From: Dave Jones <davej@redhat.com>
To: Paul Moore <paul@paul-moore.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
Linux Kernel <linux-kernel@vger.kernel.org>,
eparis@redhat.com, james.l.morris@oracle.com,
selinux@tycho.nsa.gov
Subject: Re: [PATCH] conditionally reschedule while loading selinux policy.
Date: Thu, 3 Oct 2013 16:40:31 -0400 [thread overview]
Message-ID: <20131003204031.GA25515@redhat.com> (raw)
In-Reply-To: <2297933.rECKfqAcWT@sifl>
On Thu, Oct 03, 2013 at 04:36:10PM -0400, Paul Moore wrote:
> On Monday, September 30, 2013 05:13:42 PM Dave Jones wrote:
> > On Mon, Sep 30, 2013 at 01:37:53PM -0400, Stephen Smalley wrote:
> > > > With that patch applied, the problem seems to have moved elsewhere..
> > >
> > > Sorry, what locks are we holding there? You ought to be able to do a
> > > cond_resched() anywhere during policydb_read() AFAIK; it is loading the
> > > policy into a new structure that isn't being accessed by anything else
> > > yet and the policy_rwlock is only held by security_load_policy after
> > > calling policydb_read and only to switch it into place as the active
> > > policydb.
> >
> > Hmm, I thought I had tried this already, and got a lot of spew, but it turns
> > out for some reason I had previously patched hashtab_search instead.
> >
> > I'll try running with this for a while..
>
> Hi Dave,
>
> Just checking to see if this patch solved your problem ... ?
>
> > diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c
> > index 933e735..2cc4961 100644
> > --- a/security/selinux/ss/hashtab.c
> > +++ b/security/selinux/ss/hashtab.c
> > @@ -6,6 +6,7 @@
> > #include <linux/kernel.h>
> > #include <linux/slab.h>
> > #include <linux/errno.h>
> > +#include <linux/sched.h>
> > #include "hashtab.h"
> >
> > struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, const
> > void *key), @@ -40,6 +41,8 @@ int hashtab_insert(struct hashtab *h, void
> > *key, void *datum) u32 hvalue;
> > struct hashtab_node *prev, *cur, *newnode;
> >
> > + cond_resched();
> > +
> > if (!h || h->nel == HASHTAB_MAX_NODES)
> > return -EINVAL;
I couldn't get a backtrace when I downgraded, and reupgraded my policy,
but that said, I didn't when I tested that way on my first patch either.
It wasn't until I got a newer policy that I saw the 2nd spew.
I was planning on sitting on this until the next policy update just
to confirm.
Dave
next prev parent reply other threads:[~2013-10-03 20:40 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-16 17:30 lockup during selinux policy load Dave Jones
2013-09-16 17:43 ` Stephen Smalley
2013-09-16 18:40 ` [PATCH] conditionally reschedule while loading selinux policy Dave Jones
2013-09-16 18:51 ` Stephen Smalley
2013-09-30 17:24 ` Dave Jones
2013-09-30 17:37 ` Stephen Smalley
2013-09-30 21:13 ` Dave Jones
2013-10-03 20:36 ` Paul Moore
2013-10-03 20:36 ` Paul Moore
2013-10-03 20:40 ` Dave Jones [this message]
2013-10-03 20:49 ` Paul Moore
2013-10-03 20:49 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131003204031.GA25515@redhat.com \
--to=davej@redhat.com \
--cc=eparis@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.