Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1236323rwi; Mon, 10 Oct 2022 13:16:09 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7T+003h7OXV6m6P7d/d5jmm1d9JMLbWyZ/NSrYNsMeSKQDiTdrm165fwQCuKJG7gQlSMRH X-Received: by 2002:a50:cc07:0:b0:453:4427:a918 with SMTP id m7-20020a50cc07000000b004534427a918mr19366940edi.121.1665432968847; Mon, 10 Oct 2022 13:16:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665432968; cv=none; d=google.com; s=arc-20160816; b=krmtV5cFu2NT1cY0Vff5Zh6/PiZzZl7kH80tjLUx0ng0HIqkdodA3mjYHeL3PwSEQX 9V3+14Ng7Em2sMH009NLmg3TUkFNs8uR+NNGxczHdVywgr4IMe3vgVPPuTPa8B8Qq8cW 21ZMa2v2nY5C3tyRB1z2SMsSN8xuw/N4HJSw7uYskoBmluIhJrHE6Irvwmz/6oUqgH4Y somjcnx1pPfkUz9X/4BTMC9noOwqAfF7/NN1fBYuzhToqtyoKFp8Rt/b/u8ZBW/WgQ5J Q+qdfMUphRK4JM32bFnJEfzKNSyX7aWjbcFlhaB1sAOfnOyfe5TE1ZRSKaUv9hGDg6WV 9eZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=g6HrtySy9XPYjnFDZdWqwUmVcceWIKpnpDQvWGrRgzM=; b=re2S/kO5avpWMtRIjwf5PgB1M+9M+I+Mca6T85Ql8OQ4z9V3MlleGdKeEWtk5PTZIy QBQkdLYQfGhIExCh/+2p1uG0x371VQhjZ4iX0LkkND0znFwLKjcyaZ5SyhhcphaNX1pN lbogxcA0238bWQd+dy6nZUh29ZkpvYGRQ8ll5Fn6ytjurLf8v6zHO25rLl1g41dSTuc4 c6F0uhVL0eidCCFACfj7JL5KRqVNetHE3YoqX3QEDJccC+maSokhJHBuEOpXXW+4cKOA K28qv4jHKbauWwcR4KbbbWYxfzPRyxqnnMQg8SAI2HPTNSvEGmojvWRH7oR5s0FuotC4 +NNg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=oQPQ3OAA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e13-20020a17090658cd00b0078dc5c888f1si2525374ejs.135.2022.10.10.13.15.40; Mon, 10 Oct 2022 13:16:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=oQPQ3OAA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229495AbiJJT6Q (ORCPT + 99 others); Mon, 10 Oct 2022 15:58:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229471AbiJJT6O (ORCPT ); Mon, 10 Oct 2022 15:58:14 -0400 Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E10A176463 for ; Mon, 10 Oct 2022 12:58:12 -0700 (PDT) Received: by mail-wr1-x432.google.com with SMTP id a10so18476559wrm.12 for ; Mon, 10 Oct 2022 12:58:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=g6HrtySy9XPYjnFDZdWqwUmVcceWIKpnpDQvWGrRgzM=; b=oQPQ3OAAt1WB8LjB7L0hC5xeFnh2oA0pM1JfruGIr62qZq6V90FMLghUmoqn2u2gji ccPYv701/q66Ibp7waR6y7eKaAVQyiU6FgOYsbH9PjHeou5eGiZbJ1j3x31+Qc/BH9Ju DAiQLpdYl+JtbIP1y7Ksk41SMm9oRXCvsJVMpnVO3goG9/Al5VkioeP8xV61hHc+3OgY QdBQiqpag8mf/VebQI0XAbEQhCbdhPFec3cc35l05e7vKmZNkljCJpW/I9q8NCik0z96 i7oBSQRXUKKeOWpr/ElfY1urBUI1HDPHzU9XosFg7TVELRBaYO59UZlxIGo5v4gWuEnP NpHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=g6HrtySy9XPYjnFDZdWqwUmVcceWIKpnpDQvWGrRgzM=; b=Pn2USjSYrGxvyLDwnn8ezfBXux0jsS+GFAgykSh8kjNqpseS9N7ggfPTgEyFwFYvMO Jc0MLgANDuxbCt2rDY+r3PCB4SjDZ+/kQ1aKZFr91GUiWThHkF5mBbOYfBurAHvY8Prj gvL5i586oTAqZbIpGDJ8Cds1G1yNRvEum0LMOCS4iUYwSxtuQ4YMosZMhaLGwXcfMF5V