diff options
author | Srivatsa Vaddagiri <vatsa@in.ibm.com> | 2007-05-08 09:27:25 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-05-08 20:15:05 +0200 |
commit | dd9037a26a1e6ebec9121b4681c414dc77189a90 (patch) | |
tree | cbce9dc3406943b0026a5de01bd64d42714a9413 | |
parent | make remove_inode_dquot_ref() static (diff) | |
download | linux-dd9037a26a1e6ebec9121b4681c414dc77189a90.tar.xz linux-dd9037a26a1e6ebec9121b4681c414dc77189a90.zip |
Fix race between attach_task and cpuset_exit
Currently cpuset_exit() changes the exiting task's ->cpuset pointer w/o
taking task_lock(). This can lead to ugly races between attach_task and
cpuset_exit. Details of the races are described at
http://lkml.org/lkml/2007/3/24/132.
Patch below closes those races.
Signed-off-by: Srivatsa Vaddagiri <vatsa@in.ibm.com>
Cc: Paul Jackson <pj@sgi.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Menage <menage@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | kernel/cpuset.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/kernel/cpuset.c b/kernel/cpuset.c index d240349cbf0f..bde714db2b26 100644 --- a/kernel/cpuset.c +++ b/kernel/cpuset.c @@ -2200,10 +2200,6 @@ void cpuset_fork(struct task_struct *child) * it is holding that mutex while calling check_for_release(), * which calls kmalloc(), so can't be called holding callback_mutex(). * - * We don't need to task_lock() this reference to tsk->cpuset, - * because tsk is already marked PF_EXITING, so attach_task() won't - * mess with it, or task is a failed fork, never visible to attach_task. - * * the_top_cpuset_hack: * * Set the exiting tasks cpuset to the root cpuset (top_cpuset). @@ -2242,8 +2238,10 @@ void cpuset_exit(struct task_struct *tsk) { struct cpuset *cs; + task_lock(current); cs = tsk->cpuset; tsk->cpuset = &top_cpuset; /* the_top_cpuset_hack - see above */ + task_unlock(current); if (notify_on_release(cs)) { char *pathbuf = NULL; |