* include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage!
@ 2012-10-05 22:52 Cristian Rodríguez
2012-10-08 19:49 ` Paul E. McKenney
0 siblings, 1 reply; 5+ messages in thread
From: Cristian Rodríguez @ 2012-10-05 22:52 UTC (permalink / raw)
To: linux-kernel
Hi:
I am getting this in the current linus tree.
[ 0.408781] ===============================
[ 0.408783] [ INFO: suspicious RCU usage. ]
[ 0.408786] 3.6.0-canneverbe-07124-g5f3d2f2 #18 Not tainted
[ 0.408789] -------------------------------
[ 0.408791] include/linux/cgroup.h:566 suspicious
rcu_dereference_check() usage!
[ 0.408795]
[ 0.408795] other info that might help us debug this:
[ 0.408795]
[ 0.408799]
[ 0.408799] rcu_scheduler_active = 1, debug_locks = 0
[ 0.408802] 2 locks held by kdevtmpfs/49:
[ 0.408804] #0: (sb_writers){.+.+.+}, at: [<ffffffff8119a2ef>]
mnt_want_write+0x1f/0x50
[ 0.408814] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at:
[<ffffffff811857cf>] kern_path_create+0x7f/0x170
[ 0.408822]
[ 0.408822] stack backtrace:
[ 0.408825] Pid: 49, comm: kdevtmpfs Not tainted
3.6.0-canneverbe-07124-g5f3d2f2 #18
[ 0.408829] Call Trace:
[ 0.408834] [<ffffffff8109fabd>] lockdep_rcu_suspicious+0xfd/0x130
[ 0.408838] [<ffffffff812a876d>] devcgroup_inode_mknod+0x18d/0x230
[ 0.408843] [<ffffffff8126f923>] ? security_capable+0x13/0x20
[ 0.408848] [<ffffffff8104a06f>] ? ns_capable+0x3f/0x80
[ 0.408851] [<ffffffff81186c09>] vfs_mknod+0x79/0x140
[ 0.408856] [<ffffffff813a6df2>] handle_create.isra.2+0x72/0x200
[ 0.408860] [<ffffffff813a702c>] ? devtmpfsd+0xac/0x140
[ 0.408863] [<ffffffff813a7094>] devtmpfsd+0x114/0x140
[ 0.408867] [<ffffffff813a6f80>] ? handle_create.isra.2+0x200/0x200
[ 0.408871] [<ffffffff81064de6>] kthread+0xd6/0xe0
[ 0.408877] [<ffffffff81578cb4>] kernel_thread_helper+0x4/0x10
[ 0.408881] [<ffffffff8156f85c>] ? retint_restore_args+0xe/0xe
[ 0.408885] [<ffffffff81064d10>] ? flush_kthread_work+0x190/0x190
[ 0.408889] [<ffffffff81578cb0>] ? gs_change+0xb/0xb
Hope someone can take a look at it.
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! 2012-10-05 22:52 include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! Cristian Rodríguez @ 2012-10-08 19:49 ` Paul E. McKenney 2012-10-10 1:08 ` Sergey Senozhatsky 0 siblings, 1 reply; 5+ messages in thread From: Paul E. McKenney @ 2012-10-08 19:49 UTC (permalink / raw) To: Cristian Rodríguez; +Cc: linux-kernel On Fri, Oct 05, 2012 at 07:52:15PM -0300, Cristian Rodríguez wrote: > Hi: > I am getting this in the current linus tree. > > [ 0.408781] =============================== > [ 0.408783] [ INFO: suspicious RCU usage. ] > [ 0.408786] 3.6.0-canneverbe-07124-g5f3d2f2 #18 Not tainted > [ 0.408789] ------------------------------- > [ 0.408791] include/linux/cgroup.h:566 suspicious > rcu_dereference_check() usage! > [ 0.408795] > [ 0.408795] other info that might help us debug this: > [ 0.408795] > [ 0.408799] > [ 0.408799] rcu_scheduler_active = 1, debug_locks = 0 > [ 0.408802] 2 locks held by kdevtmpfs/49: > [ 0.408804] #0: (sb_writers){.+.+.+}, at: [<ffffffff8119a2ef>] > mnt_want_write+0x1f/0x50 > [ 0.408814] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at: > [<ffffffff811857cf>] kern_path_create+0x7f/0x170 > [ 0.408822] > [ 0.408822] stack backtrace: > [ 0.408825] Pid: 49, comm: kdevtmpfs Not tainted > 3.6.0-canneverbe-07124-g5f3d2f2 #18 > [ 0.408829] Call Trace: > [ 0.408834] [<ffffffff8109fabd>] lockdep_rcu_suspicious+0xfd/0x130 > [ 0.408838] [<ffffffff812a876d>] devcgroup_inode_mknod+0x18d/0x230 > [ 0.408843] [<ffffffff8126f923>] ? security_capable+0x13/0x20 > [ 0.408848] [<ffffffff8104a06f>] ? ns_capable+0x3f/0x80 > [ 0.408851] [<ffffffff81186c09>] vfs_mknod+0x79/0x140 > [ 0.408856] [<ffffffff813a6df2>] handle_create.isra.2+0x72/0x200 > [ 0.408860] [<ffffffff813a702c>] ? devtmpfsd+0xac/0x140 > [ 0.408863] [<ffffffff813a7094>] devtmpfsd+0x114/0x140 > [ 0.408867] [<ffffffff813a6f80>] ? handle_create.isra.2+0x200/0x200 > [ 0.408871] [<ffffffff81064de6>] kthread+0xd6/0xe0 > [ 0.408877] [<ffffffff81578cb4>] kernel_thread_helper+0x4/0x10 > [ 0.408881] [<ffffffff8156f85c>] ? retint_restore_args+0xe/0xe > [ 0.408885] [<ffffffff81064d10>] ? flush_kthread_work+0x190/0x190 > [ 0.408889] [<ffffffff81578cb0>] ? gs_change+0xb/0xb > > > Hope someone can take a look at it. It looks to me like commit #ad676077 (device_cgroup: convert device_cgroup internally to policy + exceptions) removed a needed rcu_read_lock(). See below for an untested patch restoring rcu_read_lock(). Thanx, Paul ------------------------------------------------------------------------ device_cgroup: Restore rcu_read_lock() protection to devcgroup_inode_mknod() Commit ad676077 (device_cgroup: convert device_cgroup internally to policy + exceptions) restructured devcgroup_inode_mknod(), removing rcu_read_lock() in the process. However, RCU read-side protection is required by the call to task_devcgroup(), so this commit restores the rcu_read_lock() and rcu_read_unlock(). Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 44dfc41..c686110 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -576,9 +576,12 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) int devcgroup_inode_mknod(int mode, dev_t dev) { - struct dev_cgroup *dev_cgroup = task_devcgroup(current); + struct dev_cgroup *dev_cgroup; + int ret; short type; + rcu_read_lock(); + dev_cgroup = task_devcgroup(current); if (!S_ISBLK(mode) && !S_ISCHR(mode)) return 0; @@ -587,7 +590,9 @@ int devcgroup_inode_mknod(int mode, dev_t dev) else type = DEV_CHAR; - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), MINOR(dev), ACC_MKNOD); + rcu_read_unlock(); + return ret; } ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! 2012-10-08 19:49 ` Paul E. McKenney @ 2012-10-10 1:08 ` Sergey Senozhatsky 2012-10-10 3:25 ` Paul E. McKenney 0 siblings, 1 reply; 5+ messages in thread From: Sergey Senozhatsky @ 2012-10-10 1:08 UTC (permalink / raw) To: Paul E. McKenney; +Cc: Cristian Rodríguez, linux-kernel, James Morris On (10/08/12 12:49), Paul E. McKenney wrote: > > ------------------------------------------------------------------------ > > device_cgroup: Restore rcu_read_lock() protection to devcgroup_inode_mknod() > > Commit ad676077 (device_cgroup: convert device_cgroup internally to > policy + exceptions) restructured devcgroup_inode_mknod(), removing > rcu_read_lock() in the process. However, RCU read-side protection > is required by the call to task_devcgroup(), so this commit restores > the rcu_read_lock() and rcu_read_unlock(). > > Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > index 44dfc41..c686110 100644 > --- a/security/device_cgroup.c > +++ b/security/device_cgroup.c > @@ -576,9 +576,12 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) > > int devcgroup_inode_mknod(int mode, dev_t dev) > { > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > + struct dev_cgroup *dev_cgroup; > + int ret; > short type; > > + rcu_read_lock(); > + dev_cgroup = task_devcgroup(current); > if (!S_ISBLK(mode) && !S_ISCHR(mode)) > return 0; > > @@ -587,7 +590,9 @@ int devcgroup_inode_mknod(int mode, dev_t dev) > else > type = DEV_CHAR; > > - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > MINOR(dev), ACC_MKNOD); > + rcu_read_unlock(); > + return ret; > > } > I believe the same should be done for __devcgroup_inode_permission() as well. And we probably can call task_devcgroup() and rcu_read_lock() after "S_ISBLK(mode) && !S_ISCHR(mode)" checks (I guess we also need to unlock RCU on `return 0'). ---------------------------------------------------------------------------- Commit ad676077 | Author: Aristeu Rozanski <aris@redhat.com> | Date: Thu Oct 4 17:15:17 2012 -0700 | device_cgroup: convert device_cgroup internally to policy + exceptions moved RCU read-side protection from devcgroup_inode_mknod(), which, however is required by task_devcgroup(). Patch also add RCU read-side protection to __devcgroup_inode_permission() function, introduced in commit ad676077. [ 0.946303] include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! [ 0.946511] [ 0.946606] 2 locks held by kdevtmpfs/28: [ 0.946684] #0: (sb_writers){.+.+.+}, at: [<ffffffff81144bcb>] mnt_want_write+0x24/0x4b [ 0.947083] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at: [<ffffffff81133d04>] kern_path_create+0x83/0x144 [ 0.947598] [ 0.947787] Call Trace: [ 0.947868] [<ffffffff81089644>] lockdep_rcu_suspicious+0x109/0x112 [ 0.947958] [<ffffffff81258fa0>] devcgroup_inode_mknod+0x9e/0xee [ 0.948043] [<ffffffff81132ee7>] vfs_mknod+0x8a/0xed [ 0.948129] [<ffffffff813b98af>] handle_create.isra.2+0x144/0x1b5 [ 0.948214] [<ffffffff813b99bf>] ? devtmpfsd+0x9f/0x138 [ 0.948298] [<ffffffff81295d5c>] ? do_raw_spin_lock+0x67/0xde [ 0.948384] [<ffffffff81295e92>] ? do_raw_spin_unlock+0x8f/0x98 [ 0.948469] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 [ 0.948554] [<ffffffff813b9a04>] devtmpfsd+0xe4/0x138 [ 0.948638] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 [ 0.948724] [<ffffffff810582b6>] kthread+0xd5/0xdd [ 0.948814] [<ffffffff814db664>] kernel_thread_helper+0x4/0x10 [ 0.948900] [<ffffffff814d2973>] ? retint_restore_args+0x13/0x13 [ 0.948985] [<ffffffff810581e1>] ? __init_kthread_worker+0x5a/0x5a [ 0.949069] [<ffffffff814db660>] ? gs_change+0x13/0x13 devcgroup_inode_mknod() part submitted by Paul E. McKenney. Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> --- security/device_cgroup.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 44dfc41..043eb00 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -558,7 +558,8 @@ static int __devcgroup_check_permission(struct dev_cgroup *dev_cgroup, int __devcgroup_inode_permission(struct inode *inode, int mask) { - struct dev_cgroup *dev_cgroup = task_devcgroup(current); + struct dev_cgroup *dev_cgroup; + int ret; short type, access = 0; if (S_ISBLK(inode->i_mode)) @@ -570,13 +571,20 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) if (mask & MAY_READ) access |= ACC_READ; - return __devcgroup_check_permission(dev_cgroup, type, imajor(inode), + rcu_read_lock(); + + dev_cgroup = task_devcgroup(current); + ret = __devcgroup_check_permission(dev_cgroup, type, imajor(inode), iminor(inode), access); + + rcu_read_unlock(); + return ret; } int devcgroup_inode_mknod(int mode, dev_t dev) { - struct dev_cgroup *dev_cgroup = task_devcgroup(current); + struct dev_cgroup *dev_cgroup; + int ret; short type; if (!S_ISBLK(mode) && !S_ISCHR(mode)) @@ -587,7 +595,12 @@ int devcgroup_inode_mknod(int mode, dev_t dev) else type = DEV_CHAR; - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), + rcu_read_lock(); + + dev_cgroup = task_devcgroup(current); + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), MINOR(dev), ACC_MKNOD); + rcu_read_unlock(); + return ret; } ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! 