| Message ID | 20221208220141.2625775-3-longman@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | blk-cgroup: Fix potential UAF & miscellaneous cleanup | expand |
diff --git a/block/blk-cgroup.c b/block/blk-cgroup.c index 21cc88349f21..c466aef0d467 100644 --- a/block/blk-cgroup.c +++ b/block/blk-cgroup.c @@ -885,6 +885,12 @@ static void blkcg_rstat_flush(struct cgroup_subsys_state *css, int cpu) WRITE_ONCE(bisc->lqueued, false); + /* Don't flush its stats if blkg is offline */ + if (unlikely(!blkg->online)) { + percpu_ref_put(&blkg->refcnt); + continue; + } + /* fetch the current per-cpu values */ do { seq = u64_stats_fetch_begin(&bisc->sync);
Before commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()"), blkg's stats is only flushed if they are online. In addition, the stat flushing of blkgs in blkcg_rstat_flush() includes propagating the rstat data to its parent. However, if a blkg has been destroyed (offline), the validity of its parent may be questionable. For safety, revert back to the old behavior by ignoring offline blkg's. Signed-off-by: Waiman Long <longman@redhat.com> --- block/blk-cgroup.c | 6 ++++++ 1 file changed, 6 insertions(+)