On 2014/1/28 23:32, Tejun Heo wrote: > cgroup_cfts_commit() walks the cgroup hierarchy that the target > subsystem is attached to and tries to apply the file changes. Due to > the convolution with inode locking, it can't keep cgroup_mutex locked > while iterating. It currently holds only RCU read lock around the > actual iteration and then pins the found cgroup using dget(). > > Unfortunately, this is incorrect. Although the iteration does check > cgroup_is_dead() before invoking dget(), there's nothing which > prevents the dentry from going away inbetween. Note that this is > different from the usual css iterations where css_tryget() is used to > pin the css - css_tryget() tests whether the css can be pinned and > fails if not. > > The problem can be solved by simply holding cgroup_mutex instead of > RCU read lock around the iteration, which actually reduces LOC. > > Signed-off-by: Tejun Heo <tj@xxxxxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx Good catch! Acked-by: Li Zefan <lizefan@xxxxxxxxxx> _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
