From: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
To: a.p.zijlstra@chello.nl
Cc: mingo@redhat.com, hpa@zytor.com, linux-kernel@vger.kernel.org,
tglx@linutronix.de, oleg@redhat.com, mingo@elte.hu,
linux-tip-commits@vger.kernel.org
Subject: Re: [tip:sched/urgent] cpuset: Fix cpuset_cpus_allowed_fallback(), don't update tsk->rt.nr_cpus_allowed
Date: Tue, 21 Jun 2011 18:54:56 +0900 [thread overview]
Message-ID: <4E006A70.2070205@jp.fujitsu.com> (raw)
In-Reply-To: <1308565258.26237.2.camel@twins>
(2011/06/20 19:20), Peter Zijlstra wrote:
> On Sat, 2011-05-28 at 16:35 +0000, tip-bot for KOSAKI Motohiro wrote:
>> +++ b/kernel/kthread.c
>> @@ -202,8 +202,8 @@ void kthread_bind(struct task_struct *p, unsigned int cpu)
>> return;
>> }
>>
>> - p->cpus_allowed = cpumask_of_cpu(cpu);
>> - p->rt.nr_cpus_allowed = 1;
>> + /* It's safe because the task is inactive. */
>> + do_set_cpus_allowed(p, cpumask_of(cpu));
>> p->flags |= PF_THREAD_BOUND;
>> }
>
>
> I just happened to be staring at this stuff again, and I'm wondering
> how and why this is correct. After kthread_create() the thread exists
> and is exposed in the pid-hash, therefore userspace can come and do
> sys_sched_setaffinity() on it, and since we're not holding any locks and
> set PF_THREAD_BOUND _after_ setting cpus_allowed, things can end up
> funny.
>
> Hmm?
Can't we take just either rq lock or pi_lock? Layer violation?
>From 1c0874b9157f47e22d0f6499612f0f78b830f018 Mon Sep 17 00:00:00 2001
From: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Date: Tue, 21 Jun 2011 18:15:19 +0900
Subject: [PATCH] kthread: fix kthread_bind() race
Peter Zijlstra reported kthread_bind() has a race. It doesn't hold
any locks and set PF_THREAD_BOUND _after_ setting cpus_allowed. So,
following race can be happen.
CPU0 CPU1
----------------------------------------------------
do_set_cpus_allowed()
sys_sched_setaffinity()
p->flags |= PF_THREAD_BOUND;
The solution is to take either rq lock or pi_lock. They prevent
a race because set_cpus_allowed_ptr() take both locks. This patch
choose to use latter way.
Reported-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
---
kernel/kthread.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/kernel/kthread.c b/kernel/kthread.c
index 4ba7ccc..92e3083 100644
--- a/kernel/kthread.c
+++ b/kernel/kthread.c
@@ -196,15 +196,20 @@ EXPORT_SYMBOL(kthread_create_on_node);
*/
void kthread_bind(struct task_struct *p, unsigned int cpu)
{
+ unsigned long flags;
+
/* Must have done schedule() in kthread() before we set_task_cpu */
if (!wait_task_inactive(p, TASK_UNINTERRUPTIBLE)) {
WARN_ON(1);
return;
}
+ /* protect from a race against set_cpus_allowed_ptr() */
+ raw_spin_lock_irqsave(&p->pi_lock, flags);
/* It's safe because the task is inactive. */
do_set_cpus_allowed(p, cpumask_of(cpu));
p->flags |= PF_THREAD_BOUND;
+ raw_spin_unlock_irqrestore(&p->pi_lock, flags);
}
EXPORT_SYMBOL(kthread_bind);
--
1.7.3.1
next prev parent reply other threads:[~2011-06-21 9:55 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-28 14:20 [RFC PATCH] cpuset: fix cpuset_cpus_allowed_fallback() don't update tsk->rt.nr_cpus_allowed KOSAKI Motohiro
2011-04-28 16:11 ` Oleg Nesterov
2011-05-02 10:42 ` KOSAKI Motohiro
2011-05-02 10:55 ` [PATCH 1/2] " KOSAKI Motohiro
2011-05-11 16:05 ` Peter Zijlstra
2011-05-13 5:48 ` KOSAKI Motohiro
2011-05-13 6:42 ` Yong Zhang
2011-05-13 7:33 ` KOSAKI Motohiro
2011-05-13 7:43 ` Yong Zhang
2011-05-13 9:34 ` KOSAKI Motohiro
2011-05-13 17:02 ` Peter Zijlstra
2011-05-14 11:17 ` KOSAKI Motohiro
2011-05-16 13:37 ` Yong Zhang
2011-05-19 8:45 ` Peter Zijlstra
2011-05-19 8:54 ` Yong Zhang
2011-05-15 18:55 ` Paul E. McKenney
2011-05-16 13:26 ` Yong Zhang
2011-05-19 6:06 ` [PATCH v2 1/2] rcu: don't bind offline cpu KOSAKI Motohiro
2011-05-19 6:08 ` [PATCH v2 2/2] cpuset: fix cpuset_cpus_allowed_fallback() don't update tsk->rt.nr_cpus_allowed KOSAKI Motohiro
2011-05-28 16:35 ` [tip:sched/urgent] cpuset: Fix cpuset_cpus_allowed_fallback(), " tip-bot for KOSAKI Motohiro
2011-06-20 10:20 ` Peter Zijlstra
2011-06-21 9:54 ` KOSAKI Motohiro [this message]
2011-05-19 8:34 ` [PATCH v2 1/2] rcu: don't bind offline cpu Peter Zijlstra
2011-05-19 8:50 ` KOSAKI Motohiro
2011-05-19 9:41 ` Peter Zijlstra
2011-05-19 10:12 ` KOSAKI Motohiro
2011-05-19 11:41 ` Peter Zijlstra
2011-05-20 22:46 ` Paul E. McKenney
2011-05-19 8:55 ` Peter Zijlstra
2011-05-02 10:56 ` [PATCH 2/2] sched, cpuset: introduce do_set_cpus_allowed() helper function KOSAKI Motohiro
2011-05-02 12:58 ` [RFC PATCH] cpuset: fix cpuset_cpus_allowed_fallback() don't update tsk->rt.nr_cpus_allowed Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E006A70.2070205@jp.fujitsu.com \
--to=kosaki.motohiro@jp.fujitsu.com \
--cc=a.p.zijlstra@chello.nl \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.