aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBharata B Rao <bharata@linux.vnet.ibm.com>2009-03-23 00:32:53 -0400
committerIngo Molnar <mingo@elte.hu>2009-03-31 12:27:59 -0400
commita18b83b7ef3c98cd8b4bb885e4a649a8f30fb7b0 (patch)
tree4e93447c0099672e2bedbc4374007a42f105e132
parent2f8501815256af8498904e68bd0984b1afffd6f8 (diff)
cpuacct: make cpuacct hierarchy walk in cpuacct_charge() safe when rcupreempt is used -v2
Impact: fix cgroups race under rcu-preempt cpuacct_charge() obtains task's ca and does a hierarchy walk upwards. This can race with the task's movement between cgroups. This race can cause an access to freed ca pointer in cpuacct_charge() or access to invalid cgroups pointer of the task. This will not happen with rcu or tree rcu as cpuacct_charge() is called with preemption disabled. However if rcupreempt is used, the race is seen. Thanks to Li Zefan for explaining this. Fix this race by explicitly protecting ca and the hierarchy walk with rcu_read_lock(). Changes for v2: - Update patch descrition (as per Li Zefan's review comments). - Remove comments in cpuacct_charge() which explained why rcu_read_lock() was needed (as per Peter Zijlstra's review comments). Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Cc: Dhaval Giani <dhaval@linux.vnet.ibm.com> Cc: Li Zefan <lizf@cn.fujitsu.com> Cc: Paul Menage <menage@google.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Acked-by: Balbir Singh <balbir@linux.vnet.ibm.com> Tested-by: Balbir Singh <balbir@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
-rw-r--r--kernel/sched.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/kernel/sched.c b/kernel/sched.c
index 186c6fd08acf..cc397aae5eae 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c
@@ -9654,12 +9654,17 @@ static void cpuacct_charge(struct task_struct *tsk, u64 cputime)
9654 return; 9654 return;
9655 9655
9656 cpu = task_cpu(tsk); 9656 cpu = task_cpu(tsk);
9657
9658 rcu_read_lock();
9659
9657 ca = task_ca(tsk); 9660 ca = task_ca(tsk);
9658 9661
9659 for (; ca; ca = ca->parent) { 9662 for (; ca; ca = ca->parent) {
9660 u64 *cpuusage = percpu_ptr(ca->cpuusage, cpu); 9663 u64 *cpuusage = percpu_ptr(ca->cpuusage, cpu);
9661 *cpuusage += cputime; 9664 *cpuusage += cputime;
9662 } 9665 }
9666
9667 rcu_read_unlock();
9663} 9668}
9664 9669
9665struct cgroup_subsys cpuacct_subsys = { 9670struct cgroup_subsys cpuacct_subsys = {