Re: [PATCH 2/2 v2] cgroup: Drop task_lock(parent) on cgroup_fork()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>>> @@ -4556,7 +4556,7 @@ static const struct file_operations proc_cgroupstats_operations = {
>>>   *
>>>   * A pointer to the shared css_set was automatically copied in
>>>   * fork.c by dup_task_struct().  However, we ignore that copy, since
>>> - * it was not made under the protection of RCU or cgroup_mutex, so
>>> + * it was not made under the protection of threadgroup_change_begin(), so
>>
>> I think the original comment still stands, but now threadgroup_change_begin()
>> can also protect the cgroup pointer from becoming invalid.
> 
> Right but I'm not sure it's worth quoting RCU and cgroup_mutex. The reason
> why we use threadgroup_change_begin() is not only to ensure the pointer
> validity but also to synchronize the whole cgroup proc logic. This way
> when we attach a whole proc with cgroup_attach_proc(), we are sure that
> no thread forked too soon or too late such that it wouldn't be migrated with
> the rest.
> 
> RCU or cgroup_mutex on dup_task_struct() (+ a get_css_set()) would have
> protected the pointer validity but not the whole above described machinery.
> So I don't think it's even worth quoting those solutions. But if you prefer
> I can keep the old comment.
> 

No, I don't have strong opinion here.

So I'll ack this patch.

> OTOH what I think is missing in the comment is that explanation on the synchronization
> against entire proc migration. I can edit that.
> 

I would appreciate this. :)

>>
>>>   * might no longer be a valid cgroup pointer.  cgroup_attach_task() might
>>>   * have already changed current->cgroups, allowing the previously
>>>   * referenced cgroup group to be removed and freed.
>>> @@ -4566,10 +4566,14 @@ static const struct file_operations proc_cgroupstats_operations = {
>>>   */
>>>  void cgroup_fork(struct task_struct *child)
>>>  {
>>> -	task_lock(current);
>>> +	/*
>>> +	 * We don't need to task_lock() current because current->cgroups
>>> +	 * can't be changed concurrently here. The parent obviously hasn't
>>> +	 * exited and called cgroup_exit(), and we are synchronized against
>>> +	 * cgroup migration through threadgroup_change_begin().
>>> +	 */
>>>  	child->cgroups = current->cgroups;
>>>  	get_css_set(child->cgroups);
>>> -	task_unlock(current);
>>>  	INIT_LIST_HEAD(&child->cg_list);
>>>  }
>>>  
> 
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
[Index of Archives]     [Cgroups]     [Netdev]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux