From: Huaixin Chang changhuaixin@linux.alibaba.com
anolis inclusion from anolis_master commit 9d168f216486333f24aa1b33706eddf3b13d7228 category: performance bugzilla: NA CVE: NA ---------------------------
Kernel limitation on cpu.cfs_quota_us is insufficient. Some large numbers might cause overflow in to_ratio() calculation and produce unexpected results.
For example, if we make two cpu cgroups and then write a reasonable value and a large value into child's and parent's cpu.cfs_quota_us. This will cause a write error.
cd /sys/fs/cgroup/cpu mkdir parent; mkdir parent/child echo 8000 > parent/child/cpu.cfs_quota_us # 17592186044416 is (1UL << 44) echo 17592186044416 > parent/cpu.cfs_quota_us
In this case, quota will overflow and thus fail the __cfs_schedulable check. Similar overflow also affects rt bandwidth.
Burstable CFS bandwidth controller will also benefit from limiting quota.
Change-Id: I0f89d1f26b168c5cfa041e886395c7f3068114ae Reviewed-by: Shanpei Chen shanpeic@linux.alibaba.com Signed-off-by: Huaixin Chang changhuaixin@linux.alibaba.com Signed-off-by: Zhengyuan Liu liuzhengyuan@kylinos.cn --- kernel/sched/core.c | 8 ++++++++ kernel/sched/rt.c | 9 +++++++++ kernel/sched/sched.h | 2 ++ 3 files changed, 19 insertions(+)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c index 36d7422da0ac..51fdd30f188a 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -6679,6 +6679,8 @@ static DEFINE_MUTEX(cfs_constraints_mutex);
const u64 max_cfs_quota_period = 1 * NSEC_PER_SEC; /* 1s */ const u64 min_cfs_quota_period = 1 * NSEC_PER_MSEC; /* 1ms */ +/* More than 203 days if BW_SHIFT equals 20. */ +const u64 max_cfs_runtime = MAX_BW_USEC * NSEC_PER_USEC;
static int __cfs_schedulable(struct task_group *tg, u64 period, u64 runtime);
@@ -6706,6 +6708,12 @@ static int tg_set_cfs_bandwidth(struct task_group *tg, u64 period, u64 quota) if (period > max_cfs_quota_period) return -EINVAL;
+ /* + * Bound quota to defend quota against overflow during bandwidth shift. + */ + if (quota != RUNTIME_INF && quota > max_cfs_runtime) + return -EINVAL; + /* * Prevent race between setting of cfs_rq->runtime_enabled and * unthrottle_offline_cfs_rqs(). diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index 301ba04d9130..f31e0aaf1f43 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -2518,6 +2518,9 @@ static int __rt_schedulable(struct task_group *tg, u64 period, u64 runtime) return ret; }
+/* More than 203 days if BW_SHIFT equals 20. */ +static const u64 max_rt_runtime = MAX_BW_USEC * NSEC_PER_USEC; + static int tg_set_rt_bandwidth(struct task_group *tg, u64 rt_period, u64 rt_runtime) { @@ -2534,6 +2537,12 @@ static int tg_set_rt_bandwidth(struct task_group *tg, if (rt_period == 0) return -EINVAL;
+ /* + * Bound quota to defend quota against overflow during bandwidth shift. + */ + if (rt_runtime != RUNTIME_INF && rt_runtime > max_rt_runtime) + return -EINVAL; + mutex_lock(&rt_constraints_mutex); read_lock(&tasklist_lock); err = __rt_schedulable(tg, rt_period, rt_runtime); diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h index ae3068153093..f3808a49ce48 100644 --- a/kernel/sched/sched.h +++ b/kernel/sched/sched.h @@ -1732,6 +1732,8 @@ extern void init_dl_rq_bw_ratio(struct dl_rq *dl_rq); #define BW_SHIFT 20 #define BW_UNIT (1 << BW_SHIFT) #define RATIO_SHIFT 8 +#define MAX_BW_BITS (64 - BW_SHIFT) +#define MAX_BW_USEC ((1UL << MAX_BW_BITS) - 1) unsigned long to_ratio(u64 period, u64 runtime);
extern void init_entity_runnable_average(struct sched_entity *se);