From: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
To: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: "Sergey Senozhatsky" <sergey.senozhatsky@gmail.com>,
"Cristian Rodríguez" <crrodriguez@opensuse.org>,
linux-kernel@vger.kernel.org,
"James Morris" <james.l.morris@oracle.com>
Subject: Re: include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage!
Date: Wed, 10 Oct 2012 16:20:47 -0700 [thread overview]
Message-ID: <20121010232047.GF4628@swordfish.datadirect.datadirectnet.com> (raw)
In-Reply-To: <20121010032503.GB13994@linux.vnet.ibm.com>
On (10/09/12 20:25), Paul E. McKenney wrote:
>
> Looks sane to me! Dropping my patch.
>
> Thanx, Paul
>
Thanks a lot, Paul. I will resend with proper subject, so it'll be more visible in the list.
-ss
> > ----------------------------------------------------------------------------
> >
> > Commit ad676077
> > | Author: Aristeu Rozanski <aris@redhat.com>
> > | Date: Thu Oct 4 17:15:17 2012 -0700
> > | device_cgroup: convert device_cgroup internally to policy + exceptions
> >
> > moved RCU read-side protection from devcgroup_inode_mknod(), which, however is required
> > by task_devcgroup(). Patch also add RCU read-side protection to __devcgroup_inode_permission()
> > function, introduced in commit ad676077.
> >
> > [ 0.946303] include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage!
> > [ 0.946511]
> > [ 0.946606] 2 locks held by kdevtmpfs/28:
> > [ 0.946684] #0: (sb_writers){.+.+.+}, at: [<ffffffff81144bcb>] mnt_want_write+0x24/0x4b
> > [ 0.947083] #1: (&sb->s_type->i_mutex_key#3/1){+.+.+.}, at: [<ffffffff81133d04>] kern_path_create+0x83/0x144
> > [ 0.947598]
> > [ 0.947787] Call Trace:
> > [ 0.947868] [<ffffffff81089644>] lockdep_rcu_suspicious+0x109/0x112
> > [ 0.947958] [<ffffffff81258fa0>] devcgroup_inode_mknod+0x9e/0xee
> > [ 0.948043] [<ffffffff81132ee7>] vfs_mknod+0x8a/0xed
> > [ 0.948129] [<ffffffff813b98af>] handle_create.isra.2+0x144/0x1b5
> > [ 0.948214] [<ffffffff813b99bf>] ? devtmpfsd+0x9f/0x138
> > [ 0.948298] [<ffffffff81295d5c>] ? do_raw_spin_lock+0x67/0xde
> > [ 0.948384] [<ffffffff81295e92>] ? do_raw_spin_unlock+0x8f/0x98
> > [ 0.948469] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5
> > [ 0.948554] [<ffffffff813b9a04>] devtmpfsd+0xe4/0x138
> > [ 0.948638] [<ffffffff813b9920>] ? handle_create.isra.2+0x1b5/0x1b5
> > [ 0.948724] [<ffffffff810582b6>] kthread+0xd5/0xdd
> > [ 0.948814] [<ffffffff814db664>] kernel_thread_helper+0x4/0x10
> > [ 0.948900] [<ffffffff814d2973>] ? retint_restore_args+0x13/0x13
> > [ 0.948985] [<ffffffff810581e1>] ? __init_kthread_worker+0x5a/0x5a
> > [ 0.949069] [<ffffffff814db660>] ? gs_change+0x13/0x13
> >
> >
> > devcgroup_inode_mknod() part submitted by Paul E. McKenney.
> >
> >
> > Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
> >
> > ---
> >
> > security/device_cgroup.c | 21 +++++++++++++++++----
> > 1 file changed, 17 insertions(+), 4 deletions(-)
> >
> > diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> > index 44dfc41..043eb00 100644
> > --- a/security/device_cgroup.c
> > +++ b/security/device_cgroup.c
> > @@ -558,7 +558,8 @@ static int __devcgroup_check_permission(struct dev_cgroup *dev_cgroup,
> >
> > int __devcgroup_inode_permission(struct inode *inode, int mask)
> > {
> > - struct dev_cgroup *dev_cgroup = task_devcgroup(current);
> > + struct dev_cgroup *dev_cgroup;
> > + int ret;
> > short type, access = 0;
> >
> > if (S_ISBLK(inode->i_mode))
> > @@ -570,13 +571,20 @@ int __devcgroup_inode_permission(struct inode *inode, int mask)
> > if (mask & MAY_READ)
> > access |= ACC_READ;
> >
> > - return __devcgroup_check_permission(dev_cgroup, type, imajor(inode),
> > + rcu_read_lock();
> > +
> > + dev_cgroup = task_devcgroup(current);
> > + ret = __devcgroup_check_permission(dev_cgroup, type, imajor(inode),
> > iminor(inode), access);
> > +
> > + rcu_read_unlock();
> > + return ret;
> > }
> >
> > int devcgroup_inode_mknod(int mode, dev_t dev)
> > {
> > - struct dev_cgroup *dev_cgroup = task_devcgroup(current);
> > + struct dev_cgroup *dev_cgroup;
> > + int ret;
> > short type;
> >
> > if (!S_ISBLK(mode) && !S_ISCHR(mode))
> > @@ -587,7 +595,12 @@ int devcgroup_inode_mknod(int mode, dev_t dev)
> > else
> > type = DEV_CHAR;
> >
> > - return __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev),
> > + rcu_read_lock();
> > +
> > + dev_cgroup = task_devcgroup(current);
> > + ret = __devcgroup_check_permission(dev_cgroup, type, MAJOR(dev),
> > MINOR(dev), ACC_MKNOD);
> >
> > + rcu_read_unlock();
> > + return ret;
> > }
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at http://www.tux.org/lkml/
> >
>
prev parent reply other threads:[~2012-10-10 23:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-05 22:52 include/linux/cgroup.h:566 suspicious rcu_dereference_check() usage! Cristian Rodríguez
2012-10-08 19:49 ` Paul E. McKenney
2012-10-10 1:08 ` Sergey Senozhatsky
2012-10-10 3:25 ` Paul E. McKenney
2012-10-10 23:20 ` Sergey Senozhatsky [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121010232047.GF4628@swordfish.datadirect.datadirectnet.com \
--to=sergey.senozhatsky@gmail.com \
--cc=crrodriguez@opensuse.org \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox