sched_ext: scx_dsq_move() should validate the task belongs to the right scheduler

scx_bpf_dsq_move[_vtime]() calls scx_dsq_move() to move task from a DSQ to
another. However, @p doesn't necessarily have to come form the containing
iteration and can thus be a task which belongs to another scx_sched. Verify
that @p is on the same scx_sched as the DSQ being iterated.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Andrea Righi <arighi@nvidia.com>

diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
index beb0e3443209758012793857cdf35d899ff2dc8c..7d74f7b119caebe60e34340823f0a6cb162a1485 100644 (file)
--- a/kernel/sched/ext.c
+++ b/kernel/sched/ext.c
@@ -6718,8 +6718,8 @@ static const struct btf_kfunc_id_set scx_kfunc_set_enqueue_dispatch = {
 static bool scx_dsq_move(struct bpf_iter_scx_dsq_kern *kit,
                         struct task_struct *p, u64 dsq_id, u64 enq_flags)
 {
-       struct scx_sched *sch = scx_root;
        struct scx_dispatch_q *src_dsq = kit->dsq, *dst_dsq;
+       struct scx_sched *sch = src_dsq->sched;
        struct rq *this_rq, *src_rq, *locked_rq;
        bool dispatched = false;
        bool in_balance;
@@ -6736,6 +6736,11 @@ static bool scx_dsq_move(struct bpf_iter_scx_dsq_kern *kit,
        if (unlikely(READ_ONCE(scx_aborting)))
                return false;
 
+       if (unlikely(!scx_task_on_sched(sch, p))) {
+               scx_error(sch, "scx_bpf_dsq_move[_vtime]() on %s[%d] but the task belongs to a different scheduler",
+                         p->comm, p->pid);
+       }
+
        /*
         * Can be called from either ops.dispatch() locking this_rq() or any
         * context where no rq lock is held. If latter, lock @p's task_rq which