On 7/1/23 19:38, Waiman Long wrote:
On 7/1/23 02:50, Miaohe Lin wrote:
update_parent_subparts_cpumask() is called outside RCU read-side
critical
section without holding extra css refcnt of cp. In theroy, cp could be
freed at any time. Holding extra css refcnt to ensure cp is valid while
updating parent subparts cpumask.
Fixes: d7c8142d5a55 ("cgroup/cpuset: Make partition invalid if
cpumask change violates exclusivity rule")
Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
---
kernel/cgroup/cpuset.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
index 58e6f18f01c1..632a9986d5de 100644
--- a/kernel/cgroup/cpuset.c
+++ b/kernel/cgroup/cpuset.c
@@ -1806,9 +1806,12 @@ static int update_cpumask(struct cpuset *cs,
struct cpuset *trialcs,
cpuset_for_each_child(cp, css, parent)
if (is_partition_valid(cp) &&
cpumask_intersects(trialcs->cpus_allowed,
cp->cpus_allowed)) {
+ if (!css_tryget_online(&cp->css))
+ continue;
rcu_read_unlock();
update_parent_subparts_cpumask(cp,
partcmd_invalidate, NULL, &tmp);
rcu_read_lock();
+ css_put(&cp->css);
}
rcu_read_unlock();
retval = 0;
Thanks for finding that. It looks good to me.
Reviewed-by: Waiman Long <longman@xxxxxxxxxx>
Though, I will say that an offline cpuset cannot be a valid partition
root. So it is not really a problem. For correctness sake and
consistency with other similar code, I am in favor of getting it merged.
Cheers,
Longman
