All of lore.kernel.org
 help / color / mirror / Atom feed
From: Breno Leitao <leitao@debian.org>
To: John Johansen <john.johansen@canonical.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	James Morris <jmorris@namei.org>,
	LSM List <linux-security-module@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	"Paul E. McKenney" <paulmck@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>
Subject: Re: apparmor: WARNING: suspicious RCU usage
Date: Sat, 5 Jul 2025 16:47:40 +0100	[thread overview]
Message-ID: <aGlJHJpMk__IHNKp@gmail.com> (raw)
In-Reply-To: <4dbd0e0d-b1a3-8a06-5f65-bdcbb76fccee@canonical.com>

On Tue, Sep 21, 2021 at 02:23:19PM -0700, John Johansen wrote:
> On 9/21/21 1:32 AM, Thomas Gleixner wrote:
> > 
> > Running with CONFIG_PROVE_RCU_LIST triggers the following splat:
> > 
> > [    6.805926] =============================
> > [    6.806848] WARNING: suspicious RCU usage
> > [    6.807738] 5.15.0-rc2+ #24 Tainted: G            E    
> > [    6.808860] -----------------------------
> > [    6.809734] security/apparmor/include/lib.h:191 RCU-list traversed in non-reader section!!
> > [    6.811508] 
> >                other info that might help us debug this:
> > 
> > [    6.811516] 
> >                rcu_scheduler_active = 2, debug_locks = 1
> > [    6.811527] 2 locks held by apparmor_parser/1897:
> > [    6.811530]  #0: ffff88885f139450 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x68/0xe0
> > [    6.816110]  #1: ffff8881000578a0 (&ns->lock){+.+.}-{3:3}, at: aa_replace_profiles+0x16d/0x11e0
> > [    6.817418] 
> >                stack backtrace:
> > [    6.818086] CPU: 38 PID: 1897 Comm: apparmor_parser Tainted: G            E     5.15.0-rc2+ #24
> > [    6.819359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
> > [    6.820536] Call Trace:
> > [    6.820918]  dump_stack_lvl+0x57/0x72
> > [    6.821499]  __lookupn_profile+0x193/0x1a0
> > [    6.822461]  aa_replace_profiles+0x395/0x11e0
> > [    6.823448]  policy_update+0x13f/0x240
> > [    6.824326]  profile_replace+0xb1/0x120
> > [    6.825213]  vfs_write+0xe4/0x3b0
> > [    6.826027]  ksys_write+0x68/0xe0
> > [    6.826576]  do_syscall_64+0x3b/0x90
> > [    6.827099]  entry_SYSCALL_64_after_hwframe+0x44/0xae
> > 
> > which is pretty obvious because aa_replace_profile() invokes:
> > 
> >     __lookup_replace()
> >       __lookup_profile()
> >         __strn_find_child()
> >           __policy_strn_find()
> >             list_for_each_entry_rcu()  <- Splat
> > 
> > The code is "correct" as this is the writer side and holding ns->lock,
> > but it's incorrect to use list_for_each_entry_rcu() without being in a
> > read side critical section unless it is properly annotated.
> > 
> > Same problem in the same function vs. __lookup_parent() and there are
> > more issues of that sort, e.g. vs. __lookup_profile() in
> > aa_remove_profiles().
> > 
> thanks Thomas, I look into it

I just hit this issue as well, and I got the same feeling as Thomas.

Quickly looking at the code, I think you need to pass an extra argument
to list_for_each_entry_rcu() that the ns->lock is held, silenting the
warning.

Maybe being able to get "struct aa_ns *ns" in __policy_strn_find() and
pass a lockdep_is_held(ns->lock) might be the most straight-forward
solution.

      reply	other threads:[~2025-07-05 15:47 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-21  8:32 apparmor: WARNING: suspicious RCU usage Thomas Gleixner
2021-09-21 21:23 ` John Johansen
2025-07-05 15:47   ` Breno Leitao [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aGlJHJpMk__IHNKp@gmail.com \
    --to=leitao@debian.org \
    --cc=jmorris@namei.org \
    --cc=john.johansen@canonical.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paulmck@kernel.org \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.