Re: [PATCH-block v2 1/3] bdi, blk-cgroup: Fix potential UAF of blkcg

From: Waiman Long
Date: Mon Dec 12 2022 - 17:17:51 EST

Next message: Josh Don: "Re: [PATCH 31/31] sched_ext: Add a rust userspace hybrid example scheduler"
Previous message: Jason A. Donenfeld: "Re: [GIT PULL] non-MM commits for 6.2-rc1"
In reply to: Tejun Heo: "Re: [PATCH-block v2 1/3] bdi, blk-cgroup: Fix potential UAF of blkcg"
Next in thread: Waiman Long: "[PATCH-block v2 3/3] blk-cgroup: Flush stats at blkgs destruction path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/12/22 17:13, Tejun Heo wrote:

On Sun, Dec 11, 2022 at 05:20:56PM -0500, Waiman Long wrote:

static void blkcg_destroy_blkgs(struct blkcg *blkcg)
{
+ /*
+ * blkcg_destroy_blkgs() shouldn't be called with all the blkcg
+ * references gone.
+ */
+ if (WARN_ON_ONCE(!css_tryget(&blkcg->css)))
+ return;

Wouldn't it make more sense to use percpu_ref_is_zero()? It's not like the
obtained extra reference does anything, right?

Yes, that makes sense. Will incorporate the change in the next version.

Thanks,
Longman

Next message: Josh Don: "Re: [PATCH 31/31] sched_ext: Add a rust userspace hybrid example scheduler"
Previous message: Jason A. Donenfeld: "Re: [GIT PULL] non-MM commits for 6.2-rc1"
In reply to: Tejun Heo: "Re: [PATCH-block v2 1/3] bdi, blk-cgroup: Fix potential UAF of blkcg"
Next in thread: Waiman Long: "[PATCH-block v2 3/3] blk-cgroup: Flush stats at blkgs destruction path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]