Re: Maybe a race window in cgroup.kill?

From: Michal Koutný
Date: Thu Jan 30 2025 - 04:26:23 EST

Next message: Aditya Kumar Singh: "Re: [PATCH v2] wifi: ath12k: remove return for empty tx bitrate in mac_op_sta_statistics"
Previous message: Andreas Schwab: "[PATCH] riscv/atomic: Do proper sign extension also for unsigned in arch_cmpxchg"
In reply to: Shakeel Butt: "Re: Maybe a race window in cgroup.kill?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 29, 2025 at 11:08:41AM -0800, Shakeel Butt <shakeel.butt@xxxxxxxxx> wrote:
> I think this is indeed the race though small. One way to fix this is by
> taking cgroup_threadgroup_rwsem in write mode in __cgroup_kill() as the
> fork side takes it in read mode from cgroup_can_fork() to
> cgroup_post_fork().

I don't see that cgroup_mutex and css_set_lock alone ensure the ordering
neither. cgroup_threadgroup_rwsem would be certain but heavy as you
write.

As I'm looking at it now, freezing is similar but shouldn't allow such a
child escape if k3' came before c6 since the CGRP_FREEZE (or
~CGRP_FREEZE) is permanent (until next operation).
That is IIUC basis for Shakeel's sequence approach too.
(CLONE_INTO_CGROUP should be fine thanks to cgroup_mutex.)

Thanks,
Michal

Attachment: signature.asc
Description: PGP signature

Next message: Aditya Kumar Singh: "Re: [PATCH v2] wifi: ath12k: remove return for empty tx bitrate in mac_op_sta_statistics"
Previous message: Andreas Schwab: "[PATCH] riscv/atomic: Do proper sign extension also for unsigned in arch_cmpxchg"
In reply to: Shakeel Butt: "Re: Maybe a race window in cgroup.kill?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]