From: Oleg Nesterov <oleg@redhat.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: brauner@kernel.org, mjguzik@gmail.com, mst@redhat.com,
linux-kernel-mentees@lists.linuxfoundation.org,
linux-kernel@vger.kernel.org, npiggin@gmail.com,
dhowells@redhat.com,
Abhinav Singh <singhabhinav9051571833@gmail.com>,
mathieu.desnoyers@efficios.com, shakeelb@google.com,
akpm@linux-foundation.org, surenb@google.com,
michael.christie@oracle.com
Subject: Re: [PATCH] Fixing directly deferencing a __rcu pointer warning
Date: Fri, 27 Oct 2023 14:22:22 +0200 [thread overview]
Message-ID: <20231027122221.GA24128@redhat.com> (raw)
In-Reply-To: <20231026150326.GA33303@noisy.programming.kicks-ass.net>
On 10/26, Peter Zijlstra wrote:
>
> > kernel/fork.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/fork.c b/kernel/fork.c
> > index 10917c3e1f03..802b7bbe3d92 100644
> > --- a/kernel/fork.c
> > +++ b/kernel/fork.c
> > @@ -2369,7 +2369,7 @@ __latent_entropy struct task_struct *copy_process(
> >
> > retval = -EAGAIN;
> > if (is_rlimit_overlimit(task_ucounts(p), UCOUNT_RLIMIT_NPROC, rlimit(RLIMIT_NPROC))) {
> > - if (p->real_cred->user != INIT_USER &&
> > + if (rcu_dereference(p->real_cred)->user != INIT_USER &&
> > !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN))
> > goto bad_fork_cleanup_count;
> > }
>
> This seems entirely misguided and only makes the code more confusing.
>
> AFAICT at this point @p is not life, we're constructing the new task,
> but it's not yet published, therefore no concurrency possible.
> Additionally we're not actually in an RCU critical section afaict.
>
> > @@ -2692,7 +2692,7 @@ __latent_entropy struct task_struct *copy_process(
> > */
> > p->signal->has_child_subreaper = p->real_parent->signal->has_child_subreaper ||
> > p->real_parent->signal->is_child_subreaper;
> > - list_add_tail(&p->sibling, &p->real_parent->children);
> > + list_add_tail(&p->sibling, &(rcu_dereference(p->real_parent)->children));
> > list_add_tail_rcu(&p->tasks, &init_task.tasks);
> > attach_pid(p, PIDTYPE_TGID);
> > attach_pid(p, PIDTYPE_PGID);
>
> As to the real_parent, we hold the tasklist lock, which is the write
> side lock for parent stuff, so rcu dereference is pointless here.
Agreed.
Plus I don't think this change is correct, iiuc rcu_dereference() will trigger
the run-time "suspicious rcu_dereference_check() usage" warning, it is called
without rcu_read_lock().
Oleg.
_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees
WARNING: multiple messages have this Message-ID (diff)
From: Oleg Nesterov <oleg@redhat.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Abhinav Singh <singhabhinav9051571833@gmail.com>,
akpm@linux-foundation.org, brauner@kernel.org, surenb@google.com,
mst@redhat.com, michael.christie@oracle.com,
mathieu.desnoyers@efficios.com, mjguzik@gmail.com,
npiggin@gmail.com, shakeelb@google.com,
linux-kernel@vger.kernel.org,
linux-kernel-mentees@lists.linuxfoundation.org,
dhowells@redhat.com
Subject: Re: [PATCH] Fixing directly deferencing a __rcu pointer warning
Date: Fri, 27 Oct 2023 14:22:22 +0200 [thread overview]
Message-ID: <20231027122221.GA24128@redhat.com> (raw)
In-Reply-To: <20231026150326.GA33303@noisy.programming.kicks-ass.net>
On 10/26, Peter Zijlstra wrote:
>
> > kernel/fork.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/fork.c b/kernel/fork.c
> > index 10917c3e1f03..802b7bbe3d92 100644
> > --- a/kernel/fork.c
> > +++ b/kernel/fork.c
> > @@ -2369,7 +2369,7 @@ __latent_entropy struct task_struct *copy_process(
> >
> > retval = -EAGAIN;
> > if (is_rlimit_overlimit(task_ucounts(p), UCOUNT_RLIMIT_NPROC, rlimit(RLIMIT_NPROC))) {
> > - if (p->real_cred->user != INIT_USER &&
> > + if (rcu_dereference(p->real_cred)->user != INIT_USER &&
> > !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN))
> > goto bad_fork_cleanup_count;
> > }
>
> This seems entirely misguided and only makes the code more confusing.
>
> AFAICT at this point @p is not life, we're constructing the new task,
> but it's not yet published, therefore no concurrency possible.
> Additionally we're not actually in an RCU critical section afaict.
