• Dennis Zhou's avatar
    blkcg: fix ref count issue with bio_blkcg() using task_css · 0fe061b9
    Dennis Zhou authored
    The bio_blkcg() function turns out to be inconsistent and consequently
    dangerous to use. The first part returns a blkcg where a reference is
    owned by the bio meaning it does not need to be rcu protected. However,
    the third case, the last line, is problematic:
    
    	return css_to_blkcg(task_css(current, io_cgrp_id));
    
    This can race against task migration and the cgroup dying. It is also
    semantically different as it must be called rcu protected and is
    susceptible to failure when trying to get a reference to it.
    
    This patch adds association ahead of calling bio_blkcg() rather than
    after. This makes association a required and explicit step along the
    code paths for calling bio_blkcg(). In blk-iolatency, association is
    moved above the bio_blkcg() call to ensure it will not return %NULL.
    
    BFQ uses the old bio_blkcg() function, but I do not want to address it
    in this series due to the complexity. I have created a private version
    documenting the inconsistency and noting not to use it.
    Signed-off-by: default avatarDennis Zhou <dennis@kernel.org>
    Acked-by: default avatarTejun Heo <tj@kernel.org>
    Reviewed-by: default avatarJosef Bacik <josef@toxicpanda.com>
    Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
    0fe061b9
bfq-cgroup.c 33.5 KB