Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1655393pxj; Wed, 19 May 2021 10:44:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwx6HcOwCXAskAzn8l2zNiUOqT5PctKO8++Ovo/m0NMM50idacfhF9Hkpaav6NcyRKlC0RX X-Received: by 2002:a17:906:590d:: with SMTP id h13mr299906ejq.169.1621446287934; Wed, 19 May 2021 10:44:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621446287; cv=none; d=google.com; s=arc-20160816; b=yFTv/Fa/GpRy1cyo1a0dXbe/UgQeE1/miRETRmlft72nI/yk/cwcJ1l5wWt+Qjx8m4 mYO1CQfQBydGiiGM3Bvjcasv5uR7p3QAPfjvy6YXXU9Dc/IDyX/W1hzMGjhWS3pNeL6e uFw0XHbFlfgc8gErHtrJaeGgylGhAlV/RHFUbt97LCEFPTQ7RakE3+uEDMZjy3Gq/dZM EO5oHKHxC5xFGSKqdbf9M7svWvynFsVc+Kw9kfShZ/qfDKlNEqeRWYuJVRGWTk1AGjPp gallpt607K48nRaWIgjTyMNX5ZS3lWEN/YtR5dTeD2HCT+sxINu5e6LZQvGc0uzSVOQo mWJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=dzRLRVMKxIMoLf6Q+b/8jkbjgkjftPiV2WnZBxrNtrM=; b=dgphEaSJlTmXyRf0ln/Jlro47NGq7dc/Q2TXrUr3Z3+Gau5w9n87zE/+n73FuaUxyW OWsY+LbtBQCzgI7nJ74Jj357HWLOwr02c4DNS2VsnM7rZnhzKTRkCiyxiF+KCoXEg9TH BLlYXt2Ic6N8mE13UC+dpZwpxc8/1X1Z4NIi5VaUuE6vB0XjhHgjUVBgJsYEc8CeUPEW /qRN2TxVqkpnoo3uGzKaI4oFGbfR9FKKCuWp+kH3HuKo4g84rp/Fk7IRJaD1oyou30iW P1p/4SevOZGQNJWTS8nbQlY4a8ZVRmnl1kqYpGu/WPiSywxKYvsviVtrufopBtKO9GkE iK0g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fEetJlCz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bz25si318703ejc.295.2021.05.19.10.44.24; Wed, 19 May 2021 10:44:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fEetJlCz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243314AbhERJua (ORCPT + 99 others); Tue, 18 May 2021 05:50:30 -0400 Received: from mail.kernel.org ([198.145.29.99]:50270 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348056AbhERJte (ORCPT ); Tue, 18 May 2021 05:49:34 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id DE8E2613DB; Tue, 18 May 2021 09:48:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1621331297; bh=P87T2EfUL7peRiOL9j9h5VxX48Zfl+w2CWwNb/BHI/k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fEetJlCzqOez2e7J4B7XUnVnt3Uw1kt/v1RkvMkHpV/oc7I5qwF1IVj6EnkT8iqqu ezAtVrzs18o6PT/4U5I84PqtvXE6xaKZ7aEuHQMXidCvT6jjTsKVAvWxqZ1PdcAC/A UpZOBjToLwld7ULDIUXBJJyIP7S+IsVEB5NjUB3vpaiLa+LvdrYTftk5SnnYYmOSWb aKCvIGouAjn/2Y9kl02SmS/558f/bw3p1qgkUGNUS7+S9M+KFJTLwYwFXQyQj4a/cw DFUQABCuIHoe8TI51N+iNHceWzLnEpr4w/Q5eUA9sMI+tri175AxAZAMCkrIUjVc0i SR0zvVxQpNJ0A== From: Will Deacon To: linux-arm-kernel@lists.infradead.org Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, Will Deacon , Catalin Marinas , Marc Zyngier , Greg Kroah-Hartman , Peter Zijlstra , Morten Rasmussen , Qais Yousef , Suren Baghdasaryan , Quentin Perret , Tejun Heo , Li Zefan , Johannes Weiner , Ingo Molnar , Juri Lelli , Vincent Guittot , "Rafael J. Wysocki" , kernel-team@android.com Subject: [PATCH v6 11/21] sched: Split the guts of sched_setaffinity() into a helper function Date: Tue, 18 May 2021 10:47:15 +0100 Message-Id: <20210518094725.7701-12-will@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210518094725.7701-1-will@kernel.org> References: <20210518094725.7701-1-will@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In preparation for replaying user affinity requests using a saved mask, split sched_setaffinity() up so that the initial task lookup and security checks are only performed when the request is coming directly from userspace. Signed-off-by: Will Deacon --- kernel/sched/core.c | 110 +++++++++++++++++++++++--------------------- 1 file changed, 58 insertions(+), 52 deletions(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index 9512623d5a60..808bbe669a6d 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -6788,9 +6788,61 @@ SYSCALL_DEFINE4(sched_getattr, pid_t, pid, struct sched_attr __user *, uattr, return retval; } -long sched_setaffinity(pid_t pid, const struct cpumask *in_mask) +static int +__sched_setaffinity(struct task_struct *p, const struct cpumask *mask) { + int retval; cpumask_var_t cpus_allowed, new_mask; + + if (!alloc_cpumask_var(&cpus_allowed, GFP_KERNEL)) + return -ENOMEM; + + if (!alloc_cpumask_var(&new_mask, GFP_KERNEL)) + return -ENOMEM; + + cpuset_cpus_allowed(p, cpus_allowed); + cpumask_and(new_mask, mask, cpus_allowed); + + /* + * Since bandwidth control happens on root_domain basis, + * if admission test is enabled, we only admit -deadline + * tasks allowed to run on all the CPUs in the task's + * root_domain. + */ +#ifdef CONFIG_SMP + if (task_has_dl_policy(p) && dl_bandwidth_enabled()) { + rcu_read_lock(); + if (!cpumask_subset(task_rq(p)->rd->span, new_mask)) { + retval = -EBUSY; + rcu_read_unlock(); + goto out_free_masks; + } + rcu_read_unlock(); + } +#endif +again: + retval = __set_cpus_allowed_ptr(p, new_mask, SCA_CHECK); + if (retval) + goto out_free_masks; + + cpuset_cpus_allowed(p, cpus_allowed); + if (!cpumask_subset(new_mask, cpus_allowed)) { + /* + * We must have raced with a concurrent cpuset update. + * Just reset the cpumask to the cpuset's cpus_allowed. + */ + cpumask_copy(new_mask, cpus_allowed); + goto again; + } + +out_free_masks: + free_cpumask_var(new_mask); + free_cpumask_var(cpus_allowed); + return retval; +} + +long sched_setaffinity(pid_t pid, const struct cpumask *in_mask) +{ struct task_struct *p; int retval; @@ -6810,68 +6862,22 @@ long sched_setaffinity(pid_t pid, const struct cpumask *in_mask) retval = -EINVAL; goto out_put_task; } - if (!alloc_cpumask_var(&cpus_allowed, GFP_KERNEL)) { - retval = -ENOMEM; - goto out_put_task; - } - if (!alloc_cpumask_var(&new_mask, GFP_KERNEL)) { - retval = -ENOMEM; - goto out_free_cpus_allowed; - } - retval = -EPERM; + if (!check_same_owner(p)) { rcu_read_lock(); if (!ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) { rcu_read_unlock(); - goto out_free_new_mask; + retval = -EPERM; + goto out_put_task; } rcu_read_unlock(); } retval = security_task_setscheduler(p); if (retval) - goto out_free_new_mask; - - - cpuset_cpus_allowed(p, cpus_allowed); - cpumask_and(new_mask, in_mask, cpus_allowed); - - /* - * Since bandwidth control happens on root_domain basis, - * if admission test is enabled, we only admit -deadline - * tasks allowed to run on all the CPUs in the task's - * root_domain. - */ -#ifdef CONFIG_SMP - if (task_has_dl_policy(p) && dl_bandwidth_enabled()) { - rcu_read_lock(); - if (!cpumask_subset(task_rq(p)->rd->span, new_mask)) { - retval = -EBUSY; - rcu_read_unlock(); - goto out_free_new_mask; - } - rcu_read_unlock(); - } -#endif -again: - retval = __set_cpus_allowed_ptr(p, new_mask, SCA_CHECK); + goto out_put_task; - if (!retval) { - cpuset_cpus_allowed(p, cpus_allowed); - if (!cpumask_subset(new_mask, cpus_allowed)) { - /* - * We must have raced with a concurrent cpuset - * update. Just reset the cpus_allowed to the - * cpuset's cpus_allowed - */ - cpumask_copy(new_mask, cpus_allowed); - goto again; - } - } -out_free_new_mask: - free_cpumask_var(new_mask); -out_free_cpus_allowed: - free_cpumask_var(cpus_allowed); + retval = __sched_setaffinity(p, in_mask); out_put_task: put_task_struct(p); return retval; -- 2.31.1.751.gd2f1c929bd-goog