Re: [PATCH 02/12] workqueue: disallow set_cpus_allowed_ptr() from work item
On Thu, Sep 27, 2012 at 01:20:33AM +0800, Lai Jiangshan wrote: > workers depend on local-wake-up, if a work function change its CPU, it will > corrupt workqueue, disallow this behavior. > > When set_cpus_allowed_ptr() is called from workqueue.c in worker_thread(), > we clear the PF_WQ_WORKER before set_cpus_allowed_ptr() and set it back > after. (rescuer thread has no PF_WQ_WORKER, skip this behavior) > > It prevents other/future BUGs like > https://bugzilla.kernel.org/show_bug.cgi?id=47301. Hmmm... maybe. We better clear up PF_THREAD_BOUND semantics first tho. I think the two possible choices are, * Don't allow set_cpus_allowed_ptr() at all and make the caller responsible for turning it off if it explicitly wants to change cpus_allowed. * Don't allow changing affinity from userland. Peter, Thomas? -- tejun -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 02/12] workqueue: disallow set_cpus_allowed_ptr() from work item
workers depend on local-wake-up, if a work function change its CPU, it will corrupt workqueue, disallow this behavior. When set_cpus_allowed_ptr() is called from workqueue.c in worker_thread(), we clear the PF_WQ_WORKER before set_cpus_allowed_ptr() and set it back after. (rescuer thread has no PF_WQ_WORKER, skip this behavior) It prevents other/future BUGs like https://bugzilla.kernel.org/show_bug.cgi?id=47301. CC: tangchen Signed-off-by: Lai Jiangshan --- kernel/sched/core.c |8 +--- kernel/workqueue.c | 10 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index d325c4b..355d3cc 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -5187,9 +5187,11 @@ int set_cpus_allowed_ptr(struct task_struct *p, const struct cpumask *new_mask) goto out; } - if (unlikely((p->flags & PF_THREAD_BOUND) && p != current)) { - ret = -EINVAL; - goto out; + if (unlikely(p->flags & PF_THREAD_BOUND)) { + if (WARN_ON_ONCE(p->flags & PF_WQ_WORKER) || p != current) { + ret = -EINVAL; + goto out; + } } do_set_cpus_allowed(p, new_mask); diff --git a/kernel/workqueue.c b/kernel/workqueue.c index ec882a6..c55884d 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c @@ -1600,6 +1600,7 @@ __acquires(>lock) struct global_cwq *gcwq = worker->pool->gcwq; struct task_struct *task = worker->task; + BUG_ON(task != current); while (true) { /* * The following call may fail, succeed or succeed @@ -1607,9 +1608,16 @@ __acquires(>lock) * it races with cpu hotunplug operation. Verify * against GCWQ_DISASSOCIATED. */ - if (!(gcwq->flags & GCWQ_DISASSOCIATED)) + if (!(gcwq->flags & GCWQ_DISASSOCIATED)) { + if (!(worker->flags & WORKER_RESCUER)) + task->flags &= ~PF_WQ_WORKER; + set_cpus_allowed_ptr(task, get_cpu_mask(gcwq->cpu)); + if (!(worker->flags & WORKER_RESCUER)) + task->flags |= PF_WQ_WORKER; + } + spin_lock_irq(>lock); if (gcwq->flags & GCWQ_DISASSOCIATED) return false; -- 1.7.7.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 02/12] workqueue: disallow set_cpus_allowed_ptr() from work item
workers depend on local-wake-up, if a work function change its CPU, it will corrupt workqueue, disallow this behavior. When set_cpus_allowed_ptr() is called from workqueue.c in worker_thread(), we clear the PF_WQ_WORKER before set_cpus_allowed_ptr() and set it back after. (rescuer thread has no PF_WQ_WORKER, skip this behavior) It prevents other/future BUGs like https://bugzilla.kernel.org/show_bug.cgi?id=47301. CC: tangchen tangc...@cn.fujitsu.com Signed-off-by: Lai Jiangshan la...@cn.fujitsu.com --- kernel/sched/core.c |8 +--- kernel/workqueue.c | 10 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index d325c4b..355d3cc 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -5187,9 +5187,11 @@ int set_cpus_allowed_ptr(struct task_struct *p, const struct cpumask *new_mask) goto out; } - if (unlikely((p-flags PF_THREAD_BOUND) p != current)) { - ret = -EINVAL; - goto out; + if (unlikely(p-flags PF_THREAD_BOUND)) { + if (WARN_ON_ONCE(p-flags PF_WQ_WORKER) || p != current) { + ret = -EINVAL; + goto out; + } } do_set_cpus_allowed(p, new_mask); diff --git a/kernel/workqueue.c b/kernel/workqueue.c index ec882a6..c55884d 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c @@ -1600,6 +1600,7 @@ __acquires(gcwq-lock) struct global_cwq *gcwq = worker-pool-gcwq; struct task_struct *task = worker-task; + BUG_ON(task != current); while (true) { /* * The following call may fail, succeed or succeed @@ -1607,9 +1608,16 @@ __acquires(gcwq-lock) * it races with cpu hotunplug operation. Verify * against GCWQ_DISASSOCIATED. */ - if (!(gcwq-flags GCWQ_DISASSOCIATED)) + if (!(gcwq-flags GCWQ_DISASSOCIATED)) { + if (!(worker-flags WORKER_RESCUER)) + task-flags = ~PF_WQ_WORKER; + set_cpus_allowed_ptr(task, get_cpu_mask(gcwq-cpu)); + if (!(worker-flags WORKER_RESCUER)) + task-flags |= PF_WQ_WORKER; + } + spin_lock_irq(gcwq-lock); if (gcwq-flags GCWQ_DISASSOCIATED) return false; -- 1.7.7.6 -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH 02/12] workqueue: disallow set_cpus_allowed_ptr() from work item
On Thu, Sep 27, 2012 at 01:20:33AM +0800, Lai Jiangshan wrote: workers depend on local-wake-up, if a work function change its CPU, it will corrupt workqueue, disallow this behavior. When set_cpus_allowed_ptr() is called from workqueue.c in worker_thread(), we clear the PF_WQ_WORKER before set_cpus_allowed_ptr() and set it back after. (rescuer thread has no PF_WQ_WORKER, skip this behavior) It prevents other/future BUGs like https://bugzilla.kernel.org/show_bug.cgi?id=47301. Hmmm... maybe. We better clear up PF_THREAD_BOUND semantics first tho. I think the two possible choices are, * Don't allow set_cpus_allowed_ptr() at all and make the caller responsible for turning it off if it explicitly wants to change cpus_allowed. * Don't allow changing affinity from userland. Peter, Thomas? -- tejun -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/