2012-10-10 1:08 ` Sergey Senozhatsky @ 2012-10-10 3:25 ` Paul E. McKenney 2012-10-10 23:20 ` Sergey Senozhatsky 0 siblings, 1 reply; 5+ messages in thread From: Paul E. McKenney @ 2012-10-10 3:25 UTC (permalink / raw) To: Sergey Senozhatsky; +Cc: Cristian Rodríguez, linux-kernel, James Morris On Tue, Oct 09, 2012 at 06:08:59PM -0700, Sergey Senozhatsky wrote: > On (10/08/12 12:49), Paul E. McKenney wrote: > > > > ------------------------------------------------------------------------ > > > > device_cgroup: Restore rcu_read_lock() protection to devcgroup_inode_mknod() > > > > Commit ad676077 (device_cgroup: convert device_cgroup internally to > > policy + exceptions) restructured devcgroup_inode_mknod(), removing > > rcu_read_lock() in the process. However, RCU read-side protection > > is required by the call to task_devcgroup(), so this commit restores > > the rcu_read_lock() and rcu_read_unlock(). > > > > Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> > > > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > > index 44dfc41..c686110 100644 > > --- a/security/device_cgroup.c > > +++ b/security/device_cgroup.c > > @@ -576,9 +576,12 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) > > > > int devcgroup_inode_mknod(int mode, dev_t dev) > > { > > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > > + struct dev_cgroup *dev_cgroup; > > + int ret; > > short type; > > > > + rcu_read_lock(); > > + dev_cgroup = task_devcgroup(current); > > if (!S_ISBLK(mode) && !S_ISCHR(mode)) > > return 0; > > > > @@ -587,7 +590,9 @@ int devcgroup_inode_mknod(int mode, dev_t dev) > > else > > type = DEV_CHAR; > > > > - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > > + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > > MINOR(dev), ACC_MKNOD); > > + rcu_read_unlock(); > > + return ret; > > > > } > > > > > I believe the same should be done for __devcgroup_inode_permission() as well. And we > probably can call task_devcgroup() and rcu_read_lock() after "S_ISBLK(mode) && !S_ISCHR(mode)" > checks (I guess we also need to unlock RCU on `return 0'). Looks sane to me! Dropping my patch. Thanx, Paul > ---------------------------------------------------------------------------- > > Commit ad676077 > | Author: Aristeu Rozanski <aris@redhat.com> > | Date: Thu Oct 4 17:15:17 2012 -0700 > | device_cgroup: convert device_cgroup internally to policy + exceptions > > moved RCU read-side protection from devcgroup_inode_mknod(), which, however is required > by task_devcgroup(). Patch also add RCU read-side protection to __devcgroup_inode_permission() > function, introduced in commit ad676077. > > [ 0.946303] include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! > [ 0.946511] > [ 0.946606] 2 locks held by kdevtmpfs/28: > [ 0.946684] #0: (sb_writers){.+.+.+}, at: [<ffffffff81144bcb>] mnt_want_write+0x24/0x4b > [ 0.947083] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at: [<ffffffff81133d04>] kern_path_create+0x83/0x144 > [ 0.947598] > [ 0.947787] Call Trace: > [ 0.947868] [<ffffffff81089644>] lockdep_rcu_suspicious+0x109/0x112 > [ 0.947958] [<ffffffff81258fa0>] devcgroup_inode_mknod+0x9e/0xee > [ 0.948043] [<ffffffff81132ee7>] vfs_mknod+0x8a/0xed > [ 0.948129] [<ffffffff813b98af>] handle_create.isra.2+0x144/0x1b5 > [ 0.948214] [<ffffffff813b99bf>] ? devtmpfsd+0x9f/0x138 > [ 0.948298] [<ffffffff81295d5c>] ? do_raw_spin_lock+0x67/0xde > [ 0.948384] [<ffffffff81295e92>] ? do_raw_spin_unlock+0x8f/0x98 > [ 