memcg: fix a race when setting memory.swappiness
authorLi Zefan <lizf@cn.fujitsu.com>
Thu, 15 Jan 2009 21:51:26 +0000 (13:51 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 16 Jan 2009 00:39:41 +0000 (16:39 -0800)
(suppose: memcg->use_hierarchy == 0 and memcg->swappiness == 60)

echo 10 > /memcg/0/swappiness   |
  mem_cgroup_swappiness_write() |
    ...                         | echo 1 > /memcg/0/use_hierarchy
                                | mkdir /mnt/0/1
                                |   sub_memcg->swappiness = 60;
    memcg->swappiness = 10;     |

In the above scenario, we end up having 2 different swappiness
values in a single hierarchy.

We should hold cgroup_lock() when cheking cgrp->children list.

Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/memcontrol.c

index f0dc076..4d0ea3c 100644 (file)
@@ -1992,6 +1992,7 @@ static int mem_cgroup_swappiness_write(struct cgroup *cgrp, struct cftype *cft,
 {
        struct mem_cgroup *memcg = mem_cgroup_from_cont(cgrp);
        struct mem_cgroup *parent;
+
        if (val > 100)
                return -EINVAL;
 
@@ -1999,15 +2000,22 @@ static int mem_cgroup_swappiness_write(struct cgroup *cgrp, struct cftype *cft,
                return -EINVAL;
 
        parent = mem_cgroup_from_cont(cgrp->parent);
+
+       cgroup_lock();
+
        /* If under hierarchy, only empty-root can set this value */
        if ((parent->use_hierarchy) ||
-           (memcg->use_hierarchy && !list_empty(&cgrp->children)))
+           (memcg->use_hierarchy && !list_empty(&cgrp->children))) {
+               cgroup_unlock();
                return -EINVAL;
+       }
 
        spin_lock(&memcg->reclaim_param_lock);
        memcg->swappiness = val;
        spin_unlock(&memcg->reclaim_param_lock);
 
+       cgroup_unlock();
+
        return 0;
 }