lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 3 May 2010 17:30:23 -0500
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	David Howells <dhowells@...hat.com>
Cc:	torvalds@...l.org, akpm@...ux-foundation.org,
	keyrings@...ux-nfs.org, linux-security-module@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/7] KEYS: Use RCU dereference wrappers in keyring key
 type code

Quoting David Howells (dhowells@...hat.com):
> The keyring key type code should use RCU dereference wrappers, even when it
> holds the keyring's key semaphore.
> 
> Reported-by: Vegard Nossum <vegard.nossum@...il.com>
> Signed-off-by: David Howells <dhowells@...hat.com>

Acked-by: Serge Hallyn <serue@...ibm.com>


<shrug> does this mean that the
        klist = rcu_dereference_check(keyring->payload.subscriptions,
				      lockdep_is_held(&key_serial_lock));
in security/keys/gc.c:key_gc_keyring() should become a
rcu_dereference_protected() to avoid the rcu_dereference_raw() and for
consistency?

> ---
> 
>  security/keys/keyring.c |   23 +++++++++++++----------
>  1 files changed, 13 insertions(+), 10 deletions(-)
> 
> diff --git a/security/keys/keyring.c b/security/keys/keyring.c
> index d570824..63385af 100644
> --- a/security/keys/keyring.c
> +++ b/security/keys/keyring.c
> @@ -20,6 +20,11 @@
>  #include <linux/uaccess.h>
>  #include "internal.h"
> 
> +#define rcu_dereference_locked_keyring(keyring)				\
> +	(rcu_dereference_protected(					\
> +		(keyring)->payload.subscriptions,			\
> +		rwsem_is_locked((struct rw_semaphore *)&(keyring)->sem)))
> +
>  /*
>   * when plumbing the depths of the key tree, this sets a hard limit set on how
>   * deep we're willing to go
> @@ -201,8 +206,7 @@ static long keyring_read(const struct key *keyring,
>  	int loop, ret;
> 
>  	ret = 0;
> -	klist = keyring->payload.subscriptions;
> -
> +	klist = rcu_dereference_locked_keyring(keyring);

Weird, this was a straight rcu_dereference in my tree (which would
still deserve a switch for the same reason as patch 1 of course)

>  	if (klist) {
>  		/* calculate how much data we could return */
>  		qty = klist->nkeys * sizeof(key_serial_t);
> @@ -720,8 +724,7 @@ int __key_link(struct key *keyring, struct key *key)
>  	}
> 
>  	/* see if there's a matching key we can displace */
> -	klist = keyring->payload.subscriptions;
> -
> +	klist = rcu_dereference_locked_keyring(keyring);
>  	if (klist && klist->nkeys > 0) {
>  		struct key_type *type = key->type;
> 
> @@ -765,8 +768,6 @@ int __key_link(struct key *keyring, struct key *key)
>  	if (ret < 0)
>  		goto error2;
> 
> -	klist = keyring->payload.subscriptions;
> -

huh, yeah, seems to have been there and unneeded since at least 2007.

-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