0.948469] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 > [ 0.948554] [<ffffffff813b9a04>] devtmpfsd+0xe4/0x138 > [ 0.948638] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 > [ 0.948724] [<ffffffff810582b6>] kthread+0xd5/0xdd > [ 0.948814] [<ffffffff814db664>] kernel_thread_helper+0x4/0x10 > [ 0.948900] [<ffffffff814d2973>] ? retint_restore_args+0x13/0x13 > [ 0.948985] [<ffffffff810581e1>] ? __init_kthread_worker+0x5a/0x5a > [ 0.949069] [<ffffffff814db660>] ? gs_change+0x13/0x13 > > > devcgroup_inode_mknod() part submitted by Paul E. McKenney. > > > Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> > > --- > > security/device_cgroup.c | 21 +++++++++++++++++---- > 1 file changed, 17 insertions(+), 4 deletions(-) > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > index 44dfc41..043eb00 100644 > --- a/security/device_cgroup.c > +++ b/security/device_cgroup.c > @@ -558,7 +558,8 @@ static int __devcgroup_check_permission(struct dev_cgroup *dev_cgroup, > > int __devcgroup_inode_permission(struct inode *inode, int mask) > { > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > + struct dev_cgroup *dev_cgroup; > + int ret; > short type, access = 0; > > if (S_ISBLK(inode->i_mode)) > @@ -570,13 +571,20 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) > if (mask & MAY_READ) > access |= ACC_READ; > > - return __devcgroup_check_permission(dev_cgroup, type, imajor(inode), > + rcu_read_lock(); > + > + dev_cgroup = task_devcgroup(current); > + ret = __devcgroup_check_permission(dev_cgroup, type, imajor(inode), > iminor(inode), access); > + > + rcu_read_unlock(); > + return ret; > } > > int devcgroup_inode_mknod(int mode, dev_t dev) > { > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > + struct dev_cgroup *dev_cgroup; > + int ret; > short type; > > if (!S_ISBLK(mode) && !S_ISCHR(mode)) > @@ -587,7 +595,12 @@ int devcgroup_inode_mknod(int mode, dev_t dev) > else > type = DEV_CHAR; > > - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > + rcu_read_lock(); > + > + dev_cgroup = task_devcgroup(current); > + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > MINOR(dev), ACC_MKNOD); > > + rcu_read_unlock(); > + return ret; > } > > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ > ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! 2012-10-10 3:25 ` Paul E. McKenney @ 2012-10-10 23:20 ` Sergey Senozhatsky 0 siblings, 0 replies; 5+ messages in thread From: Sergey Senozhatsky @ 2012-10-10 23:20 UTC (permalink / raw) To: Paul E. McKenney Cc: Sergey Senozhatsky, Cristian Rodríguez, linux-kernel, James Morris On (10/09/12 20:25), Paul E. McKenney wrote: > > Looks sane to me! Dropping my patch. > > Thanx, Paul > Thanks a lot, Paul. I will resend with proper subject, so it'll be more visible in the list. -ss > > ---------------------------------------------------------------------------- > > > > Commit ad676077 > > | Author: Aristeu Rozanski <aris@redhat.com> > > | Date: Thu Oct 4 17:15:17 2012 -0700 > > | device_cgroup: convert device_cgroup internally to policy + exceptions > > > > moved RCU read-side protection from devcgroup_inode_mknod(), which, however is required > > by task_devcgroup(). Patch also add RCU read-side protection to __devcgroup_inode_permission() > > function, introduced in commit ad676077. > > > > [ 0.946303] include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! > > [ 0.946511] > > [ 0.946606] 2 locks held by kdevtmpfs/28: > > [ 0.946684] #0: (sb_writers){.+.+.+}, at: [<ffffffff81144bcb>] mnt_want_write+0x24/0x4b > > [ 0.947083] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at: [<ffffffff81133d04>] kern_path_create+0x83/0x144 > > [ 0.947598] > > [ 0.947787] Call Trace: > > [ 0.947868] [<ffffffff81089644>] lockdep_rcu_suspicious+0x109/0x112 > > [ 0.947958] [<ffffffff81258fa0>] devcgroup_inode_mknod+0x9e/0xee > > [ 0.948043] [<ffffffff81132ee7>] vfs_mknod+0x8a/0xed > > [ 0.948129] [<ffffffff813b98af>] handle_create.isra.2+0x144/0x1b5 > > [ 0.948214] [<ffffffff813b99bf>] ? devtmpfsd+0x9f/0x138 > > [ 0.948298] [<ffffffff81295d5c>] ? do_raw_spin_lock+0x67/0xde > > [ 0.948384] [<ffffffff81295e92>] ? do_raw_spin_unlock+0x8f/0x98 > > [ 0.948469] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 > > [ 0.948554] [<ffffffff813b9a04>] devtmpfsd+0xe4/0x138 > > [ 0.948638] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5 > > [ 0.948724] [<ffffffff810582b6>] kthread+0xd5/0xdd > > [ 0.948814] [<ffffffff814db664>] kernel_thread_helper+0x4/0x10 > > [ 0.948900] [<ffffffff814d2973>] ? retint_restore_args+0x13/0x13 > > [ 0.948985] [<ffffffff810581e1>] ? __init_kthread_worker+0x5a/0x5a > > [ 0.949069] [<ffffffff814db660>] ? gs_change+0x13/0x13 > > > > > > devcgroup_inode_mknod() part submitted by Paul E. McKenney. > > > > > > Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> > > > > --- > > > > security/device_cgroup.c | 21 +++++++++++++++++---- > > 1 file changed, 17 insertions(+), 4 deletions(-) > > > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c > > index 44dfc41..043eb00 100644 > > --- a/security/device_cgroup.c > > +++ b/security/device_cgroup.c > > @@ -558,7 +558,8 @@ static int __devcgroup_check_permission(struct dev_cgroup *dev_cgroup, > > > > int __devcgroup_inode_permission(struct inode *inode, int mask) > > { > > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > > + struct dev_cgroup *dev_cgroup; > > + int ret; > > short type, access = 0; > > > > if (S_ISBLK(inode->i_mode)) > > @@ -570,13 +571,20 @@ int __devcgroup_inode_permission(struct inode *inode, int mask) > > if (mask & MAY_READ) > > access |= ACC_READ; > > > > - return __devcgroup_check_permission(dev_cgroup, type, imajor(inode), > > + rcu_read_lock(); > > + > > + dev_cgroup = task_devcgroup(current); > > + ret = __devcgroup_check_permission(dev_cgroup, type, imajor(inode), > > iminor(inode), access); > > + > > + rcu_read_unlock(); > > + return ret; > > } > > > > int devcgroup_inode_mknod(int mode, dev_t dev) > > { > > - struct dev_cgroup *dev_cgroup = task_devcgroup(current); > > + struct dev_cgroup *dev_cgroup; > > + int ret; > > short type; > > > > if (!S_ISBLK(mode) && !S_ISCHR(mode)) > > @@ -587,7 +595,12 @@ int devcgroup_inode_mknod(int mode, dev_t dev) > > else > > type = DEV_CHAR; > > > > - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > > + rcu_read_lock(); > > + > > + dev_cgroup = task_devcgroup(current); > > + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev), > > MINOR(dev), ACC_MKNOD); > > > > + rcu_read_unlock(); > > + return ret; > > } > > > > -- > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > > the body of a message to majordomo@vger.kernel.org > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > Please read the FAQ at http://www.tux.org/lkml/ > > > ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-10-10 23:23 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2012-10-05 22:52 include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! Cristian Rodríguez 2012-10-08 19:49 ` Paul E. McKenney 2012-10-10 1:08 ` Sergey Senozhatsky 2012-10-10 3:25 ` Paul E. McKenney 2012-10-10 23:20 ` Sergey Senozhatsky
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox