| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Oct 2008 09:32:50 +0200
From: Cedric Le Goater <clg@...ibm.com>
To: Li Zefan <lizf@...fujitsu.com>
CC: Andrew Morton <akpm@...ux-foundation.org>,
Linux Containers <containers@...ts.linux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/4] freezer_cg: remove redundant check in freezer_can_attach()
Li Zefan wrote:
> It is sufficient to check if @task is frozen, and no need to check if
> the original freezer is frozen.
hmm, a task being frozen does not mean that its freezer cgroup is
frozen. So the extra check seems valid but looking at the comment :
/*
* The call to cgroup_lock() in the freezer.state write method prevents
* a write to that file racing against an attach, and hence the
* can_attach() result will remain valid until the attach completes.
*/
static int freezer_can_attach(struct cgroup_subsys *ss,
how do we know that the task_freezer(task), which is not protected by
the cgroup_lock(), is not going to change its state to CGROUP_FROZEN
it looks racy.
C.
> Signed-off-by: Li Zefan <lizf@...fujitsu.com>
> ---
> kernel/cgroup_freezer.c | 16 +++++++---------
> 1 files changed, 7 insertions(+), 9 deletions(-)
>
> diff --git a/kernel/cgroup_freezer.c b/kernel/cgroup_freezer.c
> index 7f54d1c..6fadafe 100644
> --- a/kernel/cgroup_freezer.c
> +++ b/kernel/cgroup_freezer.c
> @@ -162,9 +162,13 @@ static int freezer_can_attach(struct cgroup_subsys *ss,
> struct task_struct *task)
> {
> struct freezer *freezer;
> - int retval;
>
> - /* Anything frozen can't move or be moved to/from */
> + /*
> + * Anything frozen can't move or be moved to/from.
> + *
> + * Since orig_freezer->state == FROZEN means that @task has been
> + * frozen, so it's sufficient to check the latter condition.
> + */
>
> if (is_task_frozen_enough(task))
> return -EBUSY;
> @@ -173,13 +177,7 @@ static int freezer_can_attach(struct cgroup_subsys *ss,
> if (freezer->state == CGROUP_FROZEN)
> return -EBUSY;
>
> - retval = 0;
> - task_lock(task);
> - freezer = task_freezer(task);
> - if (freezer->state == CGROUP_FROZEN)
> - retval = -EBUSY;
> - task_unlock(task);
> - return retval;
> + return 0;
> }
>
> static void freezer_fork(struct cgroup_subsys *ss, struct task_struct *task)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists