cpuset: fix cpuset_print_task_mems_allowed() vs rename() race (63f43f55) · Commits · 戴 / test

rename() will change dentry->d_name. The result of this race can be worse than seeing partially rewritten name, but we might access a stale pointer because rename() will re-allocate memory to hold a longer name. It's safe in the protection of dentry->d_lock. v2: check NULL dentry before acquiring dentry lock. Signed-off-by:

Li Zefan <lizefan@huawei.com> Signed-off-by:

Tejun Heo <tj@kernel.org> Cc: stable@vger.kernel.org

kernel/cpuset.c

+10 −2

Original line number	Diff line number	Diff line
		@@ -2511,8 +2511,16 @@ void cpuset_print_task_mems_allowed(struct task_struct *tsk)

		dentry = task_cs(tsk)->css.cgroup->dentry;
		spin_lock(&cpuset_buffer_lock);
		snprintf(cpuset_name, CPUSET_NAME_LEN,
		dentry ? (const char *)dentry->d_name.name : "/");

		if (!dentry) {
		strcpy(cpuset_name, "/");
		} else {
		spin_lock(&dentry->d_lock);
		strlcpy(cpuset_name, (const char *)dentry->d_name.name,
		CPUSET_NAME_LEN);
		spin_unlock(&dentry->d_lock);
		}

		nodelist_scnprintf(cpuset_nodelist, CPUSET_NODELIST_LEN,
		tsk->mems_allowed);
		printk(KERN_INFO "%s cpuset=%s mems_allowed=%s\n",

Admin message