FoduobEgYTi4H9e21yUVpNj39Rs7sfRdMHjdE2H6q9Na9tEXLk3eMgzlUpe5qmVlLpMT JEe29GYfDwtFqK0f4xkTbI3HosWfU/M6zQVplllhYW7RKeozO2Z/je5e+TrclvlafnY7 GXnQ== X-Gm-Message-State: ACrzQf0e+RwVH1D7pd9y1wjAobkUmSRrgJ8ER0VxFnIt4xcTalvsqpQv ZtA+ZG+7JqJ2hydVuLh2Z9iRuksi8s/lEvhSiW32KQ== X-Received: by 2002:a5d:6741:0:b0:22e:2c5c:d611 with SMTP id l1-20020a5d6741000000b0022e2c5cd611mr12826001wrw.210.1665431890907; Mon, 10 Oct 2022 12:58:10 -0700 (PDT) MIME-Version: 1.0 References: <000000000000385cbf05ea3f1862@google.com> <00000000000028a44005ea40352b@google.com> <20221009084039.cw6meqbvy4362lsa@wittgenstein> In-Reply-To: From: Yosry Ahmed Date: Mon, 10 Oct 2022 12:57:34 -0700 Message-ID: Subject: Re: [PATCH] cgroup: Fix crash with CLONE_INTO_CGROUP and v1 cgroups To: Tejun Heo Cc: "Christian A. Ehrhardt" , Christian Brauner , syzbot , gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com, Martin KaFai Lau Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 10, 2022 at 12:51 PM Tejun Heo wrote: > > Hello, > > On Mon, Oct 10, 2022 at 11:50:50AM -0700, Yosry Ahmed wrote: > > The purpose of f3a2aebdd6 was to make cgroup_get_from_fd() support > > cgroup1, which IIUC makes sense. It was unrelated to IDs. > > Ah, right you are. For some reason, I thought this was ID based. > > > There are currently two users of > > cgroup_get_from_file()/cgroup_get_from_fd() AFAICT, one of which is > > the fork code fixed by this commit, the second is BPF cgroup prog > > attachment. I can send another patch to add explicit filtering in the > > BPF attachment code as well. > > > > Alternatively, we can have separate functions that do the filtering if > > needed. For example: > > cgroup_get_from_fd() / cgroup_get_from_file() -> support both v1 and v2 > > cgroup_get_dfl_from_fd() / cgroup_get_dfl_from_file() -> support only v2 > > > > We can then use the versions with filtering for all the current users > > except cgroup_iter (that needs to support both v1 and v2). WDYT? > > Yes, but please leave the existing ones v2 only and add new ones which > allows cgroup1 too. Any suggestions for the new names though? Given that the new ones would be the ones that will support both versions, I am not sure how to name them differently in a meaningful way. Maybe something like cgroup_get_all_from_[fd/file]() ? IMO, we can rename the current versions to cgroup_get_dfl_from_[fd/file](), and the new ones (which support both) as cgroup_get_from_fd/file(). In this case it's obvious that one version specifically works on "dfl", aka cgroup2. Alternatively, we can have separate versions for v1, cgroup1_get_from_[fd/file](), but then callers that want both v1 and v2 will have to make 2 separate calls unnecessarily. Thoughts? > > Thanks. > > -- > tejun