From: "Paul E. McKenney" paulmck@linux.ibm.com
mainline inclusion from mainline-v5.3-rc1 commit d5a9a8c3bc8068f2e5dfba30150ac09b596b461a category: bugfix bugzilla: 187356, https://gitee.com/openeuler/kernel/issues/I5KOZ5 CVE: NA
---------------------------
Currently, if a CPU has more than 10,000 callbacks pending, it will increase rdp->blimit to LONG_MAX. If you are lucky, LONG_MAX is only about two billion, but this is still a bit too many callbacks to invoke back-to-back while otherwise ignoring the world.
This commit therefore sets a maximum limit of DEFAULT_MAX_RCU_BLIMIT, which is set to 10,000, for rdp->blimit.
Reported-by: Sebastian Andrzej Siewior bigeasy@linutronix.de Signed-off-by: Paul E. McKenney paulmck@linux.ibm.com Conflicts: kernel/rcu/tree.c
Signed-off-by: Zhen Lei thunder.leizhen@huawei.com Reviewed-by: Cheng Jian cj.chengjian@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- kernel/rcu/tree.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c index ea05c59096a2..a0dc5385bcbc 100644 --- a/kernel/rcu/tree.c +++ b/kernel/rcu/tree.c @@ -490,7 +490,8 @@ void rcu_all_qs(void) } EXPORT_SYMBOL_GPL(rcu_all_qs);
-#define DEFAULT_RCU_BLIMIT 10 /* Maximum callbacks per rcu_do_batch. */ +#define DEFAULT_RCU_BLIMIT 10 /* Maximum callbacks per rcu_do_batch ... */ +#define DEFAULT_MAX_RCU_BLIMIT 10000 /* ... even during callback flood. */ static long blimit = DEFAULT_RCU_BLIMIT; #define DEFAULT_RCU_QHIMARK 10000 /* If this many pending, ignore blimit. */ static long qhimark = DEFAULT_RCU_QHIMARK; @@ -2604,7 +2605,7 @@ static void rcu_do_batch(struct rcu_state *rsp, struct rcu_data *rdp)
/* Reinstate batch limit if we have worked down the excess. */ count = rcu_segcblist_n_cbs(&rdp->cblist); - if (rdp->blimit == LONG_MAX && count <= qlowmark) + if (rdp->blimit >= DEFAULT_MAX_RCU_BLIMIT && count <= qlowmark) rdp->blimit = blimit;
/* Reset ->qlen_last_fqs_check trigger if enough CBs have drained. */ @@ -2940,7 +2941,7 @@ static void __call_rcu_core(struct rcu_state *rsp, struct rcu_data *rdp, rcu_accelerate_cbs_unlocked(rsp, rdp->mynode, rdp); } else { /* Give the grace period a kick. */ - rdp->blimit = LONG_MAX; + rdp->blimit = DEFAULT_MAX_RCU_BLIMIT; if (rsp->n_force_qs == rdp->n_force_qs_snap && rcu_segcblist_first_pend_cb(&rdp->cblist) != head) force_quiescent_state(rsp);