| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250915065236.13669-1-changwoo@igalia.com>
Date: Mon, 15 Sep 2025 15:52:36 +0900
From: Changwoo Min <changwoo@...lia.com>
To: tj@...nel.org,
void@...ifault.com,
arighi@...dia.com
Cc: kernel-dev@...lia.com,
sched-ext@...ts.linux.dev,
linux-kernel@...r.kernel.org,
Changwoo Min <changwoo@...lia.com>
Subject: [PATCH] sched_ext: allow scx_bpf_task_cgroup() in ops.dispatch()
Calling scx_bpf_task_cgroup() on the prev task from ops.dispatch()
currently triggers a runtime error:
------
CodecWorker[92989] triggered exit kind 1024:
runtime error (called on a task not being operated on)
Backtrace:
scx_bpf_task_cgroup+0xbb/0xd0
bpf_prog_d7d2e9d404cf3602_lavd_dispatch+0xc45/0xccc
bpf__sched_ext_ops_dispatch+0x4b/0xab
balance_one+0x25f/0x550
balance_scx+0x37/0x160
prev_balance+0x46/0xb0
__schedule+0x702/0x23d0
schedule+0x27/0xd0
irqentry_exit_to_user_mode+0x1ac/0x200
asm_sysvec_apic_timer_interrupt+0x1a/0x20
------
This happens because the prev task is not registered as a task argument
of ops.dispatch(). As a result, scx_kf_allowed_on_arg_tasks() rejects
scx_bpf_task_cgroup() calls on the prev task.
Fix this by adding the prev task to scx.kf_tasks so that task-related
BPF helpers such as scx_bpf_task_cgroup() can be called safely. Since
the SCX_CALL_OP_TASK family assumes the first argument is the task,
introduce a new SCX_CALL_OP_TASK_ANY macro without that restriction.
Also update __SCX_KF_TERMINAL to include SCX_KF_DISPATCH.
Signed-off-by: Changwoo Min <changwoo@...lia.com>
---
include/linux/sched/ext.h | 3 ++-
kernel/sched/ext.c | 13 +++++++++++--
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/include/linux/sched/ext.h b/include/linux/sched/ext.h
index 7047101dbf58..b404a93d371c 100644
--- a/include/linux/sched/ext.h
+++ b/include/linux/sched/ext.h
@@ -116,7 +116,8 @@ enum scx_kf_mask {
__SCX_KF_RQ_LOCKED = SCX_KF_CPU_RELEASE | SCX_KF_DISPATCH |
SCX_KF_ENQUEUE | SCX_KF_SELECT_CPU | SCX_KF_REST,
- __SCX_KF_TERMINAL = SCX_KF_ENQUEUE | SCX_KF_SELECT_CPU | SCX_KF_REST,
+ __SCX_KF_TERMINAL = SCX_KF_DISPATCH | SCX_KF_ENQUEUE |
+ SCX_KF_SELECT_CPU | SCX_KF_REST,
};
enum scx_dsq_lnode_flags {
diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
index 3eb6be889da6..f704d2e5dce2 100644
--- a/kernel/sched/ext.c
+++ b/kernel/sched/ext.c
@@ -328,6 +328,14 @@ do { \
__ret; \
})
+#define SCX_CALL_OP_TASK_ANY(sch, mask, op, rq, task, args...) \
+do { \
+ BUILD_BUG_ON((mask) & ~__SCX_KF_TERMINAL); \
+ current->scx.kf_tasks[0] = task; \
+ SCX_CALL_OP((sch), mask, op, rq, ##args); \
+ current->scx.kf_tasks[0] = NULL; \
+} while (0)
+
/* @mask is constant, always inline to cull unnecessary branches */
static __always_inline bool scx_kf_allowed(u32 mask)
{
@@ -2105,8 +2113,9 @@ static int balance_one(struct rq *rq, struct task_struct *prev)
do {
dspc->nr_tasks = 0;
- SCX_CALL_OP(sch, SCX_KF_DISPATCH, dispatch, rq,
- cpu_of(rq), prev_on_scx ? prev : NULL);
+ SCX_CALL_OP_TASK_ANY(sch, SCX_KF_DISPATCH, dispatch, rq,
+ prev_on_scx ? prev : NULL,
+ cpu_of(rq), prev_on_scx ? prev : NULL);
flush_dispatch_buf(sch, rq);
--
2.51.0
Powered by blists - more mailing lists