Re: [PATCH v2] kernel: audit_tree: resource management: need put_tree and goto Err when failure occures

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Chen Gang <gang.chen@asianux.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Eric Paris <eparis@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2] kernel: audit_tree: resource management: need put_tree and goto Err when failure occures
Date: Fri, 10 May 2013 19:29:00 +0800	[thread overview]
Message-ID: <518CD9FC.5040605@asianux.com> (raw)
In-Reply-To: <518CC2EA.8080604@asianux.com>

On 05/10/2013 05:50 PM, Chen Gang wrote:
> On 05/10/2013 10:08 AM, Chen Gang wrote:
>> On 05/10/2013 04:11 AM, Andrew Morton wrote:
>>>>>>>> For me, after 'rule->tree = NULL', all things seems fine !!
>>>> Well, what was wrong before?  Is there some user-triggerable
>>>> misbehaviour which you observed?  If so, please describe it.
>>>>
>>>>
>>>>
> 

Oh, sorry again, the 'postponed' in evict_chunk() still has a chance to
be NULL: firstly, 'audit_context->in_syscall' also checked in
audit_killed_trees(), and also not all tasks are generated by do_fork().

But really, for most cases, the 'postponed' is not NULL, so my test case
can not cause issue.

Currently, I just force 'postponed' to be NULL to see the test result... :-)

It seems my original fix is still useful ! ;-)

Thanks.

> Oh, sorry, after have a test, the original code is no issue (it is my
> fault).
> 
> When the deleting work flow call evict_chunk(), I assume that the
> 'postponed' can be NULL (at least, in some condition, it can), so
> kill_rules() can be called directly. But in fact, 'postponed' will
> never be NULL:
> 
>   audit_tree depend on CONFIG_AUDIT_TREE which depend on CONFIG_AUDITSYSCALL.
>   if CONFIG_AUDITSYSCALL defined.
>     do_fork() -> copy_process() -> audit_alloc() -> alloc 'audit_context'.
>     so the audit_killed_tree() will return valid pointer to 'postponed'.
> 
>   although already have quite a few code for 'postponed == NULL', they are really useless now.
> 
> I also read all other work flow which related with kill_rule(), I can
> not find any of them can lead audit_add_tree_rule() to cause issue: all
> work flow related with kill_rule() are protected by audit_cmd_mutex now.
> 
> 
> Test plan:
>   code preparation:
>     define a flag varaible.
>     wait the flag to be true, before lock 'audit_filter_mutex' again. in audit_add_tree_rule()
>     when evict_trunc() finish, set the flag true.
>   firstly start: 'rm -rvf /tmp/gchen/linux-next'
>   then start: 'audit -w /tmp/gchen/linux-next/drivers/char'
>     (notice the order should not be changed, or all system call will be locked)
> 
> Test result:
>   the evict_chunk() will not call kill_rule() directly, so no issues.
>   the output sample result like this: ('printk' the related information)
> 
> ---------------------------sample begin-----------------------------
> 
> [   85.455891] gchen_tag: ffff880099f0ddc0, audit_init_entry(): create entry: ffff880097ca2800
> [   85.455900] gchen_tag: ffff880099f0ddc0, audit_receive_filter(): before call, type: 1011
> [   85.455903] gchen_tag: ffff880099f0ddc0, audit_add_tree_rule(): enter function
> [   85.455927] ida_remove called for id=0 which is not allocated.
> [   85.455935] gchen_tag: ffff880099f0ddc0, audit_add_tree_rule(): begin waiting 100...., rule: ffff880097ca2820
> [   91.425947] gchen_tag: ffff880097995dc0, fsnotify_clear_marks_by_inode(): set audit_test_count = true
> [   91.425960] gchen_tag: ffff880099f0ddc0, audit_add_tree_rule(): end waiting, rule: ffff880097ca2820
> [   91.426055] gchen_tag: ffff880099f0ddc0, audit_receive_filter(): after call for succeed, type: 1011
> [   91.426558] gchen_tag: ffff880097995dc0, kill_rules(): list_del_init, rule: ffff880097ca2820, tree: ffff880099dfff00
> [   91.426564] gchen_tag: ffff880097995dc0, kill_rules(): remove entry: ffff880097ca2800
> [   91.431023] gchen_tag: ffff880097995dc0, audit_free_rule(): remove entry: ffff880097ca2800
> 
> ---------------------------sample end-------------------------------
> 
> 
> Now, my original fix makes the related code consistent, but the related
> code maybe be useless now (if what I said is true, in audit, quite a
> few of code are useless for this reason).
> 
> I can not be sure whether these useless code will be used, in the
> future (whether let AUDIT_TREE and AUDIT_WATCH independent on
> AUDIT_SYSCALL in the future).
> 
> If it will be used in the future, my fix is useful too, else we'd
> better to delete the related useless code.
> 
> Thanks.
> 
>> I think, it will cause issue (randomly): if when we are using auditctl
>> to add rule to monitor one file, and at the same time, the other user is
>> just deleting this file.
>>
>> I guess, it is why original code need 'if (list_empty(&rule->rlist))'
>> after lock 'audit_filter_mutex' again.
>>
>> Currently, I am just testing for it (and should give a test), and I will
>> send the test plan and test result within this week (2013-05-12).
>>
>>
>> Thanks.
>>
>> -- Chen Gang Asianux Corporation
>>
> 
> 


-- 
Chen Gang

Asianux Corporation

next prev parent reply	other threads:[~2013-05-10 11:29 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-19  9:39 [PATCH] kernel/audit_tree.c: tree will memory leak when failure occurs for audit_trim_trees() Chen Gang
2013-04-22 23:04 ` Andrew Morton
2013-04-23  1:46   ` Chen Gang
2013-05-06  7:41   ` [PATCH kernel-next] kernel/audit_tree.c: fix the original version merging issue for put_tree() Chen Gang
2013-05-09 12:53   ` [PATCH v2] kernel: audit_tree: resource management: need put_tree and goto Err when failure occures Chen Gang
2013-05-09 20:11     ` Andrew Morton
2013-05-10  2:08       ` Chen Gang
2013-05-10  9:50         ` Chen Gang
2013-05-10 11:29           ` Chen Gang [this message]
2013-05-13  2:54             ` Chen Gang
  -- strict thread matches above, loose matches on Subject: below --
2013-04-12  4:43 [PATCH] " Chen Gang
2013-04-16  7:35 ` Chen Gang
2013-04-17  4:04   ` [PATCH v2] " Chen Gang
2013-04-17 20:07     ` Andrew Morton
2013-04-18  1:19       ` Chen Gang F T
2013-04-20  7:31         ` Chen Gang
2013-04-23  3:51           ` Chen Gang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=518CD9FC.5040605@asianux.com \
    --to=gang.chen@asianux.com \
    --cc=akpm@linux-foundation.org \
    --cc=eparis@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.