| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Apr 2010 08:47:15 -0700
From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Eric Paris <eparis@...isplace.org>,
Miles Lane <miles.lane@...il.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: INFO: suspicious rcu_dereference_check() usage -
include/linux/cgroup.h:492 invoked rcu_dereference_check() without
protection!
On Wed, Apr 14, 2010 at 12:47:38PM +0200, Peter Zijlstra wrote:
> On Mon, 2010-04-12 at 20:47 +0200, Peter Zijlstra wrote:
> > On Mon, 2010-04-12 at 14:44 -0400, Eric Paris wrote:
> > > On Wed, Mar 10, 2010 at 11:28 PM, Paul E. McKenney
> > > <paulmck@...ux.vnet.ibm.com> wrote:
> >
> > > I know you indicated this was fixed in mainline and I see that set of
> > > commits objects, but I'm seeing the below spew from linux-next today.
> > >
> > > tree: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
> > > tag: next-20100412
> > > commit: bbeecf185fe464ccd7ee97ce6d3646ad686995b4
> > >
> > > [ 0.035602] ===================================================
> > > [ 0.036003] [ INFO: suspicious rcu_dereference_check() usage. ]
> > > [ 0.037006] ---------------------------------------------------
> > > [ 0.038004] include/linux/cgroup.h:533 invoked
> > > rcu_dereference_check() without protection!
> > > [ 0.039003]
> > > [ 0.039004] other info that might help us debug this:
> > > [ 0.039004]
> > > [ 0.040003]
> > > [ 0.040004] rcu_scheduler_active = 1, debug_locks = 0
> > > [ 0.041004] no locks held by swapper/0.
> > > [ 0.042003]
> > > [ 0.042004] stack backtrace:
> > > [ 0.043005] Pid: 0, comm: swapper Not tainted 2.6.34-rc3-next-20100412+ #65
> > > [ 0.044003] Call Trace:
> > > [ 0.045015] [<ffffffff8108584f>] lockdep_rcu_dereference+0xaf/0xc0
> > > [ 0.046010] [<ffffffff81044812>] set_task_cpu+0x2d2/0x370
> >
> > Oh, right, I still have to sort that out.
> >
> > I need to figure out how all that scheduler and cgroup muck interact to
> > fix this.
>
> I think the below should cure this..
Looks reasonable to me!
Acked-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
> Signed-off-by: Peter Zijlstra <a.p.zijlstra@...llo.nl>
> ---
> kernel/sched.c | 10 ++++++++++
> 1 files changed, 10 insertions(+), 0 deletions(-)
>
> diff --git a/kernel/sched.c b/kernel/sched.c
> index 3acf694..2e06d87 100644
> --- a/kernel/sched.c
> +++ b/kernel/sched.c
> @@ -323,6 +323,15 @@ static inline struct task_group *task_group(struct task_struct *p)
> /* Change a task's cfs_rq and parent entity if it moves across CPUs/groups */
> static inline void set_task_rq(struct task_struct *p, unsigned int cpu)
> {
> + /*
> + * Strictly speaking this rcu_read_lock() is not needed since the
> + * task_group is tied to the cgroup, which in turn can never go away
> + * as long as there are tasks attached to it.
> + *
> + * However since task_group() uses task_subsys_state() which is an
> + * rcu_dereference() user, this quiets CONFIG_PROVE_RCU.
> + */
> + rcu_read_lock();
> #ifdef CONFIG_FAIR_GROUP_SCHED
> p->se.cfs_rq = task_group(p)->cfs_rq[cpu];
> p->se.parent = task_group(p)->se[cpu];
> @@ -332,6 +341,7 @@ static inline void set_task_rq(struct task_struct *p, unsigned int cpu)
> p->rt.rt_rq = task_group(p)->rt_rq[cpu];
> p->rt.parent = task_group(p)->rt_se[cpu];
> #endif
> + rcu_read_unlock();
> }
>
> #else
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists