* Fix sel_netnode_insert suspicious rcu dereference.
@ 2012-06-05 5:12 Dave Jones
2012-08-06 16:49 ` Dave Jones
0 siblings, 1 reply; 5+ messages in thread
From: Dave Jones @ 2012-06-05 5:12 UTC (permalink / raw)
To: Linux Kernel
I reported this a year ago (https://lkml.org/lkml/2011/4/20/308).
It's still a problem apparently ...
===============================
[ INFO: suspicious RCU usage. ]
3.5.0-rc1+ #63 Not tainted
-------------------------------
security/selinux/netnode.c:178 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 0
1 lock held by trinity-child1/8750:
#0: (sel_netnode_lock){+.....}, at: [<ffffffff812d8f8a>] sel_netnode_sid+0x16a/0x3e0
stack backtrace:
Pid: 8750, comm: trinity-child1 Not tainted 3.5.0-rc1+ #63
Call Trace:
[<ffffffff810cec2d>] lockdep_rcu_suspicious+0xfd/0x130
[<ffffffff812d91d1>] sel_netnode_sid+0x3b1/0x3e0
[<ffffffff812d8e20>] ? sel_netnode_find+0x1a0/0x1a0
[<ffffffff812d24a6>] selinux_socket_bind+0xf6/0x2c0
[<ffffffff810cd1dd>] ? trace_hardirqs_off+0xd/0x10
[<ffffffff810cdb55>] ? lock_release_holdtime.part.9+0x15/0x1a0
[<ffffffff81093841>] ? lock_hrtimer_base+0x31/0x60
[<ffffffff812c9536>] security_socket_bind+0x16/0x20
[<ffffffff815550ca>] sys_bind+0x7a/0x100
[<ffffffff816c03d5>] ? sysret_check+0x22/0x5d
[<ffffffff810d392d>] ? trace_hardirqs_on_caller+0x10d/0x1a0
[<ffffffff8133b09e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff816c03a9>] system_call_fastpath+0x16/0x1b
This patch below does what Paul McKenney suggested in the previous thread.
Signed-off-by: Dave Jones <davej@redhat.com>
diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
index 28f911c..c5454c0 100644
--- a/security/selinux/netnode.c
+++ b/security/selinux/netnode.c
@@ -174,7 +174,8 @@ static void sel_netnode_insert(struct sel_netnode *node)
if (sel_netnode_hash[idx].size == SEL_NETNODE_HASH_BKT_LIMIT) {
struct sel_netnode *tail;
tail = list_entry(
- rcu_dereference(sel_netnode_hash[idx].list.prev),
+ rcu_dereference_protected(sel_netnode_hash[idx].list.prev,
+ lockdep_is_held(&sel_netnode_lock)),
struct sel_netnode, list);
list_del_rcu(&tail->list);
kfree_rcu(tail, rcu);
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: Fix sel_netnode_insert suspicious rcu dereference.
2012-06-05 5:12 Fix sel_netnode_insert suspicious rcu dereference Dave Jones
@ 2012-08-06 16:49 ` Dave Jones
2012-08-06 19:09 ` Paul E. McKenney
2012-08-06 19:10 ` Paul Moore
0 siblings, 2 replies; 5+ messages in thread
From: Dave Jones @ 2012-08-06 16:49 UTC (permalink / raw)
To: Linux Kernel; +Cc: eparis, paulmck, paul, Andrew Morton, Linus Torvalds
On Tue, Jun 05, 2012 at 01:12:39AM -0400, Dave Jones wrote:
> I reported this a year ago (https://lkml.org/lkml/2011/4/20/308).
> It's still a problem apparently ...
And another two months pass in silence.
This is happening to other people too.
https://bugzilla.redhat.com/show_bug.cgi?id=846037
Can someone please apply this patch, or at least point out what's wrong with it ?
Dave
> ===============================
> [ INFO: suspicious RCU usage. ]
> 3.5.0-rc1+ #63 Not tainted
> -------------------------------
> security/selinux/netnode.c:178 suspicious rcu_dereference_check() usage!
>
> other info that might help us debug this:
>
>
> rcu_scheduler_active = 1, debug_locks = 0
> 1 lock held by trinity-child1/8750:
> #0: (sel_netnode_lock){+.....}, at: [<ffffffff812d8f8a>] sel_netnode_sid+0x16a/0x3e0
>
> stack backtrace:
> Pid: 8750, comm: trinity-child1 Not tainted 3.5.0-rc1+ #63
> Call Trace:
> [<ffffffff810cec2d>] lockdep_rcu_suspicious+0xfd/0x130
> [<ffffffff812d91d1>] sel_netnode_sid+0x3b1/0x3e0
> [<ffffffff812d8e20>] ? sel_netnode_find+0x1a0/0x1a0
> [<ffffffff812d24a6>] selinux_socket_bind+0xf6/0x2c0
> [<ffffffff810cd1dd>] ? trace_hardirqs_off+0xd/0x10
> [<ffffffff810cdb55>] ? lock_release_holdtime.part.9+0x15/0x1a0
> [<ffffffff81093841>] ? lock_hrtimer_base+0x31/0x60
> [<ffffffff812c9536>] security_socket_bind+0x16/0x20
> [<ffffffff815550ca>] sys_bind+0x7a/0x100
> [<ffffffff816c03d5>] ? sysret_check+0x22/0x5d
> [<ffffffff810d392d>] ? trace_hardirqs_on_caller+0x10d/0x1a0
> [<ffffffff8133b09e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
> [<ffffffff816c03a9>] system_call_fastpath+0x16/0x1b
>
> This patch below does what Paul McKenney suggested in the previous thread.
>
> Signed-off-by: Dave Jones <davej@redhat.com>
>
> diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
> index 28f911c..c5454c0 100644
> --- a/security/selinux/netnode.c
> +++ b/security/selinux/netnode.c
> @@ -174,7 +174,8 @@ static void sel_netnode_insert(struct sel_netnode *node)
> if (sel_netnode_hash[idx].size == SEL_NETNODE_HASH_BKT_LIMIT) {
> struct sel_netnode *tail;
> tail = list_entry(
> - rcu_dereference(sel_netnode_hash[idx].list.prev),
> + rcu_dereference_protected(sel_netnode_hash[idx].list.prev,
> + lockdep_is_held(&sel_netnode_lock)),
> struct sel_netnode, list);
> list_del_rcu(&tail->list);
> kfree_rcu(tail, rcu);
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
---end quoted text---
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Fix sel_netnode_insert suspicious rcu dereference.
2012-08-06 16:49 ` Dave Jones
@ 2012-08-06 19:09 ` Paul E. McKenney
2012-08-06 19:10 ` Paul Moore
1 sibling, 0 replies; 5+ messages in thread
From: Paul E. McKenney @ 2012-08-06 19:09 UTC (permalink / raw)
To: Dave Jones, Linux Kernel, eparis, paul, Andrew Morton,
Linus Torvalds
On Mon, Aug 06, 2012 at 12:49:14PM -0400, Dave Jones wrote:
> On Tue, Jun 05, 2012 at 01:12:39AM -0400, Dave Jones wrote:
> > I reported this a year ago (https://lkml.org/lkml/2011/4/20/308).
> > It's still a problem apparently ...
>
> And another two months pass in silence.
>
> This is happening to other people too.
> https://bugzilla.redhat.com/show_bug.cgi?id=846037
>
> Can someone please apply this patch, or at least point out what's wrong with it ?
Feel free to add:
Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
in case that helps.
Thanx, Paul
> Dave
>
>
> > ===============================
> > [ INFO: suspicious RCU usage. ]
> > 3.5.0-rc1+ #63 Not tainted
> > -------------------------------
> > security/selinux/netnode.c:178 suspicious rcu_dereference_check() usage!
> >
> > other info that might help us debug this:
> >
> >
> > rcu_scheduler_active = 1, debug_locks = 0
> > 1 lock held by trinity-child1/8750:
> > #0: (sel_netnode_lock){+.....}, at: [<ffffffff812d8f8a>] sel_netnode_sid+0x16a/0x3e0
> >
> > stack backtrace:
> > Pid: 8750, comm: trinity-child1 Not tainted 3.5.0-rc1+ #63
> > Call Trace:
> > [<ffffffff810cec2d>] lockdep_rcu_suspicious+0xfd/0x130
> > [<ffffffff812d91d1>] sel_netnode_sid+0x3b1/0x3e0
> > [<ffffffff812d8e20>] ? sel_netnode_find+0x1a0/0x1a0
> > [<ffffffff812d24a6>] selinux_socket_bind+0xf6/0x2c0
> > [<ffffffff810cd1dd>] ? trace_hardirqs_off+0xd/0x10
> > [<ffffffff810cdb55>] ? lock_release_holdtime.part.9+0x15/0x1a0
> > [<ffffffff81093841>] ? lock_hrtimer_base+0x31/0x60
> > [<ffffffff812c9536>] security_socket_bind+0x16/0x20
> > [<ffffffff815550ca>] sys_bind+0x7a/0x100
> > [<ffffffff816c03d5>] ? sysret_check+0x22/0x5d
> > [<ffffffff810d392d>] ? trace_hardirqs_on_caller+0x10d/0x1a0
> > [<ffffffff8133b09e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
> > [<ffffffff816c03a9>] system_call_fastpath+0x16/0x1b
> >
> > This patch below does what Paul McKenney suggested in the previous thread.
