Re: [PATCH] cgroup: fixed the cset refcnt leak when fork() failed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 6/5/23 17:38, Tejun Heo wrote:
On Mon, Jun 05, 2023 at 09:04:44PM +0800, Zou Cao wrote:
TeamID: B1486294

when fork, cset will be increased by commit "ef2c41cf38a7", the refcnt will
be decrease by child exit, but when failed in fork(), this refcnt will
be lost decrease in cgroup_cancel_fork as follow:

copy_process
      |
cgroup_can_fork    //  increase the css refcount
   ......
   spin_lock_irq(&css_set_lock);
   cset = task_css_setcurrent);
   get_css_set(cset);
   spin_unlock_irq&css_set_lock);
   ......
      |
goto cgroup_cancel_fork    // if failed in  copy_process
      |
cgroup_cancel_fork  // lost the decrease refcount if flag not CLONE_INTO_CGROUP

Fixes: ef2c41cf38a7 ("clone3: allow spawning processes into cgroups")
Signed-off-by: Zou Cao <zoucao@xxxxxxxxxxxx>
Is this the same bug fixed by the following commit?

  https://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git/commit/?h=for-6.4-fixes&id=2bd110339288c18823dcace602b63b0d8627e520

I believe it is the same bug that this patch is trying to fix. I missed the part kargs->cset is cleared in cgroup_post_fork() so that the put can be done solely in cgroup_css_set_put_fork(). That is definitely the cleaner approach.

Cheers,
Longman




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]     [Monitors]

  Powered by Linux