[Devel,RHEL7,COMMIT] ve/sched: Dereference resched_next on next task's stack

Submitted by Konstantin Khorenko on Dec. 8, 2016, 1:45 p.m.

Details

Message ID 201612081345.uB8DjurN003366@finist_cl7.x64_64.work.ct
State New
Series "sched: Dereference resched_next on next task's stack"
Headers show

Commit Message

Konstantin Khorenko Dec. 8, 2016, 1:45 p.m.
The commit is pushed to "branch-rh7-3.10.0-327.36.1.vz7.20.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-327.36.1.vz7.20.12
------>
commit 53fc9a189617835a17b831512f1f93515c4719aa
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Thu Dec 8 17:45:56 2016 +0400

    ve/sched: Dereference resched_next on next task's stack
    
    When we dereference it before context switch, the read value
    just caches in prev task's stack. Later, the prev task may
    wake up in any cpu, so the value became useless.
    
    https://jira.sw.ru/browse/PSBM-56984
    
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
    
    khorenko@: this fixes our priority inversion defense in kernel.
---
 kernel/sched/core.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Patch hide | download patch | download mbox

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index ccc826a..384373c 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -3443,9 +3443,6 @@  need_resched:
 	clear_tsk_need_resched(prev);
 	rq->skip_clock_update = 0;
 
-	resched_next = rq->resched_next;
-	rq->resched_next = 0;
-
 	if (likely(prev != next)) {
 		rq->nr_switches++;
 		rq->curr = next;
@@ -3465,8 +3462,11 @@  need_resched:
 
 	post_schedule(rq);
 
-	if (resched_next)
+	resched_next = READ_ONCE(rq->resched_next);
+	if (resched_next) {
 		set_tsk_need_resched(current);
+		rq->resched_next = 0;
+	}
 
 	sched_preempt_enable_no_resched();
 	if (!resched_next && need_resched())

Comments

Konstantin Khorenko Dec. 8, 2016, 1:47 p.m.
Please consider to RK.

--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team

On 12/08/2016 04:45 PM, Konstantin Khorenko wrote:
> The commit is pushed to "branch-rh7-3.10.0-327.36.1.vz7.20.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
> after rh7-3.10.0-327.36.1.vz7.20.12
> ------>
> commit 53fc9a189617835a17b831512f1f93515c4719aa
> Author: Kirill Tkhai <ktkhai@virtuozzo.com>
> Date:   Thu Dec 8 17:45:56 2016 +0400
>
>     ve/sched: Dereference resched_next on next task's stack
>
>     When we dereference it before context switch, the read value
>     just caches in prev task's stack. Later, the prev task may
>     wake up in any cpu, so the value became useless.
>
>     https://jira.sw.ru/browse/PSBM-56984
>
>     Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
>
>     khorenko@: this fixes our priority inversion defense in kernel.
> ---
>  kernel/sched/core.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index ccc826a..384373c 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -3443,9 +3443,6 @@ need_resched:
>  	clear_tsk_need_resched(prev);
>  	rq->skip_clock_update = 0;
>
> -	resched_next = rq->resched_next;
> -	rq->resched_next = 0;
> -
>  	if (likely(prev != next)) {
>  		rq->nr_switches++;
>  		rq->curr = next;
> @@ -3465,8 +3462,11 @@ need_resched:
>
>  	post_schedule(rq);
>
> -	if (resched_next)
> +	resched_next = READ_ONCE(rq->resched_next);
> +	if (resched_next) {
>  		set_tsk_need_resched(current);
> +		rq->resched_next = 0;
> +	}
>
>  	sched_preempt_enable_no_resched();
>  	if (!resched_next && need_resched())
> .
>