> >
> > Signed-off-by: Dave Jones <davej@redhat.com>
> >
> > diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
> > index 28f911c..c5454c0 100644
> > --- a/security/selinux/netnode.c
> > +++ b/security/selinux/netnode.c
> > @@ -174,7 +174,8 @@ static void sel_netnode_insert(struct sel_netnode *node)
> > if (sel_netnode_hash[idx].size == SEL_NETNODE_HASH_BKT_LIMIT) {
> > struct sel_netnode *tail;
> > tail = list_entry(
> > - rcu_dereference(sel_netnode_hash[idx].list.prev),
> > + rcu_dereference_protected(sel_netnode_hash[idx].list.prev,
> > + lockdep_is_held(&sel_netnode_lock)),
> > struct sel_netnode, list);
> > list_del_rcu(&tail->list);
> > kfree_rcu(tail, rcu);
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at http://www.tux.org/lkml/
> ---end quoted text---
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Fix sel_netnode_insert suspicious rcu dereference.
2012-08-06 16:49 ` Dave Jones
2012-08-06 19:09 ` Paul E. McKenney
@ 2012-08-06 19:10 ` Paul Moore
2012-08-06 21:25 ` Eric Paris
1 sibling, 1 reply; 5+ messages in thread
From: Paul Moore @ 2012-08-06 19:10 UTC (permalink / raw)
To: Dave Jones, Linux Kernel, eparis, paulmck, paul, Andrew Morton,
Linus Torvalds
On Mon, Aug 6, 2012 at 12:49 PM, Dave Jones <davej@redhat.com> wrote:
> On Tue, Jun 05, 2012 at 01:12:39AM -0400, Dave Jones wrote:
> > I reported this a year ago (https://lkml.org/lkml/2011/4/20/308).
> > It's still a problem apparently ...
>
> And another two months pass in silence.
>
> This is happening to other people too.
> https://bugzilla.redhat.com/show_bug.cgi?id=846037
>
> Can someone please apply this patch, or at least point out what's wrong with it ?
I thought Eric had applied it a few months ago, but I just checked and
I don't see it in Linus' tree for some reason? I know multiple
patches have been posted from different authors, all fixing the same
thing ...
Acked-by: Paul Moore <paul@paul-moore.com>
--
paul moore
www.paul-moore.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Fix sel_netnode_insert suspicious rcu dereference.
2012-08-06 19:10 ` Paul Moore
@ 2012-08-06 21:25 ` Eric Paris
0 siblings, 0 replies; 5+ messages in thread
From: Eric Paris @ 2012-08-06 21:25 UTC (permalink / raw)
To: Paul Moore
Cc: Dave Jones, Linux Kernel, eparis, paulmck, Andrew Morton,
Linus Torvalds
I thought I HAD committed it months ago!
Man I suck at this....
On Mon, Aug 6, 2012 at 3:10 PM, Paul Moore <paul@paul-moore.com> wrote:
> On Mon, Aug 6, 2012 at 12:49 PM, Dave Jones <davej@redhat.com> wrote:
>> On Tue, Jun 05, 2012 at 01:12:39AM -0400, Dave Jones wrote:
>> > I reported this a year ago (https://lkml.org/lkml/2011/4/20/308).
>> > It's still a problem apparently ...
>>
>> And another two months pass in silence.
>>
>> This is happening to other people too.
>> https://bugzilla.redhat.com/show_bug.cgi?id=846037
>>
>> Can someone please apply this patch, or at least point out what's wrong with it ?
>
> I thought Eric had applied it a few months ago, but I just checked and
> I don't see it in Linus' tree for some reason? I know multiple
> patches have been posted from different authors, all fixing the same
> thing ...
>
> Acked-by: Paul Moore <paul@paul-moore.com>
>
> --
> paul moore
> www.paul-moore.com
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-08-06 21:25 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-06-05 5:12 Fix sel_netnode_insert suspicious rcu dereference Dave Jones
2012-08-06 16:49 ` Dave Jones
2012-08-06 19:09 ` Paul E. McKenney
2012-08-06 19:10 ` Paul Moore
2012-08-06 21:25 ` Eric Paris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox