diff options
| author | Tejun Heo <tj@kernel.org> | 2013-06-25 11:48:32 -0700 |
|---|---|---|
| committer | Tejun Heo <tj@kernel.org> | 2013-06-26 10:42:46 -0700 |
| commit | 14611e51a57df10240817d8ada510842faf0ec51 (patch) | |
| tree | d2b3ba10386a98a867fac435625cee580f9b5047 /kernel/cgroup.c | |
| parent | eb178d063324d9c30f673db3877b892a48ade21e (diff) | |
| download | talos-op-linux-14611e51a57df10240817d8ada510842faf0ec51.tar.gz talos-op-linux-14611e51a57df10240817d8ada510842faf0ec51.zip | |
cgroup: fix RCU accesses to task->cgroups
task->cgroups is a RCU pointer pointing to struct css_set. A task
switches to a different css_set on cgroup migration but a css_set
doesn't change once created and its pointers to cgroup_subsys_states
aren't RCU protected.
task_subsys_state[_check]() is the macro to acquire css given a task
and subsys_id pair. It RCU-dereferences task->cgroups->subsys[] not
task->cgroups, so the RCU pointer task->cgroups ends up being
dereferenced without read_barrier_depends() after it. It's broken.
Fix it by introducing task_css_set[_check]() which does
RCU-dereference on task->cgroups. task_subsys_state[_check]() is
reimplemented to directly dereference ->subsys[] of the css_set
returned from task_css_set[_check]().
This removes some of sparse RCU warnings in cgroup.
v2: Fixed unbalanced parenthsis and there's no need to use
rcu_dereference_raw() when !CONFIG_PROVE_RCU. Both spotted by Li.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Acked-by: Li Zefan <lizefan@huawei.com>
Cc: stable@vger.kernel.org
Diffstat (limited to 'kernel/cgroup.c')
0 files changed, 0 insertions, 0 deletions
