Fixed
Created: Dec 14, 2016
Updated: Sep 8, 2018
Resolved Date: Dec 26, 2016
Found In Version: 7.0.0.10
Fix Version: 7.0.0.23
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel
Prime team add cgroup-bring-back-kill_cnt-to-order-css-destruction.patch when they create ccm layer.
The reason why they add this patch is following.
"the workitem to offline parent can get run before workitem to offline child;
parent's mem_cgroup_reparent_charges() circles around waiting for the
child's pages to be reparented to its lrus, but it's holding cgroup_mutex
which prevents the child from reaching its mem_cgroup_reparent_charges().
Further testing showed that an ordered workqueue for cgroup_destroy_wq
is not always good enough: percpu_ref_kill_and_confirm's call_rcu_sched
stage on the way can mess up the order before reaching the workqueue.
Instead bring back v3.11's css kill_cnt, repurposing it to make sure
that offline_css() is not called for parent before it has been called
for all children."
I found that this patch was not merged into mainline when I was analyzing a issue about cgroup.
The reason, why mainline did not accept the patch, is in the following link.
https://lkml.org/lkml/2014/2/12/716
And then I found that there are two patches as below in mainline for solving the same problem.
cgroup-make-sure-a-parent-css-isn-t-freed-before-its-in-mainline.patch
cgroup-make-sure-a-parent-css-isn-t-offlined-before-in-mainline.patch
The role of the two patches are following.
"There are three subsystem callbacks in css shutdown path -
css_offline(), css_released() and css_free(). Except for
css_released(), cgroup core didn't use to guarantee the order of
invocation. css_offline() or css_free() could be called on a parent
css before its children. This behavior is unexpected and led to
use-after-free in cpu controller."
So I backported the two patches as below into ccm layer after I removed the cgroup-bring-back-kill_cnt-to-order-css-destruction.patch.
0001-cgroup-make-sure-a-parent-css-isn-t-freed-before-its.patch
0001-cgroup-make-sure-a-parent-css-isn-t-offlined-before-.patch
Please help to check if it should be merge into wrlinux7.
