From: Li Zefan <lizefan@huawei.com>
To: Neil Horman <nhorman@tuxdriver.com>
Cc: Daniel Wagner <wagi@monom.org>,
netdev@vger.kernel.org, cgroups@vger.kernel.org,
Daniel Wagner <daniel.wagner@bmw-carit.de>,
"David S. Miller" <davem@davemloft.net>,
Gao feng <gaofeng@cn.fujitsu.com>,
Jamal Hadi Salim <jhs@mojatatu.com>,
John Fastabend <john.r.fastabend@intel.com>,
Tejun Heo <tj@kernel.org>
Subject: Re: [PATCH v1 3/5] cgroup: Protect access to task_cls_classid() when built as module
Date: Mon, 20 Aug 2012 08:59:37 +0800 [thread overview]
Message-ID: <50318BF9.2080803@huawei.com> (raw)
In-Reply-To: <20120817182855.GA11607@hmsreliant.think-freely.org>
于 2012/8/18 2:28, Neil Horman 写道:
> On Fri, Aug 17, 2012 at 04:58:12PM +0200, Daniel Wagner wrote:
>> From: Daniel Wagner <daniel.wagner@bmw-carit.de>
>>
>> The module version of task_cls_classid() checks if net_cls_sbusys_id
>> is valid to indentify when it is okay to access the controller.
>>
>> Instead relying on the subusys_id to be set, make it explicit
>> with a jump label.
>>
>> Signed-off-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
>> Cc: "David S. Miller" <davem@davemloft.net>
>> Cc: Gao feng <gaofeng@cn.fujitsu.com>
>> Cc: Jamal Hadi Salim <jhs@mojatatu.com>
>> Cc: John Fastabend <john.r.fastabend@intel.com>
>> Cc: Li Zefan <lizefan@huawei.com>
>> Cc: Neil Horman <nhorman@tuxdriver.com>
>> Cc: Tejun Heo <tj@kernel.org>
>> Cc: netdev@vger.kernel.org
>> Cc: cgroups@vger.kernel.org
>> ---
>> include/net/cls_cgroup.h | 5 ++++-
>> net/core/sock.c | 5 +++++
>> net/sched/cls_cgroup.c | 9 +++++++++
>> 3 files changed, 18 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/net/cls_cgroup.h b/include/net/cls_cgroup.h
>> index 401672c..bbbd957 100644
>> --- a/include/net/cls_cgroup.h
>> +++ b/include/net/cls_cgroup.h
>> @@ -16,6 +16,7 @@
>> #include <linux/cgroup.h>
>> #include <linux/hardirq.h>
>> #include <linux/rcupdate.h>
>> +#include <linux/jump_label.h>
>>
>> #ifdef CONFIG_CGROUPS
>> struct cgroup_cls_state
>> @@ -44,6 +45,8 @@ static inline u32 task_cls_classid(struct task_struct *p)
>> }
>>
>> #elif IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> +extern struct static_key cgroup_cls_enabled;
>> +#define clscg_enabled static_key_false(&cgroup_cls_enabled)
>>
>> extern int net_cls_subsys_id;
>>
>> @@ -52,7 +55,7 @@ static inline u32 task_cls_classid(struct task_struct *p)
>> int id;
>> u32 classid = 0;
>>
>> - if (in_interrupt())
>> + if (!clscg_enabled || in_interrupt())
>> return 0;
>>
>> rcu_read_lock();
>> diff --git a/net/core/sock.c b/net/core/sock.c
>> index 8f67ced..8106e77 100644
>> --- a/net/core/sock.c
>> +++ b/net/core/sock.c
>> @@ -327,6 +327,11 @@ int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
>> EXPORT_SYMBOL(__sk_backlog_rcv);
>>
>> #if defined(CONFIG_CGROUPS)
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> +struct static_key cgroup_cls_enabled = STATIC_KEY_INIT_FALSE;
>> +EXPORT_SYMBOL_GPL(cgroup_cls_enabled);
>> +#endif
>> +
>> #if !defined(CONFIG_NET_CLS_CGROUP)
>> int net_cls_subsys_id = -1;
>> EXPORT_SYMBOL_GPL(net_cls_subsys_id);
>> diff --git a/net/sched/cls_cgroup.c b/net/sched/cls_cgroup.c
>> index 7743ea8..0635894 100644
>> --- a/net/sched/cls_cgroup.c
>> +++ b/net/sched/cls_cgroup.c
>> @@ -44,12 +44,21 @@ static struct cgroup_subsys_state *cgrp_create(struct cgroup *cgrp)
>>
>> if (cgrp->parent)
>> cs->classid = cgrp_cls_state(cgrp->parent)->classid;
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> + else if (!clscg_enabled)
>> + static_key_slow_inc(&cgroup_cls_enabled);
> This is racy I think. The read of the static key is atomic with other reads,
> but the entire conditional is not atomic. If two cpus were creating cgroups in
> parallel, it would be possible for both to read the static key as being zero
> (the second cpu would read the key before the first cpu could increment it).
static_key_slow_inc() is called only when we're creating the root cgroup, and that's
module loading.
so it's safe.
