Re: [bug report] cgroup: Honor caller's cgroup NS when resolving path

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Dan Carpenter.

On Wed, Aug 31, 2022 at 10:08:09AM +0300, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> The kernfs_walk_and_get() function calls down_read() (a semaphore) so
> it can't be called while holding a spinlock.

Thanks for the report (I should have looked deeper into
kernfs_walk_and_get).

I'd propose a patch like bellow.

Are you OK with adding 
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
as I'll send the proposed patch to public mailing lists.

Thanks,
Michal

----8<----
From e2de5c76969e5ac4c7fe5e00a54229cbe59bd86a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@xxxxxxxx>
Date: Wed, 31 Aug 2022 10:36:19 +0200
Subject: [PATCH] cgroup: Reorganize css_set_lock and kernfs path processing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The commit 74e4b956eb1c incorrectly wrapped kernfs_walk_and_get under
css_set_lock. That lock is needed by __cset_cgroup_from_root to ensure
stable cset->cgrp_links. The returned cgroup object is pinned by the
css_set. Kernfs code that traverses paths to this cgroup does not need
css_set_lock (lowest cgroup pins its ancestry and cgroup pins its
cgroup->kn).

TODO root(s) of named v1 hierarchies

Fixes: 74e4b956eb1c: ("cgroup: Honor caller's cgroup NS when resolving path")
Reported-by: FIXME
Signed-off-by: Michal Koutný <mkoutny@xxxxxxxx>
---
 kernel/cgroup/cgroup.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 0005de2e2ed9..0f91dc6d16cc 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -1391,11 +1391,16 @@ static void cgroup_destroy_root(struct cgroup_root *root)
 	cgroup_free_root(root);
 }
 
+/*
+ * Returned cgroup is without refcount but it's valid as long as cset pins it.
+ */
 static inline struct cgroup *__cset_cgroup_from_root(struct css_set *cset,
 					    struct cgroup_root *root)
 {
 	struct cgroup *res_cgroup = NULL;
 
+	lockdep_assert_held(&css_set_lock);
+
 	if (cset == &init_css_set) {
 		res_cgroup = &root->cgrp;
 	} else if (root == &cgrp_dfl_root) {
@@ -1426,8 +1431,6 @@ current_cgns_cgroup_from_root(struct cgroup_root *root)
 	struct cgroup *res = NULL;
 	struct css_set *cset;
 
-	lockdep_assert_held(&css_set_lock);
-
 	rcu_read_lock();
 
 	cset = current->nsproxy->cgroup_ns->root_cset;
@@ -1446,7 +1449,6 @@ static struct cgroup *cset_cgroup_from_root(struct css_set *cset,
 	struct cgroup *res = NULL;
 
 	lockdep_assert_held(&cgroup_mutex);
-	lockdep_assert_held(&css_set_lock);
 
 	res = __cset_cgroup_from_root(cset, root);
 
@@ -1861,8 +1863,8 @@ int cgroup_show_path(struct seq_file *sf, struct kernfs_node *kf_node,
 
 	spin_lock_irq(&css_set_lock);
 	ns_cgroup = current_cgns_cgroup_from_root(kf_cgroot);
-	len = kernfs_path_from_node(kf_node, ns_cgroup->kn, buf, PATH_MAX);
 	spin_unlock_irq(&css_set_lock);
+	len = kernfs_path_from_node(kf_node, ns_cgroup->kn, buf, PATH_MAX);
 
 	if (len >= PATH_MAX)
 		len = -ERANGE;
@@ -6649,8 +6651,8 @@ struct cgroup *cgroup_get_from_path(const char *path)
 
 	spin_lock_irq(&css_set_lock);
 	root_cgrp = current_cgns_cgroup_from_root(&cgrp_dfl_root);
-	kn = kernfs_walk_and_get(root_cgrp->kn, path);
 	spin_unlock_irq(&css_set_lock);
+	kn = kernfs_walk_and_get(root_cgrp->kn, path);
 	if (!kn)
 		goto out;
 

base-commit: c0f2df49cf2471289d5aabf16f50ac26eb268f7d
-- 
2.37.0

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux