tools/sched_ext: scx_central: fix CPU_SET and skeleton leak on early exit

Use CPU_SET_S() instead of CPU_SET() on the dynamically allocated
cpuset to avoid a potential out-of-bounds write when nr_cpu_ids
exceeds CPU_SETSIZE.

Also destroy the skeleton before returning on invalid central CPU ID
to prevent a resource leak.

Signed-off-by: David Carlier <devnexen@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>

diff --git a/tools/sched_ext/scx_central.c b/tools/sched_ext/scx_central.c
index a6dfd45..39f21b0 100644 (file)
--- a/tools/sched_ext/scx_central.c
+++ b/tools/sched_ext/scx_central.c
@@ -74,6 +74,7 @@ restart:
                        u32 central_cpu = strtoul(optarg, NULL, 0);
                        if (central_cpu >= skel->rodata->nr_cpu_ids) {
                                fprintf(stderr, "invalid central CPU id value, %u given (%u max)\n", central_cpu, skel->rodata->nr_cpu_ids);
+                               scx_central__destroy(skel);
                                return -1;
                        }
                        skel->rodata->central_cpu = (s32)central_cpu;
@@ -109,7 +110,7 @@ restart:
        SCX_BUG_ON(!cpuset, "Failed to allocate cpuset");
        cpuset_size = CPU_ALLOC_SIZE(skel->rodata->nr_cpu_ids);
        CPU_ZERO_S(cpuset_size, cpuset);
-       CPU_SET(skel->rodata->central_cpu, cpuset);
+       CPU_SET_S(skel->rodata->central_cpu, cpuset_size, cpuset);
        SCX_BUG_ON(sched_setaffinity(0, cpuset_size, cpuset),
                   "Failed to affinitize to central CPU %d (max %d)",
                   skel->rodata->central_cpu, skel->rodata->nr_cpu_ids - 1);