On Wed, Jan 29, 2025 at 11:08:41AM -0800, Shakeel Butt <shakeel.butt@xxxxxxxxx> wrote: > I think this is indeed the race though small. One way to fix this is by > taking cgroup_threadgroup_rwsem in write mode in __cgroup_kill() as the > fork side takes it in read mode from cgroup_can_fork() to > cgroup_post_fork(). I don't see that cgroup_mutex and css_set_lock alone ensure the ordering neither. cgroup_threadgroup_rwsem would be certain but heavy as you write. As I'm looking at it now, freezing is similar but shouldn't allow such a child escape if k3' came before c6 since the CGRP_FREEZE (or ~CGRP_FREEZE) is permanent (until next operation). That is IIUC basis for Shakeel's sequence approach too. (CLONE_INTO_CGROUP should be fine thanks to cgroup_mutex.) Thanks, Michal
Attachment:
signature.asc
Description: PGP signature
