stack: drop early free optimization

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

2 files changed, 158 insertions, 2 deletions

diff --git a/queue/Revert-sched-core-Free-the-stack-early-if-CONFIG_THR.patch b/queue/Revert-sched-core-Free-the-stack-early-if-CONFIG_THR.patch
new file mode 100644
index 0000000..ab51bc7
--- /dev/null
+++ b/queue/Revert-sched-core-Free-the-stack-early-if-CONFIG_THR.patch
@@ -0,0 +1,156 @@
+From 78238173cce6ca638e243b2de2f497cbe2ef8286 Mon Sep 17 00:00:00 2001
+From: Paul Gortmaker <paul.gortmaker@windriver.com>
+Date: Tue, 6 Mar 2018 17:32:39 -0500
+Subject: [PATCH] Revert "sched/core: Free the stack early if
+ CONFIG_THREAD_INFO_IN_TASK"
+
+This reverts commit f585ac3be9123dfe65cf43d3114d935cdf9e6266.
+(was commit 68f24b08ee892d47bdef925d676e1ae1ccc316f8 upstream.)
+
+Since this commit was not strictly required to establish the context
+needed to apply some of the more complex CVE patches in the last
+release, and since it is actually an optimization and not really
+a fix, we revert it.
+
+The decision to do this was partly based on finding it caused issues
+in conjunction with preempt-rt patches, and historically we have found
+that preempt-rt finds issues that are in mainline that are just simply
+harder to trigger.
+
+Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
+
+diff --git a/include/linux/init_task.h b/include/linux/init_task.h
+index 8af70bcc799b..ab4d4b5b092b 100644
+--- a/include/linux/init_task.h
++++ b/include/linux/init_task.h
+@@ -192,9 +192,7 @@ extern struct task_group root_task_group;
+ #endif
+ 
+ #ifdef CONFIG_THREAD_INFO_IN_TASK
+-# define INIT_TASK_TI(tsk)			\
+-	.thread_info = INIT_THREAD_INFO(tsk),	\
+-	.stack_refcount = ATOMIC_INIT(1),
++# define INIT_TASK_TI(tsk) .thread_info = INIT_THREAD_INFO(tsk),
+ #else
+ # define INIT_TASK_TI(tsk)
+ #endif
+diff --git a/include/linux/sched.h b/include/linux/sched.h
+index b263956f5aa1..0b762e939885 100644
+--- a/include/linux/sched.h
++++ b/include/linux/sched.h
+@@ -1989,10 +1989,6 @@ struct task_struct {
+ #ifdef CONFIG_VMAP_STACK
+ 	struct vm_struct *stack_vm_area;
+ #endif
+-#ifdef CONFIG_THREAD_INFO_IN_TASK
+-	/* A live task holds one reference. */
+-	atomic_t stack_refcount;
+-#endif
+ /* CPU-specific state of this task */
+ 	struct thread_struct thread;
+ /*
+@@ -3222,22 +3218,12 @@ static inline unsigned long *end_of_stack(struct task_struct *p)
+ 
+ #endif
+ 
+-#ifdef CONFIG_THREAD_INFO_IN_TASK
+-static inline void *try_get_task_stack(struct task_struct *tsk)
+-{
+-	return atomic_inc_not_zero(&tsk->stack_refcount) ?
+-		task_stack_page(tsk) : NULL;
+-}
+-
+-extern void put_task_stack(struct task_struct *tsk);
+-#else
+ static inline void *try_get_task_stack(struct task_struct *tsk)
+ {
+ 	return task_stack_page(tsk);
+ }
+ 
+ static inline void put_task_stack(struct task_struct *tsk) {}
+-#endif
+ 
