Re: [local DoS] Re: Linux 2.6.24-rc4

From: Ingo Molnar
Date: Tue Dec 04 2007 - 11:09:20 EST

Next message: infowebbbe3: "MRS GREGGE VAN DER HOOFD."
Previous message: Eric Paris: "[PATCH] VM/Security: add security hook to do_brk"
In reply to: Luiz Fernando N. Capitulino: "Re: [local DoS] Re: Linux 2.6.24-rc4"
Next in thread: Ingo Molnar: "[git pull] scheduler fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Luiz Fernando N. Capitulino <lcapitulino@xxxxxxxxxxxxxxx> wrote:

> | The problem is on SMP: if sched_rr_get_interval() gets a task from
> | an otherwise idle runqueue, then rq->load.weight is 0. Normally
> | sched_slice() is only used on a busy runqueue. So the correct fixup
> | site is not in sched_slice() but in sys_sched_rr_get_interval() -
> | i'm working on the right fix, i hope to be able to send a pull
> | request in a few minutes.
>
> Ingo, I can reproduce this w/o SMP support as well.

hm, if you run this as an RT task, right? Or can you trigger it via pure
SCHED_OTHER tasks as well? Below is my candidate fix.

Ingo

--------------->
Subject: sched: fix crash in sys_sched_rr_get_interval()
From: Ingo Molnar <mingo@xxxxxxx>

Luiz Fernando N. Capitulino reported that sched_rr_get_interval()
crashes for SCHED_OTHER tasks that are on an idle runqueue.

The fix is to return a 0 timeslice for tasks that are on an idle
runqueue. (and which are not running, obviously)

Reported-by: Luiz Fernando N. Capitulino <lcapitulino@xxxxxxxxxxxxxxx>
Signed-off-by: Ingo Molnar <mingo@xxxxxxx>
---
kernel/sched.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)

Index: linux/kernel/sched.c
===================================================================
--- linux.orig/kernel/sched.c
+++ linux/kernel/sched.c
@@ -4850,17 +4850,21 @@ long sys_sched_rr_get_interval(pid_t pid
if (retval)
goto out_unlock;

- if (p->policy == SCHED_FIFO)
- time_slice = 0;
- else if (p->policy == SCHED_RR)
+ /*
+ * Time slice is 0 for SCHED_FIFO tasks and for SCHED_OTHER
+ * tasks that are on an otherwise idle runqueue:
+ */
+ time_slice = 0;
+ if (p->policy == SCHED_RR) {
time_slice = DEF_TIMESLICE;
- else {
+ } else {
struct sched_entity *se = &p->se;
unsigned long flags;
struct rq *rq;

rq = task_rq_lock(p, &flags);
- time_slice = NS_TO_JIFFIES(sched_slice(cfs_rq_of(se), se));
+ if (rq->cfs.load.weight)
+ time_slice = NS_TO_JIFFIES(sched_slice(&rq->cfs, se));
task_rq_unlock(rq, &flags);
}
read_unlock(&tasklist_lock);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: infowebbbe3: "MRS GREGGE VAN DER HOOFD."
Previous message: Eric Paris: "[PATCH] VM/Security: add security hook to do_brk"
In reply to: Luiz Fernando N. Capitulino: "Re: [local DoS] Re: Linux 2.6.24-rc4"
Next in thread: Ingo Molnar: "[git pull] scheduler fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]