From patchwork Wed Jan 12 11:39:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kara X-Patchwork-Id: 12711266 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78572C43219 for ; Wed, 12 Jan 2022 11:39:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239872AbiALLje (ORCPT ); Wed, 12 Jan 2022 06:39:34 -0500 Received: from smtp-out1.suse.de ([195.135.220.28]:45604 "EHLO smtp-out1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239994AbiALLjd (ORCPT ); Wed, 12 Jan 2022 06:39:33 -0500 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id B23EB218EA; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=pS/tDT0OL3AJ1Hj7o6QL2j+6i7j/yu+TDoB+Spendow=; b=goAYM6J4lGKNnDQe8IuzdEHLzh77MdnGGq+LTJMPOSAGsaPuoE6zYAOAlNWkqgS/eRanvN RXfelNpl01wZM+H6noiRiOpEs/EJ3aKaMj3UpubVl7RPBlS4cuTgvBGNckwbhLEWuSLlv5 S0ZG/9cPEH3E3BZHtlA+acPCnc2nxsI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=pS/tDT0OL3AJ1Hj7o6QL2j+6i7j/yu+TDoB+Spendow=; b=tvEPqROvllD5hR5Wag5Ow0e0vh6RA6EVYfu1NlR9ktqFS5lSGUHkcqFSECfgJxYgqM95CO fSCbEhnOUPa09MDQ== Received: from quack3.suse.cz (unknown [10.100.200.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id A18D0A3B88; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) Received: by quack3.suse.cz (Postfix, from userid 1000) id B32DDA03CF; Wed, 12 Jan 2022 12:39:28 +0100 (CET) From: Jan Kara To: Cc: Jens Axboe , Paolo Valente , "yukuai (C)" , Jan Kara , stable@vger.kernel.org Subject: [PATCH 1/4] bfq: Avoid false marking of bic as stably merged Date: Wed, 12 Jan 2022 12:39:19 +0100 Message-Id: <20220112113928.32349-1-jack@suse.cz> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20220112113529.6355-1-jack@suse.cz> References: <20220112113529.6355-1-jack@suse.cz> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1119; h=from:subject; bh=5U8ovRbTkvkFai3dDsau8hR63c7msoBSWRjO0JL3zkc=; b=owEBbQGS/pANAwAIAZydqgc/ZEDZAcsmYgBh3r3mD9DXHDYFgwsklw51KXLtvtKGVx/PMj1feWCk x+0rFemJATMEAAEIAB0WIQSrWdEr1p4yirVVKBycnaoHP2RA2QUCYd695gAKCRCcnaoHP2RA2UK0B/ wN060fsI7A1B4TFD7vfyYcVRfrG4X+pvtbzgEL44Nj4mfxfwVE54ArI9Dyu4BYJgjBOGlpvgBPdFmE 2n6ymysjHfi8JGydPfQ8xlpzZ1yaTVsmSa3ZOMYVgqRM92EwaisFHiuWtvkh4jeZG6BtrghKNPfJrJ qwsAqkzNRlu7Te5Slt5zhVoOiuYKDQDoeq84CcMivAF1WoUHTQ84nlnDbYWdPqVoWBqFAzIb+/F5sB hcQQP6/2CFiIYW3huCWY0pLhi+053p5pjYNi2dB8xILNlYFKgb+V3HUUkYiSRos5/r/VQF6vRQ1JJG mdiuSRoJXWy/Yn3naP4joUOeGiWySj X-Developer-Key: i=jack@suse.cz; a=openpgp; fpr=93C6099A142276A28BBE35D815BC833443038D8C Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org bfq_setup_cooperator() can mark bic as stably merged even though it decides to not merge its bfqqs (when bfq_setup_merge() returns NULL). Make sure to mark bic as stably merged only if we are really going to merge bfqqs. CC: stable@vger.kernel.org Fixes: 430a67f9d616 ("block, bfq: merge bursts of newly-created queues") Signed-off-by: Jan Kara --- block/bfq-iosched.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c index fec18118dc30..056399185c2f 100644 --- a/block/bfq-iosched.c +++ b/block/bfq-iosched.c @@ -2762,9 +2762,12 @@ bfq_setup_cooperator(struct bfq_data *bfqd, struct bfq_queue *bfqq, struct bfq_queue *new_bfqq = bfq_setup_merge(bfqq, stable_merge_bfqq); - bic->stably_merged = true; - if (new_bfqq && new_bfqq->bic) - new_bfqq->bic->stably_merged = true; + if (new_bfqq) { + bic->stably_merged = true; + if (new_bfqq->bic) + new_bfqq->bic->stably_merged = + true; + } return new_bfqq; } else return NULL; From patchwork Wed Jan 12 11:39:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kara X-Patchwork-Id: 12711268 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13D13C4167B for ; Wed, 12 Jan 2022 11:39:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352931AbiALLjf (ORCPT ); Wed, 12 Jan 2022 06:39:35 -0500 Received: from smtp-out2.suse.de ([195.135.220.29]:42132 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239705AbiALLjd (ORCPT ); Wed, 12 Jan 2022 06:39:33 -0500 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id B74811F3C4; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oeshiqmmWZD73GkSK4+N+GqKNPAYETIzxJpuE6/zef0=; b=Ebgey+NQhAxd48653G0pGWNqqVo2dDuCuJ9lWAz1jZgVU1RUKRBi7x9o2C/roKOn2AyDOk ZW/doaFV+csXZXqWiE8sf94JUSFE55r6B7z8wmG+5tw7S1gg3xWJi0D7SybpClMFgHs20D 07wiCiDjAt6qFSSa6N0PF1zdcjABCA8= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oeshiqmmWZD73GkSK4+N+GqKNPAYETIzxJpuE6/zef0=; b=Kep9/4KiqXcwDgMT9oEZyckqmAi0gbFJ3K8BhRGJRLnBBr1NLHcyoyIogXF91y1UsWBO8K +F2Tdu7Zkv7uJsAA== Received: from quack3.suse.cz (unknown [10.100.200.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id A5526A3B8B; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) Received: by quack3.suse.cz (Postfix, from userid 1000) id B8323A05DA; Wed, 12 Jan 2022 12:39:28 +0100 (CET) From: Jan Kara To: Cc: Jens Axboe , Paolo Valente , "yukuai (C)" , Jan Kara , stable@vger.kernel.org Subject: [PATCH 2/4] bfq: Avoid merging queues with different parents Date: Wed, 12 Jan 2022 12:39:20 +0100 Message-Id: <20220112113928.32349-2-jack@suse.cz> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20220112113529.6355-1-jack@suse.cz> References: <20220112113529.6355-1-jack@suse.cz> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2888; h=from:subject; bh=Wo1FkmvrgLnsLoxUN8FFedXWnRxiaMVst9kwBuKTVTg=; b=owGbwMvMwME4Z+4qdvsUh5uMp9WSGBLv7X3OtXeJelVuq27SI+72X84pRT0BvIaHkyKyfnL+UpFs rgjoZDRmYWDkYJAVU2RZHXlR+9o8o66toRoyMINYmUCmMHBxCsBE3nhyMLzbcv5VtFjE3UflIWVdO7 J2zgwov+LKuOur/Ukhq7e2T/9snKXLLPimSvEw76stU2efKcs+p7Ug9p6v+eaikntG3Mq2s6Ypr/tz YqOWfyq7vquQg/YWNf1lsdF2fTxZr1gfCfpZ6nDNbfXQ5G2f1T7xcEz0JJttC9KqdO37OMySPhbYin qx7g6cuFHphavm1pe5Z9bpn9JbvZCjT9tAt1zrsHjHRoZVOm/4n7icNPEvVPKIy31tc+rV8omrChY4 mhxtVzq1UnpNq0TBKrbUay3TQlKZN19MnjO/1069luP5TgOV+qk11XdXinQ8Lc3NChR6n5oqpuWmaL VZT/Pk+dz6zPTPf/8e8PN/rfwYAA== X-Developer-Key: i=jack@suse.cz; a=openpgp; fpr=93C6099A142276A28BBE35D815BC833443038D8C Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge (and set bic->stable_merge_bfqq) and the moment bfq_setup_merge() is called. This can happen e.g. because the process submitted IO for a different cgroup and thus bfqq got reparented. It can even happen that the bfqq we are merging with has parent cgroup that is already offline and going to be destroyed in which case the merge can lead to use-after-free issues such as: BUG: KASAN: use-after-free in __bfq_deactivate_entity+0x9cb/0xa50 Read of size 8 at addr ffff88800693c0c0 by task runc:[2:INIT]/10544 CPU: 0 PID: 10544 Comm: runc:[2:INIT] Tainted: G E 5.15.2-0.g5fb85fd-default #1 openSUSE Tumbleweed (unreleased) f1f3b891c72369aebecd2e43e4641a6358867c70 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a-rebuilt.opensuse.org 04/01/2014 Call Trace: dump_stack_lvl+0x46/0x5a print_address_description.constprop.0+0x1f/0x140 ? __bfq_deactivate_entity+0x9cb/0xa50 kasan_report.cold+0x7f/0x11b ? __bfq_deactivate_entity+0x9cb/0xa50 __bfq_deactivate_entity+0x9cb/0xa50 ? update_curr+0x32f/0x5d0 bfq_deactivate_entity+0xa0/0x1d0 bfq_del_bfqq_busy+0x28a/0x420 ? resched_curr+0x116/0x1d0 ? bfq_requeue_bfqq+0x70/0x70 ? check_preempt_wakeup+0x52b/0xbc0 __bfq_bfqq_expire+0x1a2/0x270 bfq_bfqq_expire+0xd16/0x2160 ? try_to_wake_up+0x4ee/0x1260 ? bfq_end_wr_async_queues+0xe0/0xe0 ? _raw_write_unlock_bh+0x60/0x60 ? _raw_spin_lock_irq+0x81/0xe0 bfq_idle_slice_timer+0x109/0x280 ? bfq_dispatch_request+0x4870/0x4870 __hrtimer_run_queues+0x37d/0x700 ? enqueue_hrtimer+0x1b0/0x1b0 ? kvm_clock_get_cycles+0xd/0x10 ? ktime_get_update_offsets_now+0x6f/0x280 hrtimer_interrupt+0x2c8/0x740 Fix the problem by checking that the parent of the two bfqqs we are merging in bfq_setup_merge() is the same. Link: https://lore.kernel.org/linux-block/20211125172809.GC19572@quack2.suse.cz/ CC: stable@vger.kernel.org Fixes: 430a67f9d616 ("block, bfq: merge bursts of newly-created queues") Signed-off-by: Jan Kara --- block/bfq-iosched.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c index 056399185c2f..0da47f2ca781 100644 --- a/block/bfq-iosched.c +++ b/block/bfq-iosched.c @@ -2638,6 +2638,14 @@ bfq_setup_merge(struct bfq_queue *bfqq, struct bfq_queue *new_bfqq) if (process_refs == 0 || new_process_refs == 0) return NULL; + /* + * Make sure merged queues belong to the same parent. Parents could + * have changed since the time we decided the two queues are suitable + * for merging. + */ + if (new_bfqq->entity.parent != bfqq->entity.parent) + return NULL; + bfq_log_bfqq(bfqq->bfqd, bfqq, "scheduling merge with queue %d", new_bfqq->pid); From patchwork Wed Jan 12 11:39:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kara X-Patchwork-Id: 12711267 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AAD85C4321E for ; Wed, 12 Jan 2022 11:39:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240214AbiALLje (ORCPT ); Wed, 12 Jan 2022 06:39:34 -0500 Received: from smtp-out1.suse.de ([195.135.220.28]:45602 "EHLO smtp-out1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239090AbiALLjd (ORCPT ); Wed, 12 Jan 2022 06:39:33 -0500 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id B00C8218E0; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XDO9AoyYXUqNubgEMjGkarVJG9Cnl1gqG+4zB1S+g74=; b=GGghDK2p4+/NWOq8fdtT2Ld6g6p2KsSIEmc1KW5a6enGXNKHFem4J8uV3tywUJpfX5oyGT bhfNZQiMvd0d98DTrIR56WOMn0zhIfTtZns4B14FrsjbphN2QtAoup0u+RQeidE6N9/EE0 ok92g7oIh4whgI49EfwFbdsJAwXxONw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XDO9AoyYXUqNubgEMjGkarVJG9Cnl1gqG+4zB1S+g74=; b=Ak7B7JJ3V/Mjn9t1hAP0n/FjebLImxjFzEZweXH//xDvZdQLQ4mqbtntQgKGoh4sY1dJ3P q2ouXJEXws7aXbAg== Received: from quack3.suse.cz (unknown [10.100.200.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id A1C36A3B8A; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) Received: by quack3.suse.cz (Postfix, from userid 1000) id BCA97A05DF; Wed, 12 Jan 2022 12:39:28 +0100 (CET) From: Jan Kara To: Cc: Jens Axboe , Paolo Valente , "yukuai (C)" , Jan Kara , stable@vger.kernel.org Subject: [PATCH 3/4] bfq: Split shared queues on move between cgroups Date: Wed, 12 Jan 2022 12:39:21 +0100 Message-Id: <20220112113928.32349-3-jack@suse.cz> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20220112113529.6355-1-jack@suse.cz> References: <20220112113529.6355-1-jack@suse.cz> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3120; h=from:subject; bh=sel642sWuiTv4fTM2Qie+70W8d84IsCChDwU6N1j7ME=; b=owEBbQGS/pANAwAIAZydqgc/ZEDZAcsmYgBh3r3oVLgObrwe59D8NKzRlluH0Q2g/dZqDtSdIidY msl+z9GJATMEAAEIAB0WIQSrWdEr1p4yirVVKBycnaoHP2RA2QUCYd696AAKCRCcnaoHP2RA2eWvCA CsRY0VEM4un3UlXlV7Ni3lcUSXwKw89aNmqP+RcU4WWFb6rVNcFahTwBnTcMHs9N5JavIBEdbteWFP QXjfYhoqkLR/z+2XpVAg6wFF6dHmsJWwtDX4JN8UOSKf/hmfim3W07SbHCrabcn3fUuCBRGpK1cv/+ NXWMiWqzXBXF5OhBo+u1dA66dOnukZtqn3Iabro6WOwstK+Nx8TKNhkRa6E/YYxaWl6/Fp5d3ZmInH UaPb8WPrDINQm0yYWo23g7EFkPD23VoFXXMfg9Fb3KZQw3QbLDQk03m5EhJpXhV8tNhsmNw7lLNWQD NurWc0Lle2H/9jrG7J7697mCDOWw+j X-Developer-Key: i=jack@suse.cz; a=openpgp; fpr=93C6099A142276A28BBE35D815BC833443038D8C Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org When bfqq is shared by multiple processes it can happen that one of the processes gets moved to a different cgroup (or just starts submitting IO for different cgroup). In case that happens we need to split the merged bfqq as otherwise we will have IO for multiple cgroups in one bfqq and we will just account IO time to wrong entities etc. Similarly if the bfqq is scheduled to merge with another bfqq but the merge didn't happen yet, cancel the merge as it need not be valid anymore. CC: stable@vger.kernel.org Fixes: e21b7a0b9887 ("block, bfq: add full hierarchical scheduling and cgroups support") Signed-off-by: Jan Kara --- block/bfq-cgroup.c | 25 ++++++++++++++++++++++++- block/bfq-iosched.c | 2 +- block/bfq-iosched.h | 1 + 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/block/bfq-cgroup.c b/block/bfq-cgroup.c index 24a5c5329bcd..dbc117e00783 100644 --- a/block/bfq-cgroup.c +++ b/block/bfq-cgroup.c @@ -730,8 +730,31 @@ static struct bfq_group *__bfq_bic_change_cgroup(struct bfq_data *bfqd, if (sync_bfqq) { entity = &sync_bfqq->entity; - if (entity->sched_data != &bfqg->sched_data) + if (entity->sched_data != &bfqg->sched_data) { + /* + * Was the queue we use merged to a different queue? + * Detach process from the queue as merge need not be + * valid anymore. We cannot easily cancel the merge as + * there may be other processes scheduled to this + * queue. + */ + if (sync_bfqq->new_bfqq) { + bfq_put_cooperator(sync_bfqq); + bfq_release_process_ref(bfqd, sync_bfqq); + bic_set_bfqq(bic, NULL, 1); + return bfqg; + } + /* + * Moving bfqq that is shared with another process? + * Split the queues at the nearest occasion as the + * processes can be in different cgroups now. + */ + if (bfq_bfqq_coop(sync_bfqq)) { + bic->stably_merged = false; + bfq_mark_bfqq_split_coop(sync_bfqq); + } bfq_bfqq_move(bfqd, sync_bfqq, bfqg); + } } return bfqg; diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c index 0da47f2ca781..361d321b012a 100644 --- a/block/bfq-iosched.c +++ b/block/bfq-iosched.c @@ -5184,7 +5184,7 @@ static void bfq_put_stable_ref(struct bfq_queue *bfqq) bfq_put_queue(bfqq); } -static void bfq_put_cooperator(struct bfq_queue *bfqq) +void bfq_put_cooperator(struct bfq_queue *bfqq) { struct bfq_queue *__bfqq, *next; diff --git a/block/bfq-iosched.h b/block/bfq-iosched.h index a73488eec8a4..6e250db2138e 100644 --- a/block/bfq-iosched.h +++ b/block/bfq-iosched.h @@ -976,6 +976,7 @@ void bfq_weights_tree_remove(struct bfq_data *bfqd, void bfq_bfqq_expire(struct bfq_data *bfqd, struct bfq_queue *bfqq, bool compensate, enum bfqq_expiration reason); void bfq_put_queue(struct bfq_queue *bfqq); +void bfq_put_cooperator(struct bfq_queue *bfqq); void bfq_end_wr_async_queues(struct bfq_data *bfqd, struct bfq_group *bfqg); void bfq_release_process_ref(struct bfq_data *bfqd, struct bfq_queue *bfqq); void bfq_schedule_dispatch(struct bfq_data *bfqd); From patchwork Wed Jan 12 11:39:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kara X-Patchwork-Id: 12711265 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D4035C433F5 for ; Wed, 12 Jan 2022 11:39:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240119AbiALLje (ORCPT ); Wed, 12 Jan 2022 06:39:34 -0500 Received: from smtp-out2.suse.de ([195.135.220.29]:42136 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239872AbiALLjd (ORCPT ); Wed, 12 Jan 2022 06:39:33 -0500 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id B503C1F3BB; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Pcw0Dz6qCaXjfiGIwaXI/xy2ZlOMa2tLvBlwHG3TYvw=; b=onsstIQttVSLGgFpUSh3I8HnRDo/bROAbMlFewWB3U43RyYQ82nc4hoqFT161CX9+guIzd Jms7ILfI8Y+NMgyYLx5CBZ1R7c+WbgueYVfCUSF8y6x2PnhHAnf12bloWEKM45dWRHQhdX VXB4iTq5M+buNDopk2u4lDh9nWNytbw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1641987571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Pcw0Dz6qCaXjfiGIwaXI/xy2ZlOMa2tLvBlwHG3TYvw=; b=qKNFZ6VjH57hsbem0RH8vQwYgBX3CXct42Clu9pZEGrwTOTZykyQM/60E9IMvf2k26d3+1 o8zALtEnkCuUtoCw== Received: from quack3.suse.cz (unknown [10.100.200.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id A1829A3B87; Wed, 12 Jan 2022 11:39:31 +0000 (UTC) Received: by quack3.suse.cz (Postfix, from userid 1000) id C1000A05E1; Wed, 12 Jan 2022 12:39:28 +0100 (CET) From: Jan Kara To: Cc: Jens Axboe , Paolo Valente , "yukuai (C)" , Jan Kara , stable@vger.kernel.org Subject: [PATCH 4/4] bfq: Update cgroup information before merging bio Date: Wed, 12 Jan 2022 12:39:22 +0100 Message-Id: <20220112113928.32349-4-jack@suse.cz> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20220112113529.6355-1-jack@suse.cz> References: <20220112113529.6355-1-jack@suse.cz> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1409; h=from:subject; bh=P/+2SbEdiz2xvmkxw/cr+I4TuGV2AeuKw8OJviTNrjg=; b=owEBbQGS/pANAwAIAZydqgc/ZEDZAcsmYgBh3r3pQy/HX7G773Vd6m9ykG4cMcysm53jNa0NyqZ3 2jEOnyWJATMEAAEIAB0WIQSrWdEr1p4yirVVKBycnaoHP2RA2QUCYd696QAKCRCcnaoHP2RA2SMXB/ 9jRaHsj0cG/dgAOCCu6VA+421DnphVVT+iVOcNsSjpmRH7QvpRl58F+OkMmbSZDP1If4Xjl50txiIb 6RQqBlUkj95eBCT4ufcZlA1e/TGlVIvlB+MS9FGs/a9EYhe4vm4NUde+ihp2AfXGZCb1/v3UrcTHhu pS+DEv8gzxe+qpbvYfDf8Lt8fHyTDNibiYmgs1MqolBOYz9/65MVASylA+AuGLYMnhPpZhNnQ2ds6G efBH0ZiJG9zKeqmGHgirmbKoJqwEVeUWdh0JzKCPhITYMx/1e2esDgZp4aP9KO2VXAN//HibX3KxIY rZQlGH7YPWm42GtOMC7LtZNDbM67HD X-Developer-Key: i=jack@suse.cz; a=openpgp; fpr=93C6099A142276A28BBE35D815BC833443038D8C Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can operate with stale cgroup information in bic. Thus the bio can be merged to a request from a different cgroup or it can result in merging of bfqqs for different cgroups or bfqqs of already dead cgroups and causing possible use-after-free issues. Fix the problem by updating cgroup information in bfq_merge_bio(). CC: stable@vger.kernel.org Fixes: e21b7a0b9887 ("block, bfq: add full hierarchical scheduling and cgroups support") Signed-off-by: Jan Kara --- block/bfq-iosched.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c index 361d321b012a..8a088d77a0b6 100644 --- a/block/bfq-iosched.c +++ b/block/bfq-iosched.c @@ -2337,10 +2337,17 @@ static bool bfq_bio_merge(struct request_queue *q, struct bio *bio, spin_lock_irq(&bfqd->lock); - if (bic) + if (bic) { + /* + * Make sure cgroup info is uptodate for current process before + * considering the merge. + */ + bfq_bic_update_cgroup(bic, bio); + bfqd->bio_bfqq = bic_to_bfqq(bic, op_is_sync(bio->bi_opf)); - else + } else { bfqd->bio_bfqq = NULL; + } bfqd->bio_bic = bic; ret = blk_mq_sched_try_merge(q, bio, nr_segs, &free);