>
> > @@ -2692,7 +2692,7 @@ __latent_entropy struct task_struct *copy_process(
> > */
> > p->signal->has_child_subreaper = p->real_parent->signal->has_child_subreaper ||
> > p->real_parent->signal->is_child_subreaper;
> > - list_add_tail(&p->sibling, &p->real_parent->children);
> > + list_add_tail(&p->sibling, &(rcu_dereference(p->real_parent)->children));
> > list_add_tail_rcu(&p->tasks, &init_task.tasks);
> > attach_pid(p, PIDTYPE_TGID);
> > attach_pid(p, PIDTYPE_PGID);
>
> As to the real_parent, we hold the tasklist lock, which is the write
> side lock for parent stuff, so rcu dereference is pointless here.
Agreed.
Plus I don't think this change is correct, iiuc rcu_dereference() will trigger
the run-time "suspicious rcu_dereference_check() usage" warning, it is called
without rcu_read_lock().
Oleg.
next prev parent reply other threads:[~2023-10-27 12:23 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-25 22:28 [PATCH] Fixing warning of directly dereferencing __rcu tagged Abhinav Singh
2023-10-25 22:28 ` Abhinav Singh
2023-10-25 22:38 ` Andrew Morton
2023-10-25 22:38 ` Andrew Morton
2023-10-25 23:27 ` Abhinav Singh
2023-10-25 23:27 ` Abhinav Singh
2023-10-25 23:50 ` Andrew Morton
2023-10-25 23:50 ` Andrew Morton
2023-10-26 12:16 ` [PATCH v2] Fixing directly deferencing a __rcu pointer warning Abhinav Singh
2023-10-26 12:16 ` Abhinav Singh
2023-10-26 13:14 ` Michael S. Tsirkin
2023-10-26 13:14 ` Michael S. Tsirkin
2023-10-26 14:06 ` Mateusz Guzik
2023-10-26 14:06 ` Mateusz Guzik
2023-10-26 14:51 ` Mathieu Desnoyers
2023-10-26 14:51 ` Mathieu Desnoyers
2023-10-26 15:07 ` Mateusz Guzik
2023-10-26 15:07 ` Mateusz Guzik
2023-10-26 15:17 ` Michael S. Tsirkin
2023-10-26 15:17 ` Michael S. Tsirkin
2023-10-26 15:37 ` Abhinav Singh
2023-10-26 15:37 ` Abhinav Singh
2023-10-26 15:47 ` Michael S. Tsirkin
2023-10-26 15:47 ` Michael S. Tsirkin
2023-10-27 6:37 ` [PATCH v3] " Abhinav Singh
2023-10-27 6:37 ` Abhinav Singh
2023-10-27 6:41 ` Abhinav Singh
2023-10-27 6:41 ` Abhinav Singh
2023-10-27 7:00 ` Michael S. Tsirkin
2023-10-27 7:00 ` Michael S. Tsirkin
2023-10-27 6:50 ` Michael S. Tsirkin
2023-10-27 6:50 ` Michael S. Tsirkin
2023-10-26 12:18 ` [PATCH] Fixing warning of directly dereferencing __rcu tagged Abhinav Singh
2023-10-26 12:18 ` Abhinav Singh
2023-10-26 12:27 ` [PATCH] Fixing directly deferencing a __rcu pointer warning Abhinav Singh
2023-10-26 12:27 ` Abhinav Singh
2023-10-26 15:03 ` Peter Zijlstra
2023-10-26 15:03 ` Peter Zijlstra
2023-10-27 12:22 ` Oleg Nesterov [this message]
2023-10-27 12:22 ` Oleg Nesterov
2023-10-28 10:22 ` [PATCH v3] " Abhinav Singh
2023-10-28 10:22 ` Abhinav Singh
2023-10-28 10:31 ` Abhinav Singh
2023-10-28 10:31 ` Abhinav Singh
2023-10-28 12:20 ` Michael S. Tsirkin
2023-10-28 12:20 ` Michael S. Tsirkin
2023-10-28 20:43 ` Abhinav Singh
2023-10-28 20:43 ` Abhinav Singh
2023-10-28 20:46 ` Abhinav Singh
2023-10-28 20:46 ` Abhinav Singh
2023-11-03 6:30 ` kernel test robot
2023-11-03 6:30 ` kernel test robot
2023-11-12 19:30 ` [PATCH v4] " Abhinav Singh
2023-11-12 19:56 ` Mathieu Desnoyers
2023-11-12 19:58 ` Peter Zijlstra
2023-11-12 20:18 ` Abhinav Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231027122221.GA24128@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=brauner@kernel.org \
--cc=dhowells@redhat.com \
--cc=linux-kernel-mentees@lists.linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=michael.christie@oracle.com \
--cc=mjguzik@gmail.com \
--cc=mst@redhat.com \
--cc=npiggin@gmail.com \
--cc=peterz@infradead.org \
--cc=shakeelb@google.com \
--cc=singhabhinav9051571833@gmail.com \
--cc=surenb@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.