| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Feb 2013 12:56:28 +0100
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: dedekind1@...il.com
CC: linux-mtd@...ts.infradead.org,
linux-security-module@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>,
"kernel@...gutronix.de" <kernel@...gutronix.de>
Subject: Re: SELinux + ubifs: possible circular locking dependency
On 02/14/2013 08:15 AM, Artem Bityutskiy wrote:
> Mark, how about this one? I compiled it and ran on my fedora 16 with
> SElinux enabled, no obvious issues.
>
> From a19350097200570571aa522afebb96b34db534f4 Mon Sep 17 00:00:00 2001
> From: Artem Bityutskiy <artem.bityutskiy@...ux.intel.com>
> Date: Thu, 14 Feb 2013 09:07:36 +0200
> Subject: [PATCH] selinux: do not confuse lockdep
>
> Selinux has per-inode mutexes called 'isec->lock', and they are initialized in
> the same place, which makes lockdep treat all of the them as if they were
> identical. However, locking rules may be a little bit different depending on
> the file-system, so we should put these locks to separate classes, just like we
> do for 'i_mutex'. Namely, we should put them to per-FS type classes, which is
> exactly what this patch does.
>
> The problem this patch intends to fix is a strange lockdep warning, which I,
> frankly speaking, do not really understand, but I believe the root-cause should
> be fixed by this patch.
Thanks, this works with mainline, but not with my xattr patch series
applied.
I get this warnings:
> [ 13.659593] ======================================================
> [ 13.665781] [ INFO: possible circular locking dependency detected ]
> [ 13.672062] 3.8.0-rc7-00011-gd50987e #113 Not tainted
> [ 13.677125] -------------------------------------------------------
> [ 13.683406] touch/81 is trying to acquire lock:
> [ 13.687968] (&sb->s_type->i_mutex_key#10){+.+...}, at: [<c0178330>] ubifs_init_security+0x24/0x5c
> [ 13.697031]
> [ 13.697031] but task is already holding lock:
> [ 13.702906] (&ui->ui_mutex){+.+...}, at: [<c0152a98>] ubifs_create+0xb4/0x1ec
> [ 13.710218]
> [ 13.710218] which lock already depends on the new lock.
> [ 13.710218]
> [ 13.718406]
> [ 13.718406] the existing dependency chain (in reverse order) is:
> [ 13.725906]
> -> #1 (&ui->ui_mutex){+.+...}:
> [ 13.730250] [<c00548f0>] lock_acquire+0x64/0x78
> [ 13.735437] [<c035ea74>] mutex_lock_nested+0x5c/0x2ec
> [ 13.741156] [<c014f510>] ubifs_write_begin+0x314/0x500
> [ 13.746937] [<c0084998>] generic_file_buffered_write+0x1b4/0x288
> [ 13.753625] [<c0086704>] __generic_file_aio_write+0x1bc/0x434
> [ 13.760000] [<c00869e4>] generic_file_aio_write+0x68/0xd8
> [ 13.766031] [<c014eaec>] ubifs_aio_write+0xf8/0x194
> [ 13.771562] [<c00b8994>] do_sync_write+0x94/0xc8
> [ 13.776843] [<c00b9148>] vfs_write+0xa0/0x17c
> [ 13.781843] [<c00b9450>] sys_write+0x3c/0x70
> [ 13.786750] [<c000e400>] ret_fast_syscall+0x0/0x38
> [ 13.792187]
> -> #0 (&sb->s_type->i_mutex_key#10){+.+...}:
> [ 13.797781] [<c0053e50>] __lock_acquire+0x14ec/0x1b08
> [ 13.803468] [<c00548f0>] lock_acquire+0x64/0x78
> [ 13.808625] [<c035ea74>] mutex_lock_nested+0x5c/0x2ec
