| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 May 2012 11:12:27 -0400 From: Paul Moore <paul@...l-moore.com> To: Eric Paris <eparis@...isplace.org> Cc: paulmck@...ux.vnet.ibm.com, Dave Jones <davej@...hat.com>, sds@...ho.nsa.gov, Linux Kernel <linux-kernel@...r.kernel.org> Subject: Re: suspicious RCU usage in security/selinux/netnode.c On Tuesday, May 15, 2012 10:52:07 AM Eric Paris wrote: > On Tue, May 15, 2012 at 10:46 AM, Paul E. McKenney > > <paulmck@...ux.vnet.ibm.com> wrote: > > On Tue, May 15, 2012 at 10:24:23AM -0400, Eric Paris wrote: > >> On Tue, May 15, 2012 at 1:16 AM, Paul E. McKenney > >> > >> <paulmck@...ux.vnet.ibm.com> wrote: > >> > On Tue, May 15, 2012 at 12:41:45AM -0400, Dave Jones wrote: > >> >> I just triggered this on Linus' current tree. > >> > > >> > This is a bare: > >> > > >> > rcu_dereference(sel_netnode_hash[idx].list.prev) > >> > > >> > which needs to be in an RCU read-side critical section. Alternatively, > >> > the above should instead be something like: > >> > > >> > rcu_dereference_check(sel_netnode_hash[idx].list.prev, > >> > lockdep_is_held(&sel_netnode_lock)); > >> > >> Right, but that 'bare' dereference comes from > >> list_for_each_entry_rcu(), [from sel_netnode_sid_slow()] which I don't > >> see how to easily annotate with the lock. Nor do I think it's within > >> my brain power (or my willingness to maintain such in the future) to > >> want to open code that logic. > > > > You lost me on this one. The lockdep splat called out the > > rcu_dereference() above, not a list_for_each_entry_rcu(). Besides which, > > the list_for_each_entry_rcu() does not do the checking -- at the time, > > I was not willing to explode the API that much. > > Ohhhh, ok. I assumed we needed to annotate list_for_each_entry_rcu() > under the spinlock as well as the bare dereference in the insert code. > Ok, should be very easy to fix, although the list running code is > still going to be un-annotated in any way. Thanks Sorry, email filters went awry and I lost this thread until Eric pointed it out to me ... Despite a common first name, the other Paul is the RCU expert, no I unfortunately. Can someone explain the difference between rcu_dereference_check() and rcu_dereference_protected()? We use rcu_dereference_protected() for a very similar reason in selinux/netport.c:sel_netport_insert() and it seems like a better choice ... ? I'll throw a patch together but wanted to clear this up first. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists