Re: [PATCH v2 5/6] sched: Use rq->rd in sched_setaffinity() under RCU read lock
From: Kirill Tkhai
Date: Mon Sep 22 2014 - 14:34:58 EST
22.09.2014, 22:32, "Kirill Tkhai" <tkhai@xxxxxxxxx>:
> From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
>
> task_rq(p)->rd and task_rq(p)->rd->span may be used-after-free here.
> Probability of NULL pointer derefference isn't zero in this place.
Wrong comment, sorry. I'll resend
>
> Signed-off-by: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
> Cc: <stable@xxxxxxxxxxxxxxx> # v3.14+
> ---
> kernel/sched/core.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index 3b07710..643ee99 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -4023,13 +4023,14 @@ long sched_setaffinity(pid_t pid, const struct cpumask *in_mask)
> * root_domain.
> */
> #ifdef CONFIG_SMP
> - if (task_has_dl_policy(p)) {
> - const struct cpumask *span = task_rq(p)->rd->span;
> -
> - if (dl_bandwidth_enabled() && !cpumask_subset(span, new_mask)) {
> + if (task_has_dl_policy(p) && dl_bandwidth_enabled()) {
> + rcu_read_lock();
> + if (!cpumask_subset(task_rq(p)->rd->span, new_mask)) {
> retval = -EBUSY;
> + rcu_read_unlock();
> goto out_free_new_mask;
> }
> + rcu_read_unlock();
> }
> #endif
> again:
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/