redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/block
History
Dmitry Monakhov 2de791ab49 bfq: fix blkio cgroup leakage v4 
Changes from v1:
    - update commit description with proper ref-accounting justification

commit db37a34c56 ("block, bfq: get a ref to a group when adding it to a service tree")
introduce leak forbfq_group and blkcg_gq objects because of get/put
imbalance.
In fact whole idea of original commit is wrong because bfq_group entity
can not dissapear under us because it is referenced by child bfq_queue's
entities from here:
 -> bfq_init_entity()
    ->bfqg_and_blkg_get(bfqg);
    ->entity->parent = bfqg->my_entity

 -> bfq_put_queue(bfqq)
    FINAL_PUT
    ->bfqg_and_blkg_put(bfqq_group(bfqq))
    ->kmem_cache_free(bfq_pool, bfqq);

So parent entity can not disappear while child entity is in tree,
and child entities already has proper protection.
This patch revert commit db37a34c56 ("block, bfq: get a ref to a group when adding it to a service tree")

bfq_group leak trace caused by bad commit:
-> blkg_alloc
   -> bfq_pq_alloc
     -> bfqg_get (+1)
->bfq_activate_bfqq
  ->bfq_activate_requeue_entity
    -> __bfq_activate_entity
       ->bfq_get_entity
         ->bfqg_and_blkg_get (+1)  <==== : Note1
->bfq_del_bfqq_busy
  ->bfq_deactivate_entity+0x53/0xc0 [bfq]
    ->__bfq_deactivate_entity+0x1b8/0x210 [bfq]
      -> bfq_forget_entity(is_in_service = true)
	 entity->on_st_or_in_serv = false   <=== :Note2
	 if (is_in_service)
	     return;  ==> do not touch reference
-> blkcg_css_offline
 -> blkcg_destroy_blkgs
  -> blkg_destroy
   -> bfq_pd_offline
    -> __bfq_deactivate_entity
         if (!entity->on_st_or_in_serv) /* true, because (Note2)
		return false;
 -> bfq_pd_free
    -> bfqg_put() (-1, byt bfqg->ref == 2) because of (Note2)
So bfq_group and blkcg_gq  will leak forever, see test-case below.

##TESTCASE_BEGIN:
#!/bin/bash

max_iters=${1:-100}
#prep cgroup mounts
mount -t tmpfs cgroup_root /sys/fs/cgroup
mkdir /sys/fs/cgroup/blkio
mount -t cgroup -o blkio none /sys/fs/cgroup/blkio

# Prepare blkdev
grep blkio /proc/cgroups
truncate -s 1M img
losetup /dev/loop0 img
echo bfq > /sys/block/loop0/queue/scheduler

grep blkio /proc/cgroups
for ((i=0;i<max_iters;i++))
do
    mkdir -p /sys/fs/cgroup/blkio/a
    echo 0 > /sys/fs/cgroup/blkio/a/cgroup.procs
    dd if=/dev/loop0 bs=4k count=1 of=/dev/null iflag=direct 2> /dev/null
    echo 0 > /sys/fs/cgroup/blkio/cgroup.procs
    rmdir /sys/fs/cgroup/blkio/a
    grep blkio /proc/cgroups
done
##TESTCASE_END:

