From mboxrd@z Thu Jan  1 00:00:00 1970
From: mike@flyn.org (W. Michael Petullo)
Date: Tue, 12 Jan 2016 22:13:35 -0500
Subject: Walking a wait_queue_t list of tasks blocked on pipe
Message-ID: <20160113031335.GA17121@imp.flyn.org>
To: kernelnewbies@lists.kernelnewbies.org
List-Id: kernelnewbies.lists.kernelnewbies.org

I am trying to walk a wait_queue_t list as part of a LSM file_permission
function. The purpose is to act on each task which has blocked while
trying to read from a pipe.

I have modeled my code on __wake_up_common() in kernel/sched/core.c,
and it looks something like this:

	if (i_pipe->reader <= 0) {
		return;
	}

	list_for_each_entry_safe(curr, next, &i_pipe->wait.task, task_list) {
		[...]
		struct task_struct *blocked = curr->private;
		[...]
	}

I have tried to wrap this with:

	spin_lock_irqsave(&i_pipe->wait.lock, flags)
	spin_unlock_irqrestore[...]

and also:

	write_lock_irq(&tasklist_lock).
	write_unlock_irq[...]

Despite this, I sometimes find that blocked (AKA curr->private) == NULL
during an iteration of the list_for_each_entry_safe loop, and this
surprises me. Why would there be en entry in the wait_queue_t list which
does not have a process associated with it? Is the data structure moving
out from under me? Is there something else I should lock?

Thank you,

-- 
Mike

:wq