kernel/cgroup/cpuset.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-)
The cgroup_get_e_css reference protects the css->effective_mems, and
calls of this interface would be subject to the same race conditions
associated with a non-atomic access to cs->effective_mems.
So while this interface cannot make strong guarantees of correctness,
it can therefore avoid taking a global or rcu_read_lock for performance.
Drop the rcu_read_lock from cpuset_node_allowed.
Suggested-by: Shakeel Butt <shakeel.butt@linux.dev>
Suggested-by: Waiman Long <longman@redhat.com>
Signed-off-by: Gregory Price <gourry@gourry.net>
---
kernel/cgroup/cpuset.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
index c52348bfd5db..1dc41758c62c 100644
--- a/kernel/cgroup/cpuset.c
+++ b/kernel/cgroup/cpuset.c
@@ -4181,10 +4181,20 @@ bool cpuset_node_allowed(struct cgroup *cgroup, int nid)
if (!css)
return true;
+ /*
+ * Normally, accessing effective_mems would require the cpuset_mutex
+ * or RCU read lock - but node_isset is atomic and the reference
+ * taken via cgroup_get_e_css is sufficient to protect css.
+ *
+ * Since this interface is intended for use by migration paths, we
+ * relax locking here to avoid taking global locks - while accepting
+ * there may be rare scenarios where the result may be innaccurate.
+ *
+ * Reclaim and migration are subject to these same race conditions, and
+ * cannot make strong isolation guarantees, so this is acceptable.
+ */
cs = container_of(css, struct cpuset, css);
- rcu_read_lock();
allowed = node_isset(nid, cs->effective_mems);
- rcu_read_unlock();
css_put(css);
return allowed;
}
--
2.49.0On 4/22/25 12:30 AM, Gregory Price wrote: > The cgroup_get_e_css reference protects the css->effective_mems, and > calls of this interface would be subject to the same race conditions > associated with a non-atomic access to cs->effective_mems. > > So while this interface cannot make strong guarantees of correctness, > it can therefore avoid taking a global or rcu_read_lock for performance. > > Drop the rcu_read_lock from cpuset_node_allowed. > > Suggested-by: Shakeel Butt <shakeel.butt@linux.dev> > Suggested-by: Waiman Long <longman@redhat.com> > Signed-off-by: Gregory Price <gourry@gourry.net> > --- > kernel/cgroup/cpuset.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) > > diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c > index c52348bfd5db..1dc41758c62c 100644 > --- a/kernel/cgroup/cpuset.c > +++ b/kernel/cgroup/cpuset.c > @@ -4181,10 +4181,20 @@ bool cpuset_node_allowed(struct cgroup *cgroup, int nid) > if (!css) > return true; > > + /* > + * Normally, accessing effective_mems would require the cpuset_mutex > + * or RCU read lock - but node_isset is atomic and the reference > + * taken via cgroup_get_e_css is sufficient to protect css. > + * > + * Since this interface is intended for use by migration paths, we > + * relax locking here to avoid taking global locks - while accepting > + * there may be rare scenarios where the result may be innaccurate. > + * > + * Reclaim and migration are subject to these same race conditions, and > + * cannot make strong isolation guarantees, so this is acceptable. > + */ > cs = container_of(css, struct cpuset, css); > - rcu_read_lock(); > allowed = node_isset(nid, cs->effective_mems); > - rcu_read_unlock(); > css_put(css); > return allowed; > } Except for mislabeling RCU read lock instead of callback_lock as pointed out by Johannes, the change looks good to me. Reviewed-by: Waiman Long <longman@redhat.com>
On Tue, Apr 22, 2025 at 12:30:55AM -0400, Gregory Price wrote:
> The cgroup_get_e_css reference protects the css->effective_mems, and
> calls of this interface would be subject to the same race conditions
> associated with a non-atomic access to cs->effective_mems.
>
> So while this interface cannot make strong guarantees of correctness,
> it can therefore avoid taking a global or rcu_read_lock for performance.
>
> Drop the rcu_read_lock from cpuset_node_allowed.
>
> Suggested-by: Shakeel Butt <shakeel.butt@linux.dev>
> Suggested-by: Waiman Long <longman@redhat.com>
> Signed-off-by: Gregory Price <gourry@gourry.net>
> ---
> kernel/cgroup/cpuset.c | 14 ++++++++++++--
> 1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c
> index c52348bfd5db..1dc41758c62c 100644
> --- a/kernel/cgroup/cpuset.c
> +++ b/kernel/cgroup/cpuset.c
> @@ -4181,10 +4181,20 @@ bool cpuset_node_allowed(struct cgroup *cgroup, int nid)
> if (!css)
> return true;
>
> + /*
> + * Normally, accessing effective_mems would require the cpuset_mutex
> + * or RCU read lock - but node_isset is atomic and the reference
^^^^^^^^^^^^^
This should be callback_lock. rcu_read_lock() was intended for css
lifetime - which is ensured by css_get_e_css() - not a stable mask.
Otherwise looks good, makes sense to lampshade the lockless access.
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
On Mon, Apr 21, 2025 at 9:30 PM Gregory Price <gourry@gourry.net> wrote: > > The cgroup_get_e_css reference protects the css->effective_mems, and > calls of this interface would be subject to the same race conditions > associated with a non-atomic access to cs->effective_mems. > > So while this interface cannot make strong guarantees of correctness, > it can therefore avoid taking a global or rcu_read_lock for performance. > > Drop the rcu_read_lock from cpuset_node_allowed. > > Suggested-by: Shakeel Butt <shakeel.butt@linux.dev> > Suggested-by: Waiman Long <longman@redhat.com> > Signed-off-by: Gregory Price <gourry@gourry.net> Reviewed-by: Shakeel Butt <shakeel.butt@linux.dev>
© 2016 - 2025 Red Hat, Inc.