summaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorShaohua Li <shli@fb.com>2017-11-07 22:09:50 +0300
committerJens Axboe <axboe@kernel.dk>2017-11-11 05:53:25 +0300
commite10237cc76ef9a4066a84aa2cc710bfd708cc341 (patch)
tree6e096297e263119d7c6b80f7e8ff538827e04e3f /kernel
parent18c53e40487f56369c3ba9331ec3597d9b48d97c (diff)
downloadlinux-e10237cc76ef9a4066a84aa2cc710bfd708cc341.tar.xz
kthread: zero the kthread data structure
kthread() could bail out early before we initialize blkcg_css (if the kthread is killed very early. Please see xchg() statement in kthread()), which confuses free_kthread_struct. Instead of moving the blkcg_css initialization early, we simply zero the whole 'self' data structure, which doesn't sound much overhead. Reported-by: syzbot <syzkaller@googlegroups.com> Fixes: 05e3db95ebfc ("kthread: add a mechanism to store cgroup info") Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Ingo Molnar <mingo@kernel.org> Cc: Dmitry Vyukov <dvyukov@google.com> Acked-by: Tejun Heo <tj@kernel.org> Signed-off-by: Shaohua Li <shli@fb.com> Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/kthread.c6
1 files changed, 1 insertions, 5 deletions
diff --git a/kernel/kthread.c b/kernel/kthread.c
index f87cd8b4eb2a..8dbe2454cb1d 100644
--- a/kernel/kthread.c
+++ b/kernel/kthread.c
@@ -204,7 +204,7 @@ static int kthread(void *_create)
struct kthread *self;
int ret;
- self = kmalloc(sizeof(*self), GFP_KERNEL);
+ self = kzalloc(sizeof(*self), GFP_KERNEL);
set_kthread_struct(self);
/* If user was SIGKILLed, I release the structure. */
@@ -220,13 +220,9 @@ static int kthread(void *_create)
do_exit(-ENOMEM);
}
- self->flags = 0;
self->data = data;
init_completion(&self->exited);
init_completion(&self->parked);
-#ifdef CONFIG_BLK_CGROUP
- self->blkcg_css = NULL;
-#endif
current->vfork_done = &self->exited;
/* OK, tell user we're spawned, wait for stop or wakeup */