From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Eric Paris <eparis@parisplace.org>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Mimi Zohar <zohar@us.ibm.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] vfs: fix IMA lockdep circular locking dependency
Date: Thu, 31 May 2012 01:28:02 +0100 [thread overview]
Message-ID: <20120531002802.GA11775@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFzP8Eo1AX7MS-RRG_Atq3NF0bS1ReZydRtgxxy7TDn57Q@mail.gmail.com>
On Wed, May 30, 2012 at 03:51:27PM -0700, Linus Torvalds wrote:
> On Wed, May 30, 2012 at 2:36 PM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> >
> > The only difference is that for file-backed ones !MMU wants
> > VM_MAYEXEC in that file's bdi flags (BDI_CAP_EXEC_MAP). ?And
> > that actually sounds reasonable in !MMU case.
>
> Ok, I don't think it should be strictly necessary, but I guess I don't
> mind either.
>
> > Anyway, I've dumped the variant I've got into vfs.git@security_file_mmap;
> > it should be at commit f12a0fd062b1d259a0b6bc6442019e6d4c45e9f5.
> >
> > Comments?
>
> Two small ones:
>
> - I really don't think you should use "goto out" in
> security_mmap_file(). That implies that you're exiting the function,
> but in fact you're jumping to the very *meat* of the function.
>
> So I think you should rename "out" as "no_added_exec" or something.
FWIW, I think it's cleaner to take the whole thing into an inlined helper.
> And a small question: This code:
>
> + ret = security_mmap_file(file, prot, flags);
> + if (!ret) {
> + down_write(¤t->mm->mmap_sem);
> + retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
> + up_write(¤t->mm->mmap_sem);
> + }
>
> now seems to exist in four places. And in fact, that pretty much seems
> to *be* what vm_mmap() is, at this point. Why isn't there just one
> single vm_mmap() implementation, and then the callers of that?
Umm... Not quite. The difference is that vm_mmap() takes its argument as
offset in bytes, while sys_mmap_pgoff() - in pages.
It can be reorganized a bit, though. vm_mmap() aside, there are only two
callers of do_mmap(), both passing it 0 as the last argument. So let's
lift these checks on offset into vm_mmap() and kill do_mmap() completely -
all that remains of it would be a call of do_mmap_pgoff(). And there's no
reason to put those sanity checks (now in vm_mmap()) under ->mmap_sem,
of course. At that point we *do* get 4 identical pieces of code. Let's
call that vm_mmap_pgoff() and put it (and vm_mmap()) to mm/util.c. Voila...
I've pushed that to the same place (vfs.git#security_file_mmap). Should
propagate to git.kernel.org in a few... Guys, does anybody have objections
about the way it looks?
next prev parent reply other threads:[~2012-05-31 0:28 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-14 2:47 [PATCH] vfs: fix IMA lockdep circular locking dependency Mimi Zohar
2012-05-15 0:29 ` James Morris
2012-05-15 0:51 ` Mimi Zohar
2012-05-15 15:14 ` James Morris
2012-05-15 16:06 ` Mimi Zohar
2012-05-15 17:19 ` Linus Torvalds
2012-05-15 18:36 ` Mimi Zohar
2012-05-15 18:41 ` Linus Torvalds
2012-05-15 19:42 ` Eric Paris
2012-05-15 20:07 ` Mimi Zohar
2012-05-15 21:43 ` Linus Torvalds
2012-05-16 0:37 ` Linus Torvalds
2012-05-16 0:42 ` Al Viro
2012-05-16 0:45 ` Linus Torvalds
2012-05-16 1:53 ` Linus Torvalds
2012-05-16 11:37 ` James Morris
2012-05-16 11:38 ` James Morris
2012-05-16 13:27 ` Mimi Zohar
2012-05-16 13:42 ` Eric Paris
2012-05-16 13:52 ` Mimi Zohar
2012-05-16 14:06 ` Eric Paris
2012-05-16 15:23 ` Linus Torvalds
2012-05-16 15:47 ` Mimi Zohar
2012-05-16 16:09 ` Linus Torvalds
2012-05-16 2:18 ` Al Viro
2012-05-23 21:18 ` Mimi Zohar
2012-05-30 4:34 ` Al Viro
2012-05-30 16:36 ` Al Viro
2012-05-30 19:42 ` Eric Paris
2012-05-30 20:24 ` Al Viro
2012-05-30 20:28 ` Linus Torvalds
2012-05-30 20:56 ` Al Viro
2012-05-30 21:04 ` Linus Torvalds
2012-05-30 21:36 ` Al Viro
2012-05-30 22:51 ` Linus Torvalds
2012-05-31 0:28 ` Al Viro [this message]
2012-05-31 0:40 ` Linus Torvalds
2012-05-31 0:56 ` Al Viro
2012-05-31 3:55 ` Mimi Zohar
2012-05-31 4:20 ` James Morris
2012-05-30 20:33 ` Mimi Zohar
2012-05-30 20:53 ` Al Viro
2012-05-16 14:13 ` Eric Paris
2012-05-16 15:13 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120531002802.GA11775@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=eparis@parisplace.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=zohar@linux.vnet.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox