cgroup: pids: use atomic64_t for pids->limit

commit a713af394cf382a30dd28a1015cbe572f1b9ca75 upstream.

Because pids->limit can be changed concurrently (but we don't want to
take a lock because it would be needlessly expensive), use atomic64_ts
instead.

Fixes: commit 49b786ea146f ("cgroup: implement the PIDs subsystem")
Cc: stable@vger.kernel.org # v4.3+
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/kernel/cgroup/pids.c b/kernel/cgroup/pids.c
index 8e513a5..138059e 100644 (file)
--- a/kernel/cgroup/pids.c
+++ b/kernel/cgroup/pids.c
@@ -45,7 +45,7 @@ struct pids_cgroup {
         * %PIDS_MAX = (%PID_MAX_LIMIT + 1).
         */
        atomic64_t                      counter;
-       int64_t                         limit;
+       atomic64_t                      limit;
 
        /* Handle for "pids.events" */
        struct cgroup_file              events_file;
@@ -73,8 +73,8 @@ pids_css_alloc(struct cgroup_subsys_state *parent)
        if (!pids)
                return ERR_PTR(-ENOMEM);
 
-       pids->limit = PIDS_MAX;
        atomic64_set(&pids->counter, 0);
+       atomic64_set(&pids->limit, PIDS_MAX);
        atomic64_set(&pids->events_limit, 0);
        return &pids->css;
 }
@@ -146,13 +146,14 @@ static int pids_try_charge(struct pids_cgroup *pids, int num)
 
        for (p = pids; parent_pids(p); p = parent_pids(p)) {
                int64_t new = atomic64_add_return(num, &p->counter);
+               int64_t limit = atomic64_read(&p->limit);
 
                /*
                 * Since new is capped to the maximum number of pid_t, if
                 * p->limit is %PIDS_MAX then we know that this test will never
                 * fail.
                 */
-               if (new > p->limit)
+               if (new > limit)
                        goto revert;
        }
 
@@ -277,7 +278,7 @@ set_limit:
         * Limit updates don't need to be mutex'd, since it isn't
         * critical that any racing fork()s follow the new limit.
         */
-       pids->limit = limit;
+       atomic64_set(&pids->limit, limit);
        return nbytes;
 }
 
@@ -285,7 +286,7 @@ static int pids_max_show(struct seq_file *sf, void *v)
 {
        struct cgroup_subsys_state *css = seq_css(sf);
        struct pids_cgroup *pids = css_pids(css);
-       int64_t limit = pids->limit;
+       int64_t limit = atomic64_read(&pids->limit);
 
        if (limit >= PIDS_MAX)
                seq_printf(sf, "%s\n", PIDS_MAX_STR);