Re: [RFC 2/1] kill task_ucounts()->rcu_read_lock(), add __task_ucounts()

From: Paul E. McKenney
Date: Mon Oct 27 2025 - 11:19:00 EST

Next message: Guangbo Cui: "Re: [PATCH v3 1/2] PCI/aer_inject: Convert inject_lock to raw_spinlock_t"
Previous message: Peter Griffin: "Re: [PATCH] media: c8sectpfe: fix probe device leaks"
In reply to: David Howells: "Re: [RFC 2/1] kill task_ucounts()->rcu_read_lock(), add __task_ucounts()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 27, 2025 at 02:55:56PM +0000, David Howells wrote:
> Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
>
> > So I think task_ucounts() can just do
> >
> > /* The caller must ensure that ->real_cred is stable or take rcu_read_lock() */
> > #define task_ucounts(task) \
> > rcu_dereference_check((task)->real_cred, 1)->ucounts
>
> Can you use rcu_access_pointer() within exit.c? E.g.:
>
> struct cred *pcreds = rcu_access_pointer(task->real_cred);
> dec_rlimit_ucounts(pcreds->ucounts, UCOUNT_RLIMIT_NPROC, 1);

No go, unfortunately. You can only use rcu_access_pointer() if you are
*not* dereferencing it. And here, dereferencing is happening.

However, if there is some mutex that is preventing changes to ->real_cred,
then something like this would work:

struct cred *pcreds = rcu_dereference_protected(task->real_cred mutex_is_locked(&whatever));

Alternatively, if this is due to the running kthread being in some
state, then a check for that state can be substituted for the above
mutex_is_locked(). And so on.

Thanx, Paul

Next message: Guangbo Cui: "Re: [PATCH v3 1/2] PCI/aer_inject: Convert inject_lock to raw_spinlock_t"
Previous message: Peter Griffin: "Re: [PATCH] media: c8sectpfe: fix probe device leaks"
In reply to: David Howells: "Re: [RFC 2/1] kill task_ucounts()->rcu_read_lock(), add __task_ucounts()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]