From: "Emil Tsalapatis" <emil@etsalapatis.com>
To: "Tejun Heo" <tj@kernel.org>, <sched-ext@lists.linux.dev>,
"David Vernet" <void@manifault.com>,
"Andrea Righi" <arighi@nvidia.com>,
"Changwoo Min" <changwoo@igalia.com>
Cc: "Emil Tsalapatis" <emil@etsalapatis.com>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH sched_ext/for-7.2] sched_ext: Fix ops_cid layout assert
Date: Sat, 09 May 2026 10:37:39 -0400 [thread overview]
Message-ID: <DIE80MHCA7U0.372V2BPKCAQH9@etsalapatis.com> (raw)
In-Reply-To: <20260508235946.215232-1-tj@kernel.org>
On Fri May 8, 2026 at 7:59 PM EDT, Tejun Heo wrote:
> ca1d48a86fab ("sched_ext: Use offsetofend on both sides of the ops_cid
> layout assert") replaced sizeof() with offsetofend() to dodge 32-bit
> PPC trailing padding, but the resulting check is tautological: with
> CID_OFFSET_MATCH(priv, priv) already enforcing offsetof(priv) equality
> and @priv being the same type in both structs, the two offsetofends
> are equal by construction. The original protection - catching a stray
> field added past @priv in sched_ext_ops_cid - is gone.
>
> Anchor on a zero-size __end[] marker appended after @priv. Its offset
> sits flush after @priv regardless of trailing struct padding; if a
> field is inserted past @priv, __end shifts and the assert fires.
>
> Closes: https://lore.kernel.org/all/20260508215211.0C03AC2BCB0@smtp.kernel.org/
> Signed-off-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com>
> ---
> kernel/sched/ext.c | 6 ++----
> kernel/sched/ext_internal.h | 3 +++
> 2 files changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
> index f86ee15be7cb..b685f45b4fd0 100644
> --- a/kernel/sched/ext.c
> +++ b/kernel/sched/ext.c
> @@ -10380,11 +10380,9 @@ static int __init scx_init(void)
> /*
> * cid-form must end exactly at @priv - validate_ops() skips
> * cpu_acquire/cpu_release for cid-form because reading those fields
> - * past the BPF allocation would be UB. offsetofend() on both sides
> - * instead of sizeof() on sched_ext_ops_cid to sidestep trailing
> - * struct padding (e.g. 32-bit PPC tail-pads ops_cid past @priv).
> + * past the BPF allocation would be UB.
> */
> - BUILD_BUG_ON(offsetofend(struct sched_ext_ops_cid, priv) !=
> + BUILD_BUG_ON(offsetof(struct sched_ext_ops_cid, __end) !=
> offsetofend(struct sched_ext_ops, priv));
> #undef CID_OFFSET_MATCH
>
> diff --git a/kernel/sched/ext_internal.h b/kernel/sched/ext_internal.h
> index 0ed79bd891c7..cd33984cffcf 100644
> --- a/kernel/sched/ext_internal.h
> +++ b/kernel/sched/ext_internal.h
> @@ -938,6 +938,9 @@ struct sched_ext_ops_cid {
>
> /* internal use only, must be NULL */
> void __rcu *priv;
> +
> + /* layout end anchor for the BUILD_BUG_ON in scx_init(); keep last */
> + char __end[0];
> };
>
> enum scx_opi {
next prev parent reply other threads:[~2026-05-09 14:37 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-08 23:59 [PATCH sched_ext/for-7.2] sched_ext: Fix ops_cid layout assert Tejun Heo
2026-05-09 14:37 ` Emil Tsalapatis [this message]
2026-05-09 15:53 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DIE80MHCA7U0.372V2BPKCAQH9@etsalapatis.com \
--to=emil@etsalapatis.com \
--cc=arighi@nvidia.com \
--cc=changwoo@igalia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sched-ext@lists.linux.dev \
--cc=tj@kernel.org \
--cc=void@manifault.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox