;
 
+	guard(spinlock_irqsave)(&mm->page_table_lock);
 	guard(spinlock_irqsave)(&mm->context.sync_tlb_lock);
 
 	if (mm->context.sync_tlb_range_to == 0)
diff --git a/mm/Kconfig b/mm/Kconfig
index ebd8ea353687..befa8909ae29 100644
--- a/mm/Kconfig
+++ b/mm/Kconfig
@@ -572,6 +572,7 @@ config SPLIT_PTE_PTLOCKS
 	depends on !ARM || CPU_CACHE_VIPT
 	depends on !PARISC || PA20
 	depends on !SPARC32
+	depends on !UML
 
 config ARCH_ENABLE_SPLIT_PMD_PTLOCK
 	bool