> [ 13.814343] [<c0178330>] ubifs_init_security+0x24/0x5c
> [ 13.820125] [<c0152b10>] ubifs_create+0x12c/0x1ec
> [ 13.825468] [<c00c40a0>] vfs_create+0xa8/0x118
> [ 13.830562] [<c00c6594>] do_last+0x930/0xd4c
> [ 13.835468] [<c00c6a58>] path_openat+0xa8/0x4b8
> [ 13.840625] [<c00c7168>] do_filp_open+0x2c/0x80
> [ 13.845812] [<c00b86e4>] do_sys_open+0xe4/0x170
> [ 13.850968] [<c000e400>] ret_fast_syscall+0x0/0x38
> [ 13.856406]
> [ 13.856406] other info that might help us debug this:
> [ 13.856406]
> [ 13.864437] Possible unsafe locking scenario:
> [ 13.864437]
> [ 13.870375] CPU0 CPU1
> [ 13.874906] ---- ----
> [ 13.879468] lock(&ui->ui_mutex);
> [ 13.882906] lock(&sb->s_type->i_mutex_key#10);
> [ 13.890093] lock(&ui->ui_mutex);
> [ 13.896031] lock(&sb->s_type->i_mutex_key#10);
> [ 13.900718]
> [ 13.900718] *** DEADLOCK ***
> [ 13.900718]
> [ 13.906656] 3 locks held by touch/81:
> [ 13.910312] #0: (sb_writers#3){.+.+.+}, at: [<c00d4e68>] mnt_want_write+0x18/0x3c
> [ 13.918093] #1: (&type->i_mutex_dir_key){+.+.+.}, at: [<c00c5fcc>] do_last+0x368/0xd4c
> [ 13.926281] #2: (&ui->ui_mutex){+.+...}, at: [<c0152a98>] ubifs_create+0xb4/0x1ec
> [ 13.934031]
> [ 13.934031] stack backtrace:
> [ 13.938468] [<c00124f0>] (unwind_backtrace+0x0/0xf0) from [<c035a670>] (print_circular_bug+0x25c/0x2a8)
> [ 13.947906] [<c035a670>] (print_circular_bug+0x25c/0x2a8) from [<c0053e50>] (__lock_acquire+0x14ec/0x1b08)
> [ 13.957593] [<c0053e50>] (__lock_acquire+0x14ec/0x1b08) from [<c00548f0>] (lock_acquire+0x64/0x78)
> [ 13.966593] [<c00548f0>] (lock_acquire+0x64/0x78) from [<c035ea74>] (mutex_lock_nested+0x5c/0x2ec)
> [ 13.975593] [<c035ea74>] (mutex_lock_nested+0x5c/0x2ec) from [<c0178330>] (ubifs_init_security+0x24/0x5c)
> [ 13.985187] [<c0178330>] (ubifs_init_security+0x24/0x5c) from [<c0152b10>] (ubifs_create+0x12c/0x1ec)
> [ 13.994437] [<c0152b10>] (ubifs_create+0x12c/0x1ec) from [<c00c40a0>] (vfs_create+0xa8/0x118)
> [ 14.003000] [<c00c40a0>] (vfs_create+0xa8/0x118) from [<c00c6594>] (do_last+0x930/0xd4c)
> [ 14.011125] [<c00c6594>] (do_last+0x930/0xd4c) from [<c00c6a58>] (path_openat+0xa8/0x4b8)
> [ 14.019343] [<c00c6a58>] (path_openat+0xa8/0x4b8) from [<c00c7168>] (do_filp_open+0x2c/0x80)
> [ 14.027812] [<c00c7168>] (do_filp_open+0x2c/0x80) from [<c00b86e4>] (do_sys_open+0xe4/0x170)
> [ 14.036281] [<c00b86e4>] (do_sys_open+0xe4/0x170) from [<c000e400>] (ret_fast_syscall+0x0/0x38)
or this:
> [ 54.994687]
> [ 54.996218] ======================================================
> [ 55.002437] [ INFO: possible circular locking dependency detected ]
> [ 55.008718] 3.8.0-rc7-00011-gd50987e #113 Not tainted
> [ 55.013781] -------------------------------------------------------
> [ 55.020062] semodule/427 is trying to acquire lock:
> [ 55.024937] (&sb->s_type->i_mutex_key#12){+.+.+.}, at: [<c0178330>] ubifs_init_security+0x24/0x5c
> [ 55.034031]
> [ 55.034031] but task is already holding lock:
> [ 55.039875] (&ui->ui_mutex){+.+...}, at: [<c0152614>] ubifs_mkdir+0x98/0x204
> [ 55.047125]
> [ 55.047125] which lock already depends on the new lock.
