| Message ID | 20210221194207.1351703-1-willy@infradead.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | mm: Use rcu_dereference in in_vfork | expand |
On 2021/2/22 3:42, Matthew Wilcox (Oracle) wrote: > Fix a sparse warning by using rcu_dereference(). Technically this is a > bug and a sufficiently aggressive compiler could reload the `real_parent' > pointer outside the protection of the rcu lock (and access freed memory), > but I think it's pretty unlikely to happen. > > Fixes: b18dc5f291c0 ("mm, oom: skip vforked tasks from being selected") > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Looks good to me. Thanks! Reviewed-by: Miaohe Lin <linmiaohe@huawei.com> > --- > include/linux/sched/mm.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/include/linux/sched/mm.h b/include/linux/sched/mm.h > index 1ae08b8462a4..90b2a0bce11c 100644 > --- a/include/linux/sched/mm.h > +++ b/include/linux/sched/mm.h > @@ -140,7 +140,8 @@ static inline bool in_vfork(struct task_struct *tsk) > * another oom-unkillable task does this it should blame itself. > */ > rcu_read_lock(); > - ret = tsk->vfork_done && tsk->real_parent->mm == tsk->mm; > + ret = tsk->vfork_done && > + rcu_dereference(tsk->real_parent)->mm == tsk->mm; > rcu_read_unlock(); > > return ret; >
On Sun 21-02-21 19:42:06, Matthew Wilcox wrote: > Fix a sparse warning by using rcu_dereference(). Technically this is a > bug and a sufficiently aggressive compiler could reload the `real_parent' > pointer outside the protection of the rcu lock (and access freed memory), > but I think it's pretty unlikely to happen. > > Fixes: b18dc5f291c0 ("mm, oom: skip vforked tasks from being selected") > Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> I must have missed the RCU part. Thanks! Acked-by: Michal Hocko <mhocko@suse.com> > --- > include/linux/sched/mm.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/include/linux/sched/mm.h b/include/linux/sched/mm.h > index 1ae08b8462a4..90b2a0bce11c 100644 > --- a/include/linux/sched/mm.h > +++ b/include/linux/sched/mm.h > @@ -140,7 +140,8 @@ static inline bool in_vfork(struct task_struct *tsk) > * another oom-unkillable task does this it should blame itself. > */ > rcu_read_lock(); > - ret = tsk->vfork_done && tsk->real_parent->mm == tsk->mm; > + ret = tsk->vfork_done && > + rcu_dereference(tsk->real_parent)->mm == tsk->mm; > rcu_read_unlock(); > > return ret; > -- > 2.29.2 >
diff --git a/include/linux/sched/mm.h b/include/linux/sched/mm.h index 1ae08b8462a4..90b2a0bce11c 100644 --- a/include/linux/sched/mm.h +++ b/include/linux/sched/mm.h @@ -140,7 +140,8 @@ static inline bool in_vfork(struct task_struct *tsk) * another oom-unkillable task does this it should blame itself. */ rcu_read_lock(); - ret = tsk->vfork_done && tsk->real_parent->mm == tsk->mm; + ret = tsk->vfork_done && + rcu_dereference(tsk->real_parent)->mm == tsk->mm; rcu_read_unlock(); return ret;
Fix a sparse warning by using rcu_dereference(). Technically this is a bug and a sufficiently aggressive compiler could reload the `real_parent' pointer outside the protection of the rcu lock (and access freed memory), but I think it's pretty unlikely to happen. Fixes: b18dc5f291c0 ("mm, oom: skip vforked tasks from being selected") Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> --- include/linux/sched/mm.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)