>> +#endif
>>
>> return &cs->css;
>> }
>>
>> static void cgrp_destroy(struct cgroup *cgrp)
>> {
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> + if (!cgrp->parent && clscg_enabled)
>> + static_key_slow_dec(&cgroup_cls_enabled);
> Ditto here with the race above. I think what you want is one of:
and this is called only when we're destroying the root cgroup, and that's
module unload.
WARNING: multiple messages have this Message-ID (diff)
From: Li Zefan <lizefan@huawei.com>
To: Neil Horman <nhorman@tuxdriver.com>
Cc: Daniel Wagner <wagi@monom.org>, <netdev@vger.kernel.org>,
<cgroups@vger.kernel.org>,
Daniel Wagner <daniel.wagner@bmw-carit.de>,
"David S. Miller" <davem@davemloft.net>,
Gao feng <gaofeng@cn.fujitsu.com>,
Jamal Hadi Salim <jhs@mojatatu.com>,
John Fastabend <john.r.fastabend@intel.com>,
Tejun Heo <tj@kernel.org>
Subject: Re: [PATCH v1 3/5] cgroup: Protect access to task_cls_classid() when built as module
Date: Mon, 20 Aug 2012 08:59:37 +0800 [thread overview]
Message-ID: <50318BF9.2080803@huawei.com> (raw)
In-Reply-To: <20120817182855.GA11607@hmsreliant.think-freely.org>
于 2012/8/18 2:28, Neil Horman 写道:
> On Fri, Aug 17, 2012 at 04:58:12PM +0200, Daniel Wagner wrote:
>> From: Daniel Wagner <daniel.wagner@bmw-carit.de>
>>
>> The module version of task_cls_classid() checks if net_cls_sbusys_id
>> is valid to indentify when it is okay to access the controller.
>>
>> Instead relying on the subusys_id to be set, make it explicit
>> with a jump label.
>>
>> Signed-off-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
>> Cc: "David S. Miller" <davem@davemloft.net>
>> Cc: Gao feng <gaofeng@cn.fujitsu.com>
>> Cc: Jamal Hadi Salim <jhs@mojatatu.com>
>> Cc: John Fastabend <john.r.fastabend@intel.com>
>> Cc: Li Zefan <lizefan@huawei.com>
>> Cc: Neil Horman <nhorman@tuxdriver.com>
>> Cc: Tejun Heo <tj@kernel.org>
>> Cc: netdev@vger.kernel.org
>> Cc: cgroups@vger.kernel.org
>> ---
>> include/net/cls_cgroup.h | 5 ++++-
>> net/core/sock.c | 5 +++++
>> net/sched/cls_cgroup.c | 9 +++++++++
>> 3 files changed, 18 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/net/cls_cgroup.h b/include/net/cls_cgroup.h
>> index 401672c..bbbd957 100644
>> --- a/include/net/cls_cgroup.h
>> +++ b/include/net/cls_cgroup.h
>> @@ -16,6 +16,7 @@
>> #include <linux/cgroup.h>
>> #include <linux/hardirq.h>
>> #include <linux/rcupdate.h>
>> +#include <linux/jump_label.h>
>>
>> #ifdef CONFIG_CGROUPS
>> struct cgroup_cls_state
>> @@ -44,6 +45,8 @@ static inline u32 task_cls_classid(struct task_struct *p)
>> }
>>
>> #elif IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> +extern struct static_key cgroup_cls_enabled;
>> +#define clscg_enabled static_key_false(&cgroup_cls_enabled)
>>
>> extern int net_cls_subsys_id;
>>
>> @@ -52,7 +55,7 @@ static inline u32 task_cls_classid(struct task_struct *p)
>> int id;
>> u32 classid = 0;
>>
>> - if (in_interrupt())
>> + if (!clscg_enabled || in_interrupt())
>> return 0;
>>
>> rcu_read_lock();
>> diff --git a/net/core/sock.c b/net/core/sock.c
>> index 8f67ced..8106e77 100644
>> --- a/net/core/sock.c
>> +++ b/net/core/sock.c
>> @@ -327,6 +327,11 @@ int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
>> EXPORT_SYMBOL(__sk_backlog_rcv);
>>
>> #if defined(CONFIG_CGROUPS)
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> +struct static_key cgroup_cls_enabled = STATIC_KEY_INIT_FALSE;
>> +EXPORT_SYMBOL_GPL(cgroup_cls_enabled);
>> +#endif
>> +
>> #if !defined(CONFIG_NET_CLS_CGROUP)
>> int net_cls_subsys_id = -1;
>> EXPORT_SYMBOL_GPL(net_cls_subsys_id);
>> diff --git a/net/sched/cls_cgroup.c b/net/sched/cls_cgroup.c
>> index 7743ea8..0635894 100644
>> --- a/net/sched/cls_cgroup.c
>> +++ b/net/sched/cls_cgroup.c
>> @@ -44,12 +44,21 @@ static struct cgroup_subsys_state *cgrp_create(struct cgroup *cgrp)
>>
>> if (cgrp->parent)
>> cs->classid = cgrp_cls_state(cgrp->parent)->classid;
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> + else if (!clscg_enabled)
>> + static_key_slow_inc(&cgroup_cls_enabled);
> This is racy I think. The read of the static key is atomic with other reads,
> but the entire conditional is not atomic. If two cpus were creating cgroups in
> parallel, it would be possible for both to read the static key as being zero
> (the second cpu would read the key before the first cpu could increment it).
