From: Andrea Righi <arighi@nvidia.com>
To: Tejun Heo <tj@kernel.org>
Cc: sched-ext@lists.linux.dev, David Vernet <void@manifault.com>,
Changwoo Min <changwoo@igalia.com>,
Cheng-Yang Chou <yphbchou0911@gmail.com>,
Juntong Deng <juntong.deng@outlook.com>,
Ching-Chun Huang <jserv@ccns.ncku.edu.tw>,
Chia-Ping Tsai <chia7712@gmail.com>,
Emil Tsalapatis <emil@etsalapatis.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 04/10] sched_ext: Fix ops.cgroup_move() invocation kf_mask and rq tracking
Date: Fri, 10 Apr 2026 18:16:51 +0200 [thread overview]
Message-ID: <adkicxAILlBloRY2@gpd4> (raw)
In-Reply-To: <20260410063046.3556100-5-tj@kernel.org>
On Thu, Apr 09, 2026 at 08:30:40PM -1000, Tejun Heo wrote:
> sched_move_task() invokes ops.cgroup_move() inside task_rq_lock(tsk), so
> @p's rq lock is held. The SCX_CALL_OP_TASK invocation mislabels this:
>
> - kf_mask = SCX_KF_UNLOCKED (== 0), claiming no lock is held.
> - rq = NULL, so update_locked_rq() doesn't run and scx_locked_rq()
> returns NULL.
>
> Switch to SCX_KF_REST and pass task_rq(p), matching ops.set_cpumask()
> from set_cpus_allowed_scx().
>
> Three effects:
>
> - scx_bpf_task_cgroup() becomes callable (was rejected by
> scx_kf_allowed(__SCX_KF_RQ_LOCKED)). Safe; rq lock is held.
>
> - scx_bpf_dsq_move() is now rejected (was allowed via the unlocked
> branch). Calling it while holding an unrelated task's rq lock is
> risky; rejection is correct.
>
> - scx_bpf_select_cpu_*() previously took the unlocked branch in
> select_cpu_from_kfunc() and called task_rq_lock(p, &rf), which
> would deadlock against the already-held pi_lock. Now it takes the
> locked-rq branch and is rejected with -EPERM via the existing
> kf_allowed(SCX_KF_SELECT_CPU | SCX_KF_ENQUEUE) check. Latent
> deadlock fix.
>
> No in-tree scheduler is known to call any of these from ops.cgroup_move().
Similarly to the ops.set_cpumask() fix maybe add:
Fixes: 18853ba782be ("sched_ext: Track currently locked rq")
With that:
Reviewed-by: Andrea Righi <arighi@nvidia.com>
Thanks,
-Andrea
>
> Signed-off-by: Tejun Heo <tj@kernel.org>
> ---
> kernel/sched/ext.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
> index 6ca0085903e0..f7db8822a544 100644
> --- a/kernel/sched/ext.c
> +++ b/kernel/sched/ext.c
> @@ -4397,7 +4397,7 @@ void scx_cgroup_move_task(struct task_struct *p)
> */
> if (SCX_HAS_OP(sch, cgroup_move) &&
> !WARN_ON_ONCE(!p->scx.cgrp_moving_from))
> - SCX_CALL_OP_TASK(sch, SCX_KF_UNLOCKED, cgroup_move, NULL,
> + SCX_CALL_OP_TASK(sch, SCX_KF_REST, cgroup_move, task_rq(p),
> p, p->scx.cgrp_moving_from,
> tg_cgrp(task_group(p)));
> p->scx.cgrp_moving_from = NULL;
> --
> 2.53.0
>
next prev parent reply other threads:[~2026-04-10 16:17 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 6:30 [PATCHSET sched_ext/for-7.1] sched_ext: Add verifier-time kfunc context filter Tejun Heo
2026-04-10 6:30 ` [PATCH 01/10] sched_ext: Drop TRACING access to select_cpu kfuncs Tejun Heo
2026-04-10 16:04 ` Andrea Righi
2026-04-10 6:30 ` [PATCH 02/10] sched_ext: Add select_cpu kfuncs to scx_kfunc_ids_unlocked Tejun Heo
2026-04-10 16:07 ` Andrea Righi
2026-04-10 17:51 ` [PATCH v2 " Tejun Heo
2026-04-10 6:30 ` [PATCH 03/10] sched_ext: Track @p's rq lock across set_cpus_allowed_scx -> ops.set_cpumask Tejun Heo
2026-04-10 16:12 ` Andrea Righi
2026-04-10 17:51 ` [PATCH v2 " Tejun Heo
2026-04-10 6:30 ` [PATCH 04/10] sched_ext: Fix ops.cgroup_move() invocation kf_mask and rq tracking Tejun Heo
2026-04-10 16:16 ` Andrea Righi [this message]
2026-04-10 17:51 ` [PATCH v2 " Tejun Heo
2026-04-10 6:30 ` [PATCH 05/10] sched_ext: Decouple kfunc unlocked-context check from kf_mask Tejun Heo
2026-04-10 16:34 ` Andrea Righi
2026-04-10 17:51 ` [PATCH v2 " Tejun Heo
2026-04-10 6:30 ` [PATCH 06/10] sched_ext: Drop redundant rq-locked check from scx_bpf_task_cgroup() Tejun Heo
2026-04-10 16:36 ` Andrea Righi
2026-04-10 6:30 ` [PATCH 07/10] sched_ext: Add verifier-time kfunc context filter Tejun Heo
2026-04-10 16:49 ` Andrea Righi
2026-04-14 12:38 ` Cheng-Yang Chou
2026-04-14 17:25 ` Tejun Heo
2026-04-10 6:30 ` [PATCH 08/10] sched_ext: Remove runtime kfunc mask enforcement Tejun Heo
2026-04-10 16:50 ` Andrea Righi
2026-04-10 6:30 ` [PATCH 09/10] sched_ext: Rename scx_kf_allowed_on_arg_tasks() to scx_kf_arg_task_ok() Tejun Heo
2026-04-10 16:55 ` Andrea Righi
2026-04-10 6:30 ` [PATCH 10/10] sched_ext: Warn on task-based SCX op recursion Tejun Heo
2026-04-10 17:38 ` Andrea Righi
2026-04-10 17:45 ` [PATCHSET sched_ext/for-7.1] sched_ext: Add verifier-time kfunc context filter Andrea Righi
2026-04-11 6:17 ` Cheng-Yang Chou
2026-04-11 7:41 ` Tejun Heo
2026-04-11 15:09 ` Cheng-Yang Chou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adkicxAILlBloRY2@gpd4 \
--to=arighi@nvidia.com \
--cc=changwoo@igalia.com \
--cc=chia7712@gmail.com \
--cc=emil@etsalapatis.com \
--cc=jserv@ccns.ncku.edu.tw \
--cc=juntong.deng@outlook.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sched-ext@lists.linux.dev \
--cc=tj@kernel.org \
--cc=void@manifault.com \
--cc=yphbchou0911@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.