Re: [PATCH v2] sched/psi: fix race between file release and pressure write

Next message: Barry Song: "Re: [PATCH v4 06/14] mm/mglru: use a smaller batch for reclaim"
Previous message: Yury Norov: "Re: [PATCH 1/1] bitfield.h: Ensure FIELD_PREP_CONST() is constant"
In reply to: Tejun Heo: "Re: [PATCH v2] sched/psi: fix race between file release and pressure write"
Next in thread: Tejun Heo: "Re: [PATCH v2] sched/psi: fix race between file release and pressure write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Edward Adam Davis

Date: Sat Apr 11 2026 - 00:26:18 EST

On Fri, 10 Apr 2026 09:14:05 -1000, Tejun Heo wrote:
> > static ssize_t pressure_write(struct kernfs_open_file *of, char *buf,
> > size_t nbytes, enum psi_res res)
> > {
> > - struct cgroup_file_ctx *ctx = of->priv;
> > + struct cgroup_file_ctx *ctx;
> > struct psi_trigger *new;
> > struct cgroup *cgrp;
> > struct psi_group *psi;
> > + ssize_t ret = 0;
> >
> > cgrp = cgroup_kn_lock_live(of->kn, false);
> > if (!cgrp)
> > return -ENODEV;
> >
> > + ctx = of->priv;
> > + if (!ctx) {
>
> This test likely isn't necessary but that's pre-existing.
Where?
Are you referring to the check for of->released within:
'kernfs_fop_write_iter()->kernfs_get_active_of()'? This check is not
performed under the protection of the cgroup_mutex; consequently, it
is susceptible to race conditions, rendering the value unreliable, as
it could be updated at any moment.
>
> > + ret = -ENODEV;
> > + goto out_unlock;
> > + }
> > +
> > cgroup_get(cgrp);
>
> We don't need get/put if we don't drop the mutex, right?
I believe that is indeed the case; the cgroup_get() call here is intended
to facilitate subsequent operations, such as executing an smp store.

Edward
BR