Re: [PATCH] fs/resctrl: Fix use-after-free in resctrl_offline_mon_domain()

Next message: Stanislav Kinsburskii: "[PATCH v4 18/18] mshv: Fix missing error code on VP allocation failure"
Previous message: Matt Evans: "Re: [PATCH 2/9] vfio/pci: Add a helper to look up PFNs for DMABUFs"
In reply to: Luck, Tony: "RE: [PATCH] fs/resctrl: Fix use-after-free in resctrl_offline_mon_domain()"
Next in thread: Reinette Chatre: "Re: [PATCH] fs/resctrl: Fix use-after-free in resctrl_offline_mon_domain()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Luck, Tony

Date: Thu May 07 2026 - 11:49:18 EST

On Wed, May 06, 2026 at 11:24:30AM -0700, Reinette Chatre wrote:
> diff --git a/fs/resctrl/rdtgroup.c b/fs/resctrl/rdtgroup.c
> index 02f87c4bc03c..cc8620ace7ed 100644
> --- a/fs/resctrl/rdtgroup.c
> +++ b/fs/resctrl/rdtgroup.c
> @@ -4539,8 +4539,19 @@ void resctrl_offline_cpu(unsigned int cpu)
> d = get_mon_domain_from_cpu(cpu, l3);
> if (d) {
> if (resctrl_is_mbm_enabled() && cpu == d->mbm_work_cpu) {
> - cancel_delayed_work(&d->mbm_over);
> - mbm_setup_overflow_handler(d, 0, cpu);
> + if (cancel_delayed_work(&d->mbm_over)) {
> + mbm_setup_overflow_handler(d, 0, cpu);

Per your comment[1] should this "0" also be MBM_OVERFLOW_INTERVAL?

Does the same "delay 0 is magic, ignore the cpu argument and run right away" apply?

> + } else {
> + /*
> + * Unable to schedule work on new CPU if it
> + * is currently running since the re-schedule
> + * will just force new work to run on
> + * current CPU. Mark domain's worker as
> + * needing to be rescheduled to be handled
> + * by worker itself.
> + */
> + d->mbm_work_cpu = nr_cpu_ids;
> + }
> }
> if (resctrl_is_mon_event_enabled(QOS_L3_OCCUP_EVENT_ID) &&
> cpu == d->cqm_work_cpu && has_busy_rmid(d)) {

-Tony

Link: https://lore.kernel.org/all/389bd92c-47ba-46af-81cb-9b669533b1fe@xxxxxxxxx/ [1]