On Fri, Jan 24, 2020 at 2:56 PM Suren Baghdasaryan surenb@google.com wrote:
On Fri, Jan 24, 2020 at 3:40 AM Michal Koutný mkoutny@suse.com wrote:
PF_EXITING is set earlier than actual removal from css_set when a task is exitting. This can confuse cgroup.procs readers who see no PF_EXITING tasks, however, rmdir is checking against css_set membership so it can transitionally fail with EBUSY.
Fix this by listing tasks that weren't unlinked from css_set active lists. It may happen that other users of the task iterator (without CSS_TASK_ITER_PROCS) spot a PF_EXITING task before cgroup_exit(). This is equal to the state before commit c03cd7738a83 ("cgroup: Include dying leaders with live threads in PROCS iterations") but it may be reviewed later.
Reported-by: Suren Baghdasaryan surenb@google.com Fixes: c03cd7738a83 ("cgroup: Include dying leaders with live threads in PROCS iterations") Signed-off-by: Michal Koutný mkoutny@suse.com
include/linux/cgroup.h | 1 + kernel/cgroup/cgroup.c | 23 ++++++++++++++++------- 2 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index d7ddebd0cdec..e75d2191226b 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h @@ -62,6 +62,7 @@ struct css_task_iter { struct list_head *mg_tasks_head; struct list_head *dying_tasks_head;
struct list_head *cur_tasks_head; struct css_set *cur_cset; struct css_set *cur_dcset; struct task_struct *cur_task;diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 735af8f15f95..a6e3619e013b 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -4404,12 +4404,16 @@ static void css_task_iter_advance_css_set(struct css_task_iter *it) } } while (!css_set_populated(cset) && list_empty(&cset->dying_tasks));
if (!list_empty(&cset->tasks))
if (!list_empty(&cset->tasks)) { it->task_pos = cset->tasks.next;
else if (!list_empty(&cset->mg_tasks))
it->cur_tasks_head = &cset->tasks;} else if (!list_empty(&cset->mg_tasks)) { it->task_pos = cset->mg_tasks.next;
else
it->cur_tasks_head = &cset->mg_tasks;} else { it->task_pos = cset->dying_tasks.next;it->cur_tasks_head = &cset->dying_tasks;} it->tasks_head = &cset->tasks; it->mg_tasks_head = &cset->mg_tasks;@@ -4467,10 +4471,14 @@ static void css_task_iter_advance(struct css_task_iter *it) else it->task_pos = it->task_pos->next;
if (it->task_pos == it->tasks_head)
if (it->task_pos == it->tasks_head) { it->task_pos = it->mg_tasks_head->next;
if (it->task_pos == it->mg_tasks_head)
it->cur_tasks_head = it->mg_tasks_head;}if (it->task_pos == it->mg_tasks_head) { it->task_pos = it->dying_tasks_head->next;it->cur_tasks_head = it->dying_tasks_head;} if (it->task_pos == it->dying_tasks_head) css_task_iter_advance_css_set(it); } else {@@ -4489,11 +4497,12 @@ static void css_task_iter_advance(struct css_task_iter *it) goto repeat;
/* and dying leaders w/o live member threads */
if (!atomic_read(&task->signal->live))
if (it->cur_tasks_head == it->dying_tasks_head &&!atomic_read(&task->signal->live)) goto repeat; } else { /* skip all dying ones */
if (task->flags & PF_EXITING)
if (it->cur_tasks_head == it->dying_tasks_head) goto repeat; }}
2.24.1
Tested-by: Suren Baghdasaryan surenb@google.com
Thanks!
Hi Folks, If this new version looks good could we get an Ack please? I need to start backporting this fix to Android and would like a confirmation before doing so. Thanks!