From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: sekharan@linux.vnet.ibm.com
Cc: Christoph Hellwig <hch@infradead.org>,
Eric Paris <eparis@parisplace.org>,
linux-security-module@vger.kernel.org,
XFS Mailing List <xfs@oss.sgi.com>
Subject: Re: [PATCH] security: Delay freeing inode->i_security till the end of RCU grace period
Date: Tue, 06 Dec 2011 11:44:39 -0500 [thread overview]
Message-ID: <1323189880.2165.43.camel@falcor> (raw)
In-Reply-To: <1323187778.31919.1469.camel@chandra-lucid.austin.ibm.com>
On Tue, 2011-12-06 at 10:09 -0600, MAILER-DAEMON wrote:
> On Tue, 2011-12-06 at 10:14 -0500, Christoph Hellwig wrote:
> > On Mon, Dec 05, 2011 at 12:42:21PM -0600, Chandra Seetharaman wrote:
> > > while running test case 234 from xfstests test suite, I was getting an
> > > occational memory fault in inode_has_perm() with the following stack
> >
> > Interesting. Given that have no good way to free other data with the
> > normal inode callback it looks like we indeed need to do this
> > separately.
> >
> > What about IMA or similar monsters? Posix ACLs already are covered at
> > least.
> >
>
> Hi Christoph,
>
> The problem is pretty much located in the function
> fs/inode.c:destroy_inode(), which calls __destroy_inode(), which does
> the freeing, and then does the call_rcu() on the inode.
>
> I looked at all the functions in __destroy_inode() and found only
> security_inode_free() to be problematic. Others would handle the
> situation gracefully.
>
> Sorry for the lack of knowledge. what is IMA ?
>
> Chandra
security_inode_free() calls security/integrity/iint.c:
integrity_inode_free(), which frees the 'iint'. For more information on
IMA, refer to linux-ima.sf.net.
thanks,
Mimi
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2011-12-06 16:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-05 18:42 [PATCH] security: Delay freeing inode->i_security till the end of RCU grace period Chandra Seetharaman
2011-12-06 15:14 ` Christoph Hellwig
2011-12-06 16:09 ` Chandra Seetharaman
2011-12-06 16:44 ` Mimi Zohar [this message]
2011-12-06 16:30 ` Mimi Zohar
2011-12-06 17:04 ` Chandra Seetharaman
2011-12-06 19:45 ` Mimi Zohar
2011-12-06 22:28 ` Chandra Seetharaman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1323189880.2165.43.camel@falcor \
--to=zohar@linux.vnet.ibm.com \
--cc=eparis@parisplace.org \
--cc=hch@infradead.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sekharan@linux.vnet.ibm.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox