Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.1.41 2017-06-08T02:50:41Z 2017-06-08T02:50:41Z Eric W. Biederman ebiederm@xmission.com 2017-05-11T23:21:01Z urn:sha1:0e521eabd7a3e1c5efb57f1dd8e3721e319a9bc1 [ Upstream commit b9a985db98961ae1ba0be169f19df1c567e4ffe0 ] The code can potentially sleep for an indefinite amount of time in zap_pid_ns_processes triggering the hung task timeout, and increasing the system average. This is undesirable. Sleep with a task state of TASK_INTERRUPTIBLE instead of TASK_UNINTERRUPTIBLE to remove these undesirable side effects. Apparently under heavy load this has been allowing Chrome to trigger the hung time task timeout error and cause ChromeOS to reboot. Reported-by: Vovo Yang <vovoy@google.com> Reported-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net> Fixes: 6347e9009104 ("pidns: guarantee that the pidns init will be the last pidns process reaped") Cc: stable@vger.kernel.org Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> 2014-12-16T23:53:03Z Linus Torvalds torvalds@linux-foundation.org 2014-12-16T23:53:03Z urn:sha1:603ba7e41bf5d405aba22294af5d075d8898176d Pull vfs pile #2 from Al Viro: "Next pile (and there'll be one or two more). The large piece in this one is getting rid of /proc/*/ns/* weirdness; among other things, it allows to (finally) make nameidata completely opaque outside of fs/namei.c, making for easier further cleanups in there" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: coda_venus_readdir(): use file_inode() fs/namei.c: fold link_path_walk() call into path_init() path_init(): don't bother with LOOKUP_PARENT in argument fs/namei.c: new helper (path_cleanup()) path_init(): store the "base" pointer to file in nameidata itself make default ->i_fop have ->open() fail with ENXIO make nameidata completely opaque outside of fs/namei.c kill proc_ns completely take the targets of /proc/*/ns/* symlinks to separate fs bury struct proc_ns in fs/proc copy address of proc_ns_ops into ns_common new helpers: ns_alloc_inum/ns_free_inum make proc_ns_operations work with struct ns_common * instead of void * switch the rest of proc_ns_operations to working with &...->ns netns: switch ->get()/->put()/->install()/->inum() to working with &net->ns make mntns ->get()/->put()/->install()/->inum() work with &mnt_ns->ns common object embedded into various struct ....ns 2014-12-11T01:41:18Z Oleg Nesterov oleg@redhat.com 2014-12-10T23:55:28Z urn:sha1:a53b831549141aa060a8b54b76e3a42870d74cc0 The comments in zap_pid_ns_processes() are not clear, we need to explain how this code actually works. 1. "Ignore SIGCHLD" looks like optimization but it is not, we also need this for correctness. 2. The comment above sys_wait4() could tell more. EXIT_ZOMBIE child is only possible if it has exited before we ignored SIGCHLD. Or if it is traced from the parent namespace, but in this case it will be reaped by debugger after detach, sys_wait4() acts as a synchronization point. 3. The comment about TASK_DEAD (EXIT_DEAD in fact) children is outdated. Contrary to what it says we do not need to make sure they all go away after 0a01f2cc390e "pidns: Make the pidns proc mount/umount logic obvious". At the same time, we do need to wait for nr_hashed==init_pids, but the reasons are quite different and not obvious: setns(). Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Aaron Tomlin <atomlin@redhat.com> Cc: Pavel Emelyanov <xemul@parallels.com> Cc: Serge Hallyn <serge.hallyn@ubuntu.com> Cc: Sterling Alexander <stalexan@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2014-12-04T19:34:47Z Al Viro viro@zeniv.linux.org.uk 2014-11-01T06:32:53Z urn:sha1:33c429405a2c8d9e42afb9fee88a63cfb2de1e98 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2014-12-04T19:34:36Z Al Viro viro@zeniv.linux.org.uk 2014-11-01T04:45:45Z urn:sha1:6344c433a452b1a05d03a61a6a85d89f793bb7b8 take struct ns_common *, for now simply wrappers around proc_{alloc,free}_inum() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2014-12-04T19:34:17Z Al Viro viro@zeniv.linux.org.uk 2014-11-01T04:37:32Z urn:sha1:64964528b24ea390824f0e5ce9d34b8d39b28cde We can do that now. And kill ->inum(), while we are at it - all instances are identical. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2014-12-04T19:34:11Z Al Viro viro@zeniv.linux.org.uk 2014-11-01T04:25:30Z urn:sha1:3c0411846118a578de3a979faf2da3ab5fb81179 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2014-12-04T19:31:00Z Al Viro viro@zeniv.linux.org.uk 2014-11-01T02:56:04Z urn:sha1:435d5f4bb2ccba3b791d9ef61d2590e30b8e806e for now - just move corresponding ->proc_inum instances over there Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2014-04-02T23:20:21Z Oleg Nesterov oleg@redhat.com 2014-04-02T15:45:05Z urn:sha1:d23082257d83e4bc89727d5aedee197e907999d2 pidns_get()->get_pid_ns() can hit ns == NULL. This task_struct can't go away, but task_active_pid_ns(task) is NULL if release_task(task) was already called. Alternatively we could change get_pid_ns(ns) to check ns != NULL, but it seems that other callers are fine. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Eric W. Biederman ebiederm@xmission.com> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2013-10-25T03:43:29Z Al Viro viro@zeniv.linux.org.uk 2013-10-03T17:28:06Z urn:sha1:1adfcb03e31ba0d6be5fddf773da4357d0792cbb makes procfs ->premission() instances safety in RCU mode independent from vfsmount_lock. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>