From: "Jose R. Santos" <jrs-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
To: "Serge E. Hallyn" <serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Subject: Re: [PATCH] c/r: Initialize msg_msg security pointer at restart.
Date: Wed, 30 Mar 2011 23:24:35 -0500 [thread overview]
Message-ID: <20110330232435.21bdafc8@gara> (raw)
In-Reply-To: <20110331032954.GA8747-BtbdaCaBcfOTUehee3IRJA@public.gmane.org>
On Wed, 30 Mar 2011 22:29:54 -0500
"Serge E. Hallyn" <serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org> wrote:
> Quoting Jose R. Santos (jrs-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):
> > This small oversight was causing either crashes on free_msg() or
> > restart failures under some message queue workloads.
> >
> > Signed-off-by: Jose R. Santos <jrs-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
>
> What kernel is this?
ckpt-v23-rc1
> Starting with the last line in your context, there is:
>
> /* set default MAC attributes */
> ret = security_msg_msg_alloc(msg);
> if (ret < 0)
> goto out;
>
> which should take care of that. I don't know of an LSM which
> doesn't define msg_msg_alloc() but does define msg_msg_free().
> Do you have a stack trace to show where it was getting
> freed?
Sorry, should have put more details in the patch description. The
problem here is that msg_msg_alloc() in not allocating anything and
thus the msg->security just happens to have what ever random data
that happens to be there after kmalloc was called for this msg. So the
way this usually manifested was during the a second checkpoint/restart.
For example:
run ./mq_test
checkpoint:
Saving the msg with SECURITY_NONE
restart:
Restores the msg content but with msg->security set to
something random (or 0x5a pattern if using DEBUG_SLAB)
second checkpoint:
msg->security not NULL so we proceed in
security_checkpoint_obj() to call security_msg_msg_checkpoint()
second restart:
All sorts of very weird, very different, hard to debug stuff
happens afterwards. :)
Also, If you look at load_msg() in msgutil.c, the msg->security is also
initialized to NULL _before_ calling security_msg_msg_alloc(). Hope
this explains this fix better.
-JRS
next prev parent reply other threads:[~2011-03-31 4:24 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-30 19:10 [PATCH] c/r: Initialize msg_msg security pointer at restart Jose R. Santos
[not found] ` <1301512246-32114-1-git-send-email-jrs-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2011-03-31 3:29 ` Serge E. Hallyn
[not found] ` <20110331032954.GA8747-BtbdaCaBcfOTUehee3IRJA@public.gmane.org>
2011-03-31 4:24 ` Jose R. Santos [this message]
2011-03-31 13:08 ` Serge Hallyn
2011-04-17 0:51 ` Oren Laadan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110330232435.21bdafc8@gara \
--to=jrs-23vcf4htsmix0ybbhkvfkdbpr1lh4cv8@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=serge.hallyn-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.