From: Yang Yingliang yangyingliang@huawei.com
mainline inclusion from mainline-v6.11-rc1 commit e22f910a26cc2a3ac9c66b8e935ef2a7dd881117 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAOXYI CVE: CVE-2024-44958
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
I got the following warn report while doing stress test:
jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0 Call Trace: <TASK> __static_key_slow_dec_cpuslocked+0x16/0x70 sched_cpu_deactivate+0x26e/0x2a0 cpuhp_invoke_callback+0x3ad/0x10d0 cpuhp_thread_fun+0x3f5/0x680 smpboot_thread_fn+0x56d/0x8d0 kthread+0x309/0x400 ret_from_fork+0x41/0x70 ret_from_fork_asm+0x1b/0x30 </TASK>
Because when cpuset_cpu_inactive() fails in sched_cpu_deactivate(), the cpu offline failed, but sched_smt_present is decremented before calling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so fix it by incrementing sched_smt_present in the error path.
Fixes: c5511d03ec09 ("sched/smt: Make sched_smt_present track topology") Cc: stable@kernel.org Signed-off-by: Yang Yingliang yangyingliang@huawei.com Signed-off-by: Peter Zijlstra (Intel) peterz@infradead.org Reviewed-by: Chen Yu yu.c.chen@intel.com Reviewed-by: Tim Chen tim.c.chen@linux.intel.com Link: https://lore.kernel.org/r/20240703031610.587047-3-yangyingliang@huaweicloud....
Conflicts: kernel/sched/core.c [Some contexts around sched_cpu_deactivate different. No functional impact.] Signed-off-by: Zheng Zucheng zhengzucheng@huawei.com --- kernel/sched/core.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c index 4e478cc7612c..b0627d8d9980 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -5907,6 +5907,7 @@ int sched_cpu_deactivate(unsigned int cpu)
ret = cpuset_cpu_inactive(cpu); if (ret) { + sched_smt_present_inc(cpu); set_cpu_active(cpu, true); return ret; }