static_key_slow_inc() is called only when we're creating the root cgroup, and that's
module loading.
so it's safe.
>> +#endif
>>
>> return &cs->css;
>> }
>>
>> static void cgrp_destroy(struct cgroup *cgrp)
>> {
>> +#if IS_MODULE(CONFIG_NET_CLS_CGROUP)
>> + if (!cgrp->parent && clscg_enabled)
>> + static_key_slow_dec(&cgroup_cls_enabled);
> Ditto here with the race above. I think what you want is one of:
and this is called only when we're destroying the root cgroup, and that's
module unload.
next prev parent reply other threads:[~2012-08-20 0:59 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-17 14:58 [PATCH v1 0/5] cgroup: Assign subsystem IDs during compile time Daniel Wagner
[not found] ` <1345215494-9181-1-git-send-email-wagi-kQCPcA+X3s7YtjvyW6yDsg@public.gmane.org>
2012-08-17 14:58 ` [PATCH v1 1/5] cgroup: Use empty task_cls_classid() when !CONFIG_NET_CLS(_MODULE) Daniel Wagner
2012-08-17 14:58 ` [PATCH v1 2/5] cgroup: Move sock_update_classid() decleration to cls_cgroup.h Daniel Wagner
2012-08-17 14:58 ` [PATCH v1 3/5] cgroup: Protect access to task_cls_classid() when built as module Daniel Wagner
[not found] ` <1345215494-9181-4-git-send-email-wagi-kQCPcA+X3s7YtjvyW6yDsg@public.gmane.org>
2012-08-17 18:28 ` Neil Horman
2012-08-20 0:59 ` Li Zefan [this message]
2012-08-20 0:59 ` Li Zefan
[not found] ` <50318BF9.2080803-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-08-20 11:08 ` Neil Horman
[not found] ` <20120817182855.GA11607-B26myB8xz7F8NnZeBjwnZQMhkBWG/bsMQH7oEaQurus@public.gmane.org>
2012-08-20 11:29 ` Daniel Wagner
[not found] ` <20120820112938.GA22415-rjQKm2AMs/APuY3F5OKgMy7zKzJi9e1+kcYEyfhdaNw@public.gmane.org>
2012-08-20 11:33 ` Glauber Costa
2012-08-20 11:33 ` Glauber Costa
2012-08-20 17:03 ` Neil Horman
[not found] ` <20120820170342.GC1734-B26myB8xz7F8NnZeBjwnZQMhkBWG/bsMQH7oEaQurus@public.gmane.org>
2012-08-21 9:12 ` Glauber Costa
2012-08-21 9:12 ` Glauber Costa
[not found] ` <50335101.5030109-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-08-23 9:12 ` Daniel Wagner
[not found] ` <5035F3FC.202-kQCPcA+X3s7YtjvyW6yDsg@public.gmane.org>
2012-08-23 9:12 ` Glauber Costa
2012-08-23 9:12 ` Glauber Costa
2012-08-17 14:58 ` [PATCH v1 4/5] cgroup: Protect access to task_netprioidx() " Daniel Wagner
2012-08-17 14:58 ` [PATCH v1 5/5] cgroup: Assign subsystem IDs during compile time Daniel Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50318BF9.2080803@huawei.com \
--to=lizefan@huawei.com \
--cc=cgroups@vger.kernel.org \
--cc=daniel.wagner@bmw-carit.de \
--cc=davem@davemloft.net \
--cc=gaofeng@cn.fujitsu.com \
--cc=jhs@mojatatu.com \
--cc=john.r.fastabend@intel.com \
--cc=netdev@vger.kernel.org \
--cc=nhorman@tuxdriver.com \
--cc=tj@kernel.org \
--cc=wagi@monom.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.