From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Eric Paris <eparis@parisplace.org>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Mimi Zohar <zohar@us.ibm.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] vfs: fix IMA lockdep circular locking dependency
Date: Thu, 31 May 2012 01:28:02 +0100 [thread overview]
Message-ID: <20120531002802.GA11775@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFzP8Eo1AX7MS-RRG_Atq3NF0bS1ReZydRtgxxy7TDn57Q@mail.gmail.com>
On Wed, May 30, 2012 at 03:51:27PM -0700, Linus Torvalds wrote:
> On Wed, May 30, 2012 at 2:36 PM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> >
> > The only difference is that for file-backed ones !MMU wants
> > VM_MAYEXEC in that file's bdi flags (BDI_CAP_EXEC_MAP). ?And
> > that actually sounds reasonable in !MMU case.
>
> Ok, I don't think it should be strictly necessary, but I guess I don't
> mind either.
>
> > Anyway, I've dumped the variant I've got into vfs.git@security_file_mmap;
> > it should be at commit f12a0fd062b1d259a0b6bc6442019e6d4c45e9f5.
> >
> > Comments?
>
> Two small ones:
>
> - I really don't think you should use "goto out" in
> security_mmap_file(). That implies that you're exiting the function,
> but in fact you're jumping to the very *meat* of the function.
>
> So I think you should rename "out" as "no_added_exec" or something.
FWIW, I think it's cleaner to take the whole thing into an inlined helper.
> And a small question: This code:
>
> + ret = security_mmap_file(file, prot, flags);
> + if (!ret) {
> + down_write(¤t->mm->mmap_sem);
> + retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
> + up_write(¤t->mm->mmap_sem);
> + }
>
> now seems to exist in four places. And in fact, that pretty much seems
> to *be* what vm_mmap() is, at this point. Why isn't there just one
> single vm_mmap() implementation, and then the callers of that?
Umm... Not quite. The difference is that vm_mmap() takes its argument as
offset in bytes, while sys_mmap_pgoff() - in pages.
It can be reorganized a bit, though. vm_mmap() aside, there are only two
callers of do_mmap(), both passing it 0 as the last argument. So let's
lift these checks on offset into vm_mmap() and kill do_mmap() completely -
all that remains of it would be a call of do_mmap_pgoff(). And there's no
reason to put those sanity checks (now in vm_mmap()) under ->mmap_sem,
of course. At that point we *do* get 4 identical pieces of code. Let's
call that vm_mmap_pgoff() and put it (and vm_mmap()) to mm/util.c. Voila...
I've pushed that to the same place (vfs.git#security_file_mmap). Should
propagate to git.kernel.org in a few... Guys, does anybody have objections
about the way it looks?
next prev parent reply other threads:[~2012-05-31 0:28 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-14 2:47 [PATCH] vfs: fix IMA lockdep circular locking dependency Mimi Zohar
2012-05-15 0:29 ` James Morris
2012-05-15 0:51 ` Mimi Zohar
2012-05-15 15:14 ` James Morris
2012-05-15 16:06 ` Mimi Zohar
2012-05-15 17:19 ` Linus Torvalds
2012-05-15 18:36 ` Mimi Zohar
2012-05-15 18:41 ` Linus Torvalds
2012-05-15 19:42 ` Eric Paris
2012-05-15 20:07 ` Mimi Zohar
2012-05-15 21:43 ` Linus Torvalds
2012-05-16 0:37 ` Linus Torvalds
2012-05-16 0:42 ` Al Viro
2012-05-16 0:45 ` Linus Torvalds
2012-05-16 1:53 ` Linus Torvalds
2012-05-16 11:37 ` James Morris
2012-05-16 11:38 ` James Morris
2012-05-16 13:27 ` Mimi Zohar
2012-05-16 13:42 ` Eric Paris
2012-05-16 13:52 ` Mimi Zohar
2012-05-16 14:06 ` Eric Paris
2012-05-16 15:23 ` Linus Torvalds
2012-05-16 15:47 ` Mimi Zohar
2012-05-16 16:09 ` Linus Torvalds
2012-05-16 2:18 ` Al Viro
2012-05-23 21:18 ` Mimi Zohar
2012-05-30 4:34 ` Al Viro
2012-05-30 16:36 ` Al Viro
2012-05-30 19:42 ` Eric Paris
2012-05-30 20:24 ` Al Viro
2012-05-30 20:28 ` Linus Torvalds
2012-05-30 20:56 ` Al Viro
2012-05-30 21:04 ` Linus Torvalds
2012-05-30 21:36 ` Al Viro
2012-05-30 22:51 ` Linus Torvalds
2012-05-31 0:28 ` Al Viro [this message]
2012-05-31 0:40 ` Linus Torvalds
2012-05-31 0:56 ` Al Viro
2012-05-31 3:55 ` Mimi Zohar
2012-05-31 4:20 ` James Morris
2012-05-30 20:33 ` Mimi Zohar
2012-05-30 20:53 ` Al Viro
2012-05-16 14:13 ` Eric Paris
2012-05-16 15:13 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120531002802.GA11775@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=eparis@parisplace.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=zohar@linux.vnet.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.