Date: Mon, 6 Feb 2023 19:07:52 GMT From: Dmitry Chagin <dchagin@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 11ade1dffc8d - stable/13 - cpuset: Handle CPU_WHICH_TIDPID wherever cpuset_which() is called. Message-ID: <202302061907.316J7q2N077060@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by dchagin: URL: https://cgit.FreeBSD.org/src/commit/?id=11ade1dffc8dbdcf2541b2f9b2da61a998ccafc7 commit 11ade1dffc8dbdcf2541b2f9b2da61a998ccafc7 Author: Dmitry Chagin <dchagin@FreeBSD.org> AuthorDate: 2023-01-30 16:28:54 +0000 Commit: Dmitry Chagin <dchagin@FreeBSD.org> CommitDate: 2023-02-06 19:06:31 +0000 cpuset: Handle CPU_WHICH_TIDPID wherever cpuset_which() is called. cpuset_which() resolves the argument pair which and id and returns references to an appropriate resources. To avoid leaking resources or accessing unresolved references to a resources handle new which CPU_WHICH_TIDPID wherever cpuset_which() is called. To avoid code duplication cpuset_which2() has been added. Reported by: syzbot+331e8402e0f7347f0f2a@syzkaller.appspotmail.com Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D38272 MFC after: 2 weeks (cherry picked from commit 2058f075b4afc543b8735599bea7278e37b2e9f9) --- sys/kern/kern_cpuset.c | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/sys/kern/kern_cpuset.c b/sys/kern/kern_cpuset.c index 1c8fa09cc224..dfc32d01295e 100644 --- a/sys/kern/kern_cpuset.c +++ b/sys/kern/kern_cpuset.c @@ -150,6 +150,8 @@ SYSCTL_UINT(_kern_sched, OID_AUTO, cpusetsizemin, cpuset_t *cpuset_root; cpuset_t cpuset_domain[MAXMEMDOM]; +static int cpuset_which2(cpuwhich_t *, id_t, struct proc **, struct thread **, + struct cpuset **); static int domainset_valid(const struct domainset *, const struct domainset *); /* @@ -988,6 +990,20 @@ cpuset_which(cpuwhich_t which, id_t id, struct proc **pp, struct thread **tdp, return (0); } +static int +cpuset_which2(cpuwhich_t *which, id_t id, struct proc **pp, struct thread **tdp, + struct cpuset **setp) +{ + + if (*which == CPU_WHICH_TIDPID) { + if (id == -1 || id > PID_MAX) + *which = CPU_WHICH_TID; + else + *which = CPU_WHICH_PID; + } + return (cpuset_which(*which, id, pp, tdp, setp)); +} + static int cpuset_testshadow(struct cpuset *set, const cpuset_t *mask, const struct domainset *domain) @@ -1902,6 +1918,7 @@ kern_cpuset_getid(struct thread *td, cpulevel_t level, cpuwhich_t which, switch (which) { case CPU_WHICH_TID: case CPU_WHICH_PID: + case CPU_WHICH_TIDPID: thread_lock(ttd); set = cpuset_refbase(ttd->td_cpuset); thread_unlock(ttd); @@ -1963,7 +1980,7 @@ kern_cpuset_getaffinity(struct thread *td, cpulevel_t level, cpuwhich_t which, error = cpuset_check_capabilities(td, level, which, id); if (error != 0) return (error); - error = cpuset_which(which, id, &p, &ttd, &set); + error = cpuset_which2(&which, id, &p, &ttd, &set); if (error != 0) return (error); switch (level) { @@ -2006,19 +2023,6 @@ kern_cpuset_getaffinity(struct thread *td, cpulevel_t level, cpuwhich_t which, thread_unlock(ttd); } break; - case CPU_WHICH_TIDPID: - if (id > PID_MAX || id == -1) { - thread_lock(ttd); - CPU_COPY(&ttd->td_cpuset->cs_mask, mask); - thread_unlock(ttd); - break; - } - FOREACH_THREAD_IN_PROC(p, ttd) { - thread_lock(ttd); - CPU_OR(mask, mask, &ttd->td_cpuset->cs_mask); - thread_unlock(ttd); - } - break; case CPU_WHICH_CPUSET: case CPU_WHICH_JAIL: CPU_COPY(&set->cs_mask, mask); @@ -2138,6 +2142,7 @@ kern_cpuset_setaffinity(struct thread *td, cpulevel_t level, cpuwhich_t which, switch (which) { case CPU_WHICH_TID: case CPU_WHICH_PID: + case CPU_WHICH_TIDPID: thread_lock(ttd); set = cpuset_ref(ttd->td_cpuset); thread_unlock(ttd); @@ -2283,7 +2288,7 @@ kern_cpuset_getdomain(struct thread *td, cpulevel_t level, cpuwhich_t which, return (error); mask = malloc(domainsetsize, M_TEMP, M_WAITOK | M_ZERO); bzero(&outset, sizeof(outset)); - error = cpuset_which(which, id, &p, &ttd, &set); + error = cpuset_which2(&which, id, &p, &ttd, &set); if (error) goto out; switch (level) { @@ -2475,6 +2480,7 @@ kern_cpuset_setdomain(struct thread *td, cpulevel_t level, cpuwhich_t which, switch (which) { case CPU_WHICH_TID: case CPU_WHICH_PID: + case CPU_WHICH_TIDPID: thread_lock(ttd); set = cpuset_ref(ttd->td_cpuset); thread_unlock(ttd); @@ -2506,6 +2512,13 @@ kern_cpuset_setdomain(struct thread *td, cpulevel_t level, cpuwhich_t which, case CPU_WHICH_PID: error = cpuset_setproc(id, NULL, NULL, &domain, false); break; + case CPU_WHICH_TIDPID: + if (id > PID_MAX || id == -1) + error = _cpuset_setthread(id, NULL, &domain); + else + error = cpuset_setproc(id, NULL, NULL, &domain, + false); + break; case CPU_WHICH_CPUSET: case CPU_WHICH_JAIL: error = cpuset_which(which, id, &p, &ttd, &set);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302061907.316J7q2N077060>