1. Patchew
  2. linux
  3. View series

[PATCH] sched_ext: idle: Recheck prev_cpu after narrowing allowed mask

David Carlier posted 1 patch 1 month, 2 weeks ago 
kernel/sched/ext_idle.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
[PATCH] sched_ext: idle: Recheck prev_cpu after narrowing allowed mask
Posted by David Carlier 1 month, 2 weeks ago 
scx_select_cpu_dfl() narrows @allowed to @cpus_allowed & @p->cpus_ptr
when the BPF caller supplies a @cpus_allowed that differs from
@p->cpus_ptr and @p doesn't have full affinity. However,
@is_prev_allowed was computed against the original (wider)
@cpus_allowed, so the prev_cpu fast paths could pick a @prev_cpu that
is in @cpus_allowed but not in @p->cpus_ptr, violating the intended
invariant that the returned CPU is always usable by @p. The kernel
masks this via the SCX_EV_SELECT_CPU_FALLBACK fallback, but the
behavior contradicts the documented contract.

Move the @is_prev_allowed evaluation past the narrowing block so it
tests against the final @allowed mask.

Fixes: ee9a4e92799d ("sched_ext: idle: Properly handle invalid prev_cpu during idle selection")
Assisted-by: Claude <noreply@anthropic.com>
Signed-off-by: David Carlier <devnexen@gmail.com>
---
 kernel/sched/ext_idle.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/kernel/sched/ext_idle.c b/kernel/sched/ext_idle.c
index 41785f65bbb2..bbb845f36a0a 100644
--- a/kernel/sched/ext_idle.c
+++ b/kernel/sched/ext_idle.c
@@ -464,12 +464,6 @@ s32 scx_select_cpu_dfl(struct task_struct *p, s32 prev_cpu, u64 wake_flags,
 
 	preempt_disable();
 
-	/*
-	 * Check whether @prev_cpu is still within the allowed set. If not,
-	 * we can still try selecting a nearby CPU.
-	 */
-	is_prev_allowed = cpumask_test_cpu(prev_cpu, allowed);
-
 	/*
 	 * Determine the subset of CPUs usable by @p within @cpus_allowed.
 	 */
@@ -486,6 +480,12 @@ s32 scx_select_cpu_dfl(struct task_struct *p, s32 prev_cpu, u64 wake_flags,
 		}
 	}
 
+	/*
+	 * Check whether @prev_cpu is still within the allowed set. If not,
+	 * we can still try selecting a nearby CPU.
+	 */
+	is_prev_allowed = cpumask_test_cpu(prev_cpu, allowed);
+
 	/*
 	 * This is necessary to protect llc_cpus.
 	 */
-- 
2.53.0
Re: [PATCH] sched_ext: idle: Recheck prev_cpu after narrowing allowed mask
Posted by Tejun Heo 1 month, 1 week ago 
Hello,

Applied to sched_ext/for-7.1-fixes with Andrea's Reviewed-by and a
Cc: stable@vger.kernel.org # v6.16+ added.

Thanks.

--
tejun
Re: [PATCH] sched_ext: idle: Recheck prev_cpu after narrowing allowed mask
Posted by Andrea Righi 1 month, 2 weeks ago 
On Thu, Apr 30, 2026 at 10:27:47AM +0100, David Carlier wrote:
> scx_select_cpu_dfl() narrows @allowed to @cpus_allowed & @p->cpus_ptr
> when the BPF caller supplies a @cpus_allowed that differs from
> @p->cpus_ptr and @p doesn't have full affinity. However,
> @is_prev_allowed was computed against the original (wider)
> @cpus_allowed, so the prev_cpu fast paths could pick a @prev_cpu that
> is in @cpus_allowed but not in @p->cpus_ptr, violating the intended
> invariant that the returned CPU is always usable by @p. The kernel
> masks this via the SCX_EV_SELECT_CPU_FALLBACK fallback, but the
> behavior contradicts the documented contract.
> 
> Move the @is_prev_allowed evaluation past the narrowing block so it
> tests against the final @allowed mask.
> 
> Fixes: ee9a4e92799d ("sched_ext: idle: Properly handle invalid prev_cpu during idle selection")
> Assisted-by: Claude <noreply@anthropic.com>
> Signed-off-by: David Carlier <devnexen@gmail.com>

Makes sense, good catch.

Reviewed-by: Andrea Righi <arighi@nvidia.com>

Thanks,
-Andrea

> ---
>  kernel/sched/ext_idle.c | 12 ++++++------
>  1 file changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/kernel/sched/ext_idle.c b/kernel/sched/ext_idle.c
> index 41785f65bbb2..bbb845f36a0a 100644
> --- a/kernel/sched/ext_idle.c
> +++ b/kernel/sched/ext_idle.c
> @@ -464,12 +464,6 @@ s32 scx_select_cpu_dfl(struct task_struct *p, s32 prev_cpu, u64 wake_flags,
>  
>  	preempt_disable();
>  
> -	/*
> -	 * Check whether @prev_cpu is still within the allowed set. If not,
> -	 * we can still try selecting a nearby CPU.
> -	 */
> -	is_prev_allowed = cpumask_test_cpu(prev_cpu, allowed);
> -
>  	/*
>  	 * Determine the subset of CPUs usable by @p within @cpus_allowed.
>  	 */
> @@ -486,6 +480,12 @@ s32 scx_select_cpu_dfl(struct task_struct *p, s32 prev_cpu, u64 wake_flags,
>  		}
>  	}
>  
> +	/*
> +	 * Check whether @prev_cpu is still within the allowed set. If not,
> +	 * we can still try selecting a nearby CPU.
> +	 */
> +	is_prev_allowed = cpumask_test_cpu(prev_cpu, allowed);
> +
>  	/*
>  	 * This is necessary to protect llc_cpus.
>  	 */
> -- 
> 2.53.0
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.