From: Casey Schaufler <casey@schaufler-ca.com>
To: paulmck@linux.vnet.ibm.com
Cc: etienne <etienne.basset@numericable.fr>,
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
paul.moore@hp.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH][SMACK] convert smack rule list to linux list
Date: Sun, 22 Feb 2009 09:54:00 -0800 [thread overview]
Message-ID: <49A19138.5040603@schaufler-ca.com> (raw)
In-Reply-To: <20090222153104.GF6860@linux.vnet.ibm.com>
Paul E. McKenney wrote:
> On Sun, Feb 22, 2009 at 02:14:38PM +0100, etienne wrote:
>
>> Tetsuo Handa wrote:
>>
>>> etienne wrote:
>>>
>>>> diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
>>>> index 2e0b83e..3dc312d 100644
>>>> --- a/security/smack/smack_access.c
>>>> +++ b/security/smack/smack_access.c
>>>> @@ -87,7 +87,6 @@ static u32 smack_next_secid = 10;
>>>> int smk_access(char *subject_label, char *object_label, int request)
>>>> {
>>>> u32 may = MAY_NOT;
>>>> - struct smk_list_entry *sp;
>>>> struct smack_rule *srp;
>>>>
>>>> /*
>>>> @@ -139,8 +138,8 @@ int smk_access(char *subject_label, char *object_label, int request)
>>>> * access (e.g. read is included in readwrite) it's
>>>> * good.
>>>> */
>>>> - for (sp = smack_list; sp != NULL; sp = sp->smk_next) {
>>>> - srp = &sp->smk_rule;
>>>> +
>>>> + list_for_each_entry(srp, &smack_rule_list, list) {
>>>>
>>>> if (srp->smk_subject == subject_label ||
>>>> strcmp(srp->smk_subject, subject_label) == 0) {
>>>>
>>> Use of standard doubly linked list requires a lock, doesn't it?
>>> What lock protects smack_rule_list?
>>>
>>>
>> you're right;
>>
>> what's the best way, using a rcu variant for "list_for_each, container_of ...etc" ?
>> (concurrent list insertion are already protected with a mutex, so rcu must the good idea for the read side)
>>
>
> You want list_for_each_entry_rcu() above. You will need list_add_rcu()
> when adding elements to the list.
>
> Again, if these elements are ever removed, you will need rcu_read_lock()
> and rcu_read_unlock() surrounding their use. Otherwise, an element can
> be freed out from under a reader who is still referencing it.
>
> Thanx, Paul
>
You'll also need to be very careful that the locking is safe to use
in the networking hooks, in particular smack_socket_sock_rcv_skb. The
amount of care required to get the locking correct is a major factor
in the current list implementation.
next prev parent reply other threads:[~2009-02-22 17:54 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-22 11:59 [PATCH][SMACK] convert smack rule list to linux list etienne
2009-02-22 11:40 ` Tetsuo Handa
2009-02-22 13:13 ` Tetsuo Handa
2009-02-22 15:28 ` Paul E. McKenney
2009-02-22 13:14 ` etienne
2009-02-22 13:31 ` Tetsuo Handa
2009-02-22 15:18 ` etienne
2009-02-22 15:31 ` Paul E. McKenney
2009-02-22 17:54 ` Casey Schaufler [this message]
2009-02-22 18:25 ` Paul E. McKenney
[not found] <fa.JI7eCUCI0gjfyTdUdhIf4ZvZn1Q@ifi.uio.no>
[not found] ` <fa.VIgNcVDTCE/wNXrAutvWzCWynf0@ifi.uio.no>
[not found] ` <fa.JLh+cst3ii911Hjql2Um0CktNnM@ifi.uio.no>
[not found] ` <fa.C6JdJ3BhdOO3tiGIAv+XuVpBjBk@ifi.uio.no>
2009-02-22 16:30 ` etienne
2009-02-22 18:24 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49A19138.5040603@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=etienne.basset@numericable.fr \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul.moore@hp.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.