• Tejun Heo's avatar
    cgroup: cgroup_subsys->fork() should be called after the task is added to css_set · 5edee61e
    Tejun Heo authored
    cgroup core has a bug which violates a basic rule about event
    notifications - when a new entity needs to be added, you add that to
    the notification list first and then make the new entity conform to
    the current state.  If done in the reverse order, an event happening
    inbetween will be lost.
    
    cgroup_subsys->fork() is invoked way before the new task is added to
    the css_set.  Currently, cgroup_freezer is the only user of ->fork()
    and uses it to make new tasks conform to the current state of the
    freezer.  If FROZEN state is requested while fork is in progress
    between cgroup_fork_callbacks() and cgroup_post_fork(), the child
    could escape freezing - the cgroup isn't frozen when ->fork() is
    called and the freezer couldn't see the new task on the css_set.
    
    This patch moves cgroup_subsys->fork() invocation to
    cgroup_post_fork() after the new task is added to the css_set.
    cgroup_fork_callbacks() is removed.
    
    Because now a task may be migrated during cgroup_subsys->fork(),
    freezer_fork() is updated so that it adheres to the usual RCU locking
    and the rather pointless comment on why locking can be different there
    is removed (if it doesn't make anything simpler, why even bother?).
    Signed-off-by: default avatarTejun Heo <tj@kernel.org>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: Rafael J. Wysocki <rjw@sisk.pl>
    Cc: stable@vger.kernel.org
    5edee61e
fork.c 43.8 KB