Re: [PATCH 1/1] sched/autogroup: Fix race with task_groups list

From: Peter Zijlstra
Date: Mon May 27 2013 - 05:03:57 EST

Next message: Marc Dietrich: "Re: [PATCH 1/2] SCSI: nsp32: replace large udelay by mdelay"
Previous message: Sascha Hauer: "Re: [PATCH] media: i2c: mt9p031: add OF support"
In reply to: Gerald Schaefer: "[PATCH 1/1] sched/autogroup: Fix race with task_groups list"
Next in thread: tip-bot for Gerald Schaefer: "[tip:sched/core] sched/autogroup: Fix race with task_groups list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 24, 2013 at 06:07:49PM +0200, Gerald Schaefer wrote:
> In autogroup_create(), a tg is allocated and added to the task_groups
> list. If CONFIG_RT_GROUP_SCHED is set, this tg is then modified while on
> the list, without locking. This can race with someone walking the list,
> like __enable_runtime() during CPU unplug, and result in a use-after-free
> bug.
>
> To fix this, move sched_online_group(), which adds the tg to the list,
> to the end of the autogroup_create() function after the modification.
>
> Signed-off-by: Gerald Schaefer <gerald.schaefer@xxxxxxxxxx>

Ah indeed, nice catch. Thanks!
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Marc Dietrich: "Re: [PATCH 1/2] SCSI: nsp32: replace large udelay by mdelay"
Previous message: Sascha Hauer: "Re: [PATCH] media: i2c: mt9p031: add OF support"
In reply to: Gerald Schaefer: "[PATCH 1/1] sched/autogroup: Fix race with task_groups list"
Next in thread: tip-bot for Gerald Schaefer: "[tip:sched/core] sched/autogroup: Fix race with task_groups list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]