Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6e6eab0e authored by Tejun Heo's avatar Tejun Heo
Browse files

cgroup: fix cgroup_write_event_control() 



81eeaf04 ("cgroup: make cftype->[un]register_event() deal with
cgroup_subsys_state inst ead of cgroup") updated the cftype event
methods to take @css (cgroup_subsys_state) instead of @cgroup;
however, it incorrectly used @css passed to
cgroup_write_event_control(), which the dummy_css for the cgroup as
the file is a cgroup core file.  This leads to oops on event
registration.

Fix it by using the css matching the event target file.  Note that
cgroup_write_event_control() now disallows cgroup core files from
being event sources.  This is for simplicity and doesn't matter as
cgroup_event will be moved and made specific to memcg.

Signed-off-by: default avatarTejun Heo <tj@kernel.org>
Acked-by: default avatarLi Zefan <lizefan@huawei.com>
parent 0bfb4aa6

kernel/cgroup.c

+21 −4
Original line number Diff line number Diff line
@@ -4040,10 +4040,10 @@ static void cgroup_event_ptable_queue_proc(struct file *file, 
 * Input must be in format '<event_fd> <control_fd> <args>'.

 * Interpretation of args is defined by control file implementation.

 */

static int cgroup_write_event_control(struct cgroup_subsys_state *css,

static int cgroup_write_event_control(struct cgroup_subsys_state *dummy_css,

				      struct cftype *cft, const char *buffer)

{

	struct cgroup *cgrp = css->cgroup;

	struct cgroup *cgrp = dummy_css->cgroup;

	struct cgroup_event *event;

	struct cgroup *cgrp_cfile;

	unsigned int efd, cfd;
@@ -4065,7 +4065,7 @@ static int cgroup_write_event_control(struct cgroup_subsys_state *css, 
	event = kzalloc(sizeof(*event), GFP_KERNEL);

	if (!event)

		return -ENOMEM;

	event->css = css;



	INIT_LIST_HEAD(&event->list);

	init_poll_funcptr(&event->pt, cgroup_event_ptable_queue_proc);

	init_waitqueue_func_entry(&event->wait, cgroup_event_wake);
@@ -4101,6 +4101,23 @@ static int cgroup_write_event_control(struct cgroup_subsys_state *css, 
		goto out_put_cfile;

	}



	if (!event->cft->ss) {

		ret = -EBADF;

		goto out_put_cfile;

	}



	/* determine the css of @cfile and associate @event with it */

	rcu_read_lock();



	ret = -EINVAL;

	event->css = cgroup_css(cgrp, event->cft->ss->subsys_id);

	if (event->css)

		ret = 0;



	rcu_read_unlock();

	if (ret)

		goto out_put_cfile;



	/*

	 * The file to be monitored must be in the same cgroup as

	 * cgroup.event_control is.
@@ -4116,7 +4133,7 @@ static int cgroup_write_event_control(struct cgroup_subsys_state *css, 
		goto out_put_cfile;

	}



	ret = event->cft->register_event(css, event->cft,

	ret = event->cft->register_event(event->css, event->cft,

			event->eventfd, buffer);

	if (ret)

		goto out_put_cfile;