lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111107162531.GA28795@redhat.com>
Date:	Mon, 7 Nov 2011 11:25:32 -0500
From:	Dave Jones <davej@...hat.com>
To:	Linux Kernel <linux-kernel@...r.kernel.org>
Cc:	Stephen Smalley <sds@...ho.nsa.gov>,
	James Morris <jmorris@...ei.org>,
	Eric Paris <eparis@...isplace.org>
Subject: suspicious RCU usage in security/selinux/netport.c:127

I think I reported this a while ago. Turns out it's still a problem.
This patch I think made the warning go away, but it might be a bit too 'big hammer' ?

	Dave

===============================
[ INFO: suspicious RCU usage. ]
-------------------------------
security/selinux/netport.c:127 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 1, debug_locks = 0
1 lock held by named/1687:
 #0:  (sel_netport_lock){+.....}, at: [<ffffffff812e3799>] sel_netport_sid+0xd9/0x260

stack backtrace:
Pid: 1687, comm: named Not tainted 3.1.0+ #1
Call Trace:
 [<ffffffff810bcc37>] lockdep_rcu_suspicious+0xd7/0xe0
 [<ffffffff812e3917>] sel_netport_sid+0x257/0x260
 [<ffffffff812e36c0>] ? sel_netport_find+0xe0/0xe0
 [<ffffffff812dd8ba>] selinux_socket_bind+0x22a/0x300
 [<ffffffff8116ceb3>] ? might_fault+0x53/0xb0
 [<ffffffff8116cefc>] ? might_fault+0x9c/0xb0
 [<ffffffff8116ceb3>] ? might_fault+0x53/0xb0
 [<ffffffff812d3fb6>] security_socket_bind+0x16/0x20
 [<ffffffff81539b4a>] sys_bind+0x7a/0x100
 [<ffffffff816572ba>] ? sysret_check+0x2e/0x69
 [<ffffffff810c18dd>] ? trace_hardirqs_on_caller+0x11d/0x1b0
 [<ffffffff8133c65e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
 [<ffffffff81657282>] system_call_fastpath+0x16/0x1b

diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 0b62bd1..69f6928 100644
--- a/security/selinux/netport.c
+++ b/security/selinux/netport.c
@@ -119,6 +119,7 @@ static void sel_netport_insert(struct sel_netport *port)
 	/* we need to impose a limit on the growth of the hash table so check
 	 * this bucket to make sure it is within the specified bounds */
 	idx = sel_netport_hashfn(port->psec.port);
+	rcu_read_lock();
 	list_add_rcu(&port->list, &sel_netport_hash[idx].list);
 	if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) {
 		struct sel_netport *tail;
@@ -129,6 +130,7 @@ static void sel_netport_insert(struct sel_netport *port)
 		kfree_rcu(tail, rcu);
 	} else
 		sel_netport_hash[idx].size++;
+	rcu_read_unlock();
 }
 
 /**
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