Fixes: db37a34c56 ("block, bfq: get a ref to a group when adding it to a service tree")
Tested-by: Oleksandr Natalenko <oleksandr@natalenko.name>
Signed-off-by: Dmitry Monakhov <dmtrmonakhov@yandex-team.ru>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
 		2020-08-18 07:48:08 -07:00
..
partitions block: always remove partitions from blk_drop_partitions() 2020-07-15 09:23:42 -06:00
Kconfig nvme: support for zoned namespaces 2020-07-08 16:16:20 +02:00
Kconfig.iosched treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Makefile blk-mq: merge blk-softirq.c into blk-mq.c 2020-06-24 09:15:56 -06:00
badblocks.c block: switch all files cleared marked as GPLv2 to SPDX tags 2019-04-30 16:11:57 -06:00
bfq-cgroup.c bfq: fix blkio cgroup leakage v4 2020-08-18 07:48:08 -07:00
bfq-iosched.c block: bfq-iosched: fix duplicated word 2020-07-31 16:29:47 -06:00
bfq-iosched.h bfq: fix blkio cgroup leakage v4 2020-08-18 07:48:08 -07:00
bfq-wf2q.c bfq: fix blkio cgroup leakage v4 2020-08-18 07:48:08 -07:00
bio-integrity.c block: make function __bio_integrity_free() static 2020-07-02 12:38:18 -06:00
bio.c block: Fix page_is_mergeable() for compound pages 2020-08-17 19:35:53 -07:00
blk-cgroup-rwstat.c blk-cgroup: separate out blkg_rwstat under CONFIG_BLK_CGROUP_RWSTAT 2019-11-07 12:28:13 -07:00
blk-cgroup-rwstat.h blk-cgroup: separate out blkg_rwstat under CONFIG_BLK_CGROUP_RWSTAT 2019-11-07 12:28:13 -07:00
blk-cgroup.c blk-cgroup: show global disk stats in root cgroup io.stat 2020-07-17 20:18:00 -06:00
blk-core.c for-5.9/io_uring-20200802 2020-08-03 13:01:22 -07:00
blk-crypto-fallback.c block: rename generic_make_request to submit_bio_noacct 2020-07-01 07:27:24 -06:00
blk-crypto-internal.h block: blk-crypto-fallback for Inline Encryption 2020-05-14 09:48:03 -06:00
blk-crypto.c block: rename generic_make_request to submit_bio_noacct 2020-07-01 07:27:24 -06:00
blk-exec.c block: add a blk_account_io_merge_bio helper 2020-05-27 05:21:23 -06:00
blk-flush.c block: fix double account of flush request's driver tag 2020-08-11 13:53:32 -06:00
blk-integrity.c block: Make blk-integrity preclude hardware inline encryption 2020-05-14 09:48:03 -06:00
blk-ioc.c block: remove retry loop in ioc_release_fn() 2020-07-16 10:22:15 -06:00
blk-iocost.c A set of locking fixes and updates: 2020-08-10 19:07:44 -07:00
blk-iolatency.c blk-iolatency: only call ktime_get() if needed 2020-07-01 08:02:38 -06:00
blk-lib.c block: check queue's limits.discard_granularity in __blkdev_issue_discard() 2020-08-05 17:15:47 -06:00
blk-map.c block: Inline encryption support for blk-mq 2020-05-14 09:47:53 -06:00
blk-merge.c block: respect queue limit of max discard segment 2020-08-17 06:59:41 -07:00
blk-mq-cpumap.c blk-mq: balance mapping between present CPUs and queues 2019-08-04 21:43:12 -06:00
blk-mq-debugfs-zoned.c block: Cleanup license notice 2019-01-17 21:21:40 -07:00
blk-mq-debugfs.c for-5.9/block-20200802 2020-08-03 11:57:03 -07:00
blk-mq-debugfs.h blk-mq: no need to check return value of debugfs_create functions 2019-06-13 03:00:30 -06:00
blk-mq-pci.c block: Fix blk_mq_*_map_queues() kernel-doc headers 2019-05-31 15:12:34 -06:00
blk-mq-rdma.c block: Fix blk_mq_*_map_queues() kernel-doc headers 2019-05-31 15:12:34 -06:00
blk-mq-sched.c blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART 2020-08-17 06:57:49 -07:00
blk-mq-sched.h block: blk-mq: Remove blk_mq_sched_started_request and started_request 2019-07-23 07:25:09 -06:00
blk-mq-sysfs.c blk-mq: make sure that line break can be printed 2019-11-04 07:14:10 -07:00
blk-mq-tag.c blk-mq: move blk_mq_get_driver_tag into blk-mq.c 2020-06-30 12:57:59 -06:00
blk-mq-tag.h blk-mq: centralise related handling into blk_mq_get_driver_tag 2020-07-08 16:06:42 -06:00
blk-mq-virtio.c blk-mq: Fix typo in comment 2020-03-17 20:55:21 +01:00
blk-mq.c blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART 2020-08-17 06:57:49 -07:00
blk-mq.h Revert "blk-mq: put driver tag when this request is completed" 2020-07-01 22:58:32 -06:00
blk-pm.c scsi: block: pm: Simplify resume handling 2020-07-24 22:09:55 -04:00
blk-pm.h block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-rq-qos.c Revert "blk-rq-qos: remove redundant finish_wait to rq_qos_wait." 2020-07-15 09:33:37 -06:00
blk-rq-qos.h blk-rq-qos: fix first node deletion of rq_qos_del() 2019-10-15 10:13:13 -06:00
blk-settings.c block: remove blk_queue_stack_limits 2020-07-20 15:38:52 -06:00
blk-stat.c blk-stat: Optimise blk_stat_add() 2019-10-07 21:19:10 -06:00
blk-stat.h block: deactivate blk_stat timer in wbt_disable_default() 2018-12-12 06:47:51 -07:00
blk-sysfs.c block: add max_active_zones to blk-sysfs 2020-07-15 14:26:11 -06:00
blk-throttle.c block: rename generic_make_request to submit_bio_noacct 2020-07-01 07:27:24 -06:00
blk-timeout.c block: blk-timeout: delete duplicated word 2020-07-31 16:29:47 -06:00
blk-wbt.c blk-wbt: rename __wbt_update_limits to wbt_update_limits 2020-05-29 16:30:39 -06:00
blk-wbt.h blk-wbt: remove wbt_update_limits 2020-05-29 16:30:39 -06:00
blk-zoned.c block: don't do revalidate zones on invalid devices 2020-08-03 09:24:04 -06:00
blk.h block: improve discard bio alignment in __blkdev_issue_discard() 2020-07-17 07:15:10 -06:00
bounce.c block: rename generic_make_request to submit_bio_noacct 2020-07-01 07:27:24 -06:00
bsg-lib.c bsg-lib: convert comma to semicolon 2020-08-16 20:07:12 -07:00
bsg.c compat_ioctl: bsg: add handler 2020-01-03 09:33:21 +01:00
cmdline-parser.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
elevator.c block: elevator: delete duplicated word and fix typos 2020-07-31 16:29:47 -06:00
genhd.c block: genhd: delete duplicated words 2020-07-31 16:29:47 -06:00
ioctl.c block: Fix type of first compat_put_{,u}long() argument 2020-05-19 09:40:29 -06:00
ioprio.c docs: block: convert to ReST 2019-07-15 09:20:27 -03:00
keyslot-manager.c block/keyslot-manager: use kvfree_sensitive() 2020-06-29 13:24:05 -06:00
kyber-iosched.c blk-mq: remove the bio argument to ->prepare_request 2020-05-29 10:23:24 -06:00
mq-deadline.c blk-mq: remove the bio argument to ->prepare_request 2020-05-29 10:23:24 -06:00
opal_proto.h block: sed-opal: Change the check condition for regular session validity 2020-03-12 08:00:10 -06:00
scsi_ioctl.c scsi: core: Allow non-root users to perform ZBC commands 2020-03-16 18:26:31 -04:00
sed-opal.c block: sed-opal: Change the check condition for regular session validity 2020-03-12 08:00:10 -06:00
t10-pi.c block: Allow t10-pi to be modular 2020-01-06 20:59:04 -07:00