diff options
| author | Rafael J. Wysocki <rjw@sisk.pl> | 2007-07-19 01:47:33 -0700 | 
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-07-19 10:04:42 -0700 | 
| commit | 0c1eecfb345401629aa57c9d3b077273e56c45a7 (patch) | |
| tree | 522d7090966c6e70f3147c30e3308781e0309938 /kernel/power/process.c | |
| parent | b1457bcc3a00a0446c7f6e2f22fd24b6d8d0a309 (diff) | |
Freezer: avoid freezing kernel threads prematurely
Kernel threads should not have TIF_FREEZE set when user space processes are
being frozen, since otherwise some of them might be frozen prematurely.
To prevent this from happening we can (1) make exit_mm() unset TIF_FREEZE
unconditionally just after clearing tsk->mm and (2) make try_to_freeze_tasks()
check if p->mm is different from zero and PF_BORROWED_MM is unset in p->flags
when user space processes are to be frozen.
Namely, when user space processes are being frozen, we only should set
TIF_FREEZE for tasks that have p->mm different from NULL and don't have
PF_BORROWED_MM set in p->flags.  For this reason task_lock() must be used to
prevent try_to_freeze_tasks() from racing with use_mm()/unuse_mm(), in which
p->mm and p->flags.PF_BORROWED_MM are changed under task_lock(p).  Also, we
need to prevent the following scenario from happening:
* daemonize() is called by a task spawned from a user space code path
* freezer checks if the task has p->mm set and the result is positive
* task enters exit_mm() and clears its TIF_FREEZE
* freezer sets TIF_FREEZE for the task
* task calls try_to_freeze() and goes to the refrigerator, which is wrong at
  that point
This requires us to acquire task_lock(p) before p->flags.PF_BORROWED_MM and
p->mm are examined and release it after TIF_FREEZE is set for p (or it turns
out that TIF_FREEZE should not be set).
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Cc: Gautham R Shenoy <ego@in.ibm.com>
Cc: Pavel Machek <pavel@ucw.cz>
Cc: Nigel Cunningham <nigel@nigel.suspend2.net>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/power/process.c')
| -rw-r--r-- | kernel/power/process.c | 64 | 
1 files changed, 33 insertions, 31 deletions
| diff --git a/kernel/power/process.c b/kernel/power/process.c index b850173e7561..e1bcdedd1464 100644 --- a/kernel/power/process.c +++ b/kernel/power/process.c @@ -40,7 +40,7 @@ static inline void frozen_process(void)  		current->flags |= PF_FROZEN;  		wmb();  	} -	clear_tsk_thread_flag(current, TIF_FREEZE); +	clear_freeze_flag(current);  }  /* Refrigerator is place where frozen processes are stored :-). */ @@ -75,17 +75,16 @@ void refrigerator(void)  	current->state = save;  } -static inline void freeze_process(struct task_struct *p) +static void freeze_task(struct task_struct *p)  {  	unsigned long flags;  	if (!freezing(p)) {  		rmb();  		if (!frozen(p)) { +			set_freeze_flag(p);  			if (p->state == TASK_STOPPED)  				force_sig_specific(SIGSTOP, p); - -			freeze(p);  			spin_lock_irqsave(&p->sighand->siglock, flags);  			signal_wake_up(p, p->state == TASK_STOPPED);  			spin_unlock_irqrestore(&p->sighand->siglock, flags); @@ -99,18 +98,13 @@ static void cancel_freezing(struct task_struct *p)  	if (freezing(p)) {  		pr_debug("  clean up: %s\n", p->comm); -		do_not_freeze(p); +		clear_freeze_flag(p);  		spin_lock_irqsave(&p->sighand->siglock, flags);  		recalc_sigpending_and_wake(p);  		spin_unlock_irqrestore(&p->sighand->siglock, flags);  	}  } -static inline int is_user_space(struct task_struct *p) -{ -	return p->mm && !(p->flags & PF_BORROWED_MM); -} -  static unsigned int try_to_freeze_tasks(int freeze_user_space)  {  	struct task_struct *g, *p; @@ -122,20 +116,34 @@ static unsigned int try_to_freeze_tasks(int freeze_user_space)  		todo = 0;  		read_lock(&tasklist_lock);  		do_each_thread(g, p) { -			if (!freezeable(p)) -				continue; - -			if (frozen(p)) +			if (frozen(p) || !freezeable(p))  				continue; -			if (p->state == TASK_TRACED && frozen(p->parent)) { -				cancel_freezing(p); -				continue; +			if (freeze_user_space) { +				if (p->state == TASK_TRACED && +				    frozen(p->parent)) { +					cancel_freezing(p); +					continue; +				} +				/* +				 * Kernel threads should not have TIF_FREEZE set +				 * at this point, so we must ensure that either +				 * p->mm is not NULL *and* PF_BORROWED_MM is +				 * unset, or TIF_FRREZE is left unset. +				 * The task_lock() is necessary to prevent races +				 * with exit_mm() or use_mm()/unuse_mm() from +				 * occuring. +				 */ +				task_lock(p); +				if (!p->mm || (p->flags & PF_BORROWED_MM)) { +					task_unlock(p); +					continue; +				} +				freeze_task(p); +				task_unlock(p); +			} else { +				freeze_task(p);  			} -			if (freeze_user_space && !is_user_space(p)) -				continue; - -			freeze_process(p);  			if (!freezer_should_skip(p))  				todo++;  		} while_each_thread(g, p); @@ -152,22 +160,16 @@ static unsigned int try_to_freeze_tasks(int freeze_user_space)  		 * but it cleans up leftover PF_FREEZE requests.  		 */  		printk("\n"); -		printk(KERN_ERR "Stopping %s timed out after %d seconds " +		printk(KERN_ERR "Freezing of %s timed out after %d seconds "  				"(%d tasks refusing to freeze):\n", -				freeze_user_space ? "user space processes" : -					"kernel threads", +				freeze_user_space ? "user space " : "tasks ",  				TIMEOUT / HZ, todo);  		show_state();  		read_lock(&tasklist_lock);  		do_each_thread(g, p) { -			if (freeze_user_space && !is_user_space(p)) -				continue; -  			task_lock(p); -			if (freezeable(p) && !frozen(p) && -			    !freezer_should_skip(p)) +			if (freezing(p) && !freezer_should_skip(p))  				printk(KERN_ERR " %s\n", p->comm); -  			cancel_freezing(p);  			task_unlock(p);  		} while_each_thread(g, p); @@ -211,7 +213,7 @@ static void thaw_tasks(int thaw_user_space)  		if (!freezeable(p))  			continue; -		if (is_user_space(p) == !thaw_user_space) +		if (!p->mm == thaw_user_space)  			continue;  		thaw_process(p); | 