+ #define task_stack_end_corrupted(task) \
+ 		(*(end_of_stack(task)) != STACK_END_MAGIC)
+diff --git a/kernel/fork.c b/kernel/fork.c
+index bf60a25c10fc..e5a54ff50839 100644
+--- a/kernel/fork.c
++++ b/kernel/fork.c
+@@ -313,40 +313,11 @@ static void account_kernel_stack(struct task_struct *tsk, int account)
+ 	}
+ }
+ 
+-static void release_task_stack(struct task_struct *tsk)
++void free_task(struct task_struct *tsk)
+ {
+ 	account_kernel_stack(tsk, -1);
+ 	arch_release_thread_stack(tsk->stack);
+ 	free_thread_stack(tsk);
+-	tsk->stack = NULL;
+-#ifdef CONFIG_VMAP_STACK
+-	tsk->stack_vm_area = NULL;
+-#endif
+-}
+-
+-#ifdef CONFIG_THREAD_INFO_IN_TASK
+-void put_task_stack(struct task_struct *tsk)
+-{
+-	if (atomic_dec_and_test(&tsk->stack_refcount))
+-		release_task_stack(tsk);
+-}
+-#endif
+-
+-void free_task(struct task_struct *tsk)
+-{
+-#ifndef CONFIG_THREAD_INFO_IN_TASK
+-	/*
+-	 * The task is finally done with both the stack and thread_info,
+-	 * so free both.
+-	 */
+-	release_task_stack(tsk);
+-#else
+-	/*
+-	 * If the task had a separate stack allocation, it should be gone
+-	 * by now.
+-	 */
+-	WARN_ON_ONCE(atomic_read(&tsk->stack_refcount) != 0);
+-#endif
+ 	rt_mutex_debug_task_free(tsk);
+ 	ftrace_graph_exit_task(tsk);
+ 	put_seccomp_filter(tsk);
+@@ -497,9 +468,6 @@ static struct task_struct *dup_task_struct(struct task_struct *orig, int node)
+ #ifdef CONFIG_VMAP_STACK
+ 	tsk->stack_vm_area = stack_vm_area;
+ #endif
+-#ifdef CONFIG_THREAD_INFO_IN_TASK
+-	atomic_set(&tsk->stack_refcount, 1);
+-#endif
+ 
+ 	if (err)
+ 		goto free_stack;
+@@ -1880,7 +1848,6 @@ bad_fork_cleanup_count:
+ 	atomic_dec(&p->cred->user->processes);
+ 	exit_creds(p);
+ bad_fork_free:
+-	put_task_stack(p);
+ 	free_task(p);
+ fork_out:
+ 	return ERR_PTR(retval);
+diff --git a/kernel/sched/core.c b/kernel/sched/core.c
+index fc8d07a79766..55aafcff5810 100644
+--- a/kernel/sched/core.c
++++ b/kernel/sched/core.c
+@@ -2900,10 +2900,6 @@ static struct rq *finish_task_switch(struct task_struct *prev)
+ 		 * task and put them back on the free list.
+ 		 */
+ 		kprobe_flush_task(prev);
+-
+-		/* Task is done with its stack. */
+-		put_task_stack(prev);
+-
+ 		put_task_struct(prev);
+ 	}
+ 
+-- 
+2.15.0
+
diff --git a/queue/series b/queue/series
index 5051e98..9bc6716 100644
--- a/queue/series
+++ b/queue/series
@@ -1,3 +1,5 @@
+Revert-sched-core-Free-the-stack-early-if-CONFIG_THR.patch
+
 # v4.9-rc1~160^2~60
 dma-api-Teach-the-DMA-from-stack-check-about-vmapped.patch
 # v4.9-rc1~160^2~21
@@ -10,8 +12,6 @@ x86-dumpstack-Pin-the-target-stack-when-dumping-it.patch
 x86-process-Pin-the-target-stack-in-get_wchan.patch
 # v4.9-rc1~160^2~15
 lib-syscall-Pin-the-task-stack-in-collect_syscall.patch
-# v4.9-rc1~160^2~14
-# sched/core: Free the stack early if CONFIG_THREAD_INFO_IN_TASK
 
 # v4.9-rc3~24^2~9
 mm-kmemleak-ensure-that-the-task-stack-is-not-freed-.patch