Re: [PATCH BUGFIX] block, bfq: deschedule empty bfq_queues not referred by any process

[Paolo Valente]

> Il giorno 12 nov 2019, alle ore 16:23, Jens Axboe <axboe@xxxxxxxxx> ha scritto:
> 
> On 11/11/19 11:48 PM, Paolo Valente wrote:
>> Since commit 3726112ec731 ("block, bfq: re-schedule empty queues if
>> they deserve I/O plugging"), to prevent the service guarantees of a
>> bfq_queue from being violated, the bfq_queue may be left busy, i.e.,
>> scheduled for service, even if empty (see comments in
>> __bfq_bfqq_expire() for details). But, if no process will send
>> requests to the bfq_queue any longer, then there is no point in
>> keeping the bfq_queue scheduled for service.
>> 
>> In addition, keeping the bfq_queue scheduled for service, but with no
>> process reference any longer, may cause the bfq_queue to be freed when
>> descheduled from service. But this is assumed to never happen, and
>> causes a UAF if it happens. This, in turn, caused crashes [1, 2].
>> 
>> This commit fixes this issue by descheduling an empty bfq_queue when
>> it remains with not process reference.
>> 
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1767539
>> [2] https://bugzilla.kernel.org/show_bug.cgi?id=205447
> 
> Applied, thanks.
> 

That was fast (thanks)!  Some people are testing this, with no more
hangs, and no new issues, so far.

BTW, could you reply to the hung thread on finally fixing BFQ's
cgroups interface [1]?

Thanks,
Paolo

[1] https://lkml.org/lkml/2019/10/1/1252

> -- 
> Jens Axboe