> [ 55.047125]
> [ 55.055312]
> [ 55.055312] the existing dependency chain (in reverse order) is:
> [ 55.062812]
> -> #1 (&ui->ui_mutex){+.+...}:
> [ 55.067156] [<c00548f0>] lock_acquire+0x64/0x78
> [ 55.072343] [<c035ea74>] mutex_lock_nested+0x5c/0x2ec
> [ 55.078031] [<c014ffb8>] ubifs_setattr+0x2c8/0x3f8
> [ 55.083500] [<c00d1b14>] notify_change+0x1dc/0x330
> [ 55.088937] [<c00b7838>] do_truncate+0x78/0x9c
> [ 55.094031] [<c00c6318>] do_last+0x6b4/0xd4c
> [ 55.098937] [<c00c6a58>] path_openat+0xa8/0x4b8
> [ 55.104125] [<c00c7168>] do_filp_open+0x2c/0x80
> [ 55.109281] [<c00b86e4>] do_sys_open+0xe4/0x170
> [ 55.114468] [<c000e400>] ret_fast_syscall+0x0/0x38
> [ 55.119906]
> -> #0 (&sb->s_type->i_mutex_key#12){+.+.+.}:
> [ 55.125468] [<c0053e50>] __lock_acquire+0x14ec/0x1b08
> [ 55.131187] [<c00548f0>] lock_acquire+0x64/0x78
> [ 55.136343] [<c035ea74>] mutex_lock_nested+0x5c/0x2ec
> [ 55.142062] [<c0178330>] ubifs_init_security+0x24/0x5c
> [ 55.147843] [<c01526b4>] ubifs_mkdir+0x138/0x204
> [ 55.153093] [<c00c3e50>] vfs_mkdir+0xb8/0x138
> [ 55.158093] [<c00c74bc>] sys_mkdirat+0x5c/0xb0
> [ 55.163187] [<c000e400>] ret_fast_syscall+0x0/0x38
> [ 55.168625]
> [ 55.168625] other info that might help us debug this:
> [ 55.168625]
> [ 55.176625] Possible unsafe locking scenario:
> [ 55.176625]
> [ 55.182562] CPU0 CPU1
> [ 55.187125] ---- ----
> [ 55.191656] lock(&ui->ui_mutex);
> [ 55.195093] lock(&sb->s_type->i_mutex_key#12);
> [ 55.202281] lock(&ui->ui_mutex);
> [ 55.208218] lock(&sb->s_type->i_mutex_key#12);
> [ 55.212906]
> [ 55.212906] *** DEADLOCK ***
> [ 55.212906]
> [ 55.218843] 3 locks held by semodule/427:
> [ 55.222875] #0: (sb_writers#3){.+.+.+}, at: [<c00d4e68>] mnt_want_write+0x18/0x3c
> [ 55.230656] #1: (&type->i_mutex_dir_key/1){+.+.+.}, at: [<c00c4ed0>] kern_path_create+0x6c/0x11c
> [ 55.239718] #2: (&ui->ui_mutex){+.+...}, at: [<c0152614>] ubifs_mkdir+0x98/0x204
> [ 55.247375]
> [ 55.247375] stack backtrace:
> [ 55.251812] [<c00124f0>] (unwind_backtrace+0x0/0xf0) from [<c035a670>] (print_circular_bug+0x25c/0x2a8)
> [ 55.261250] [<c035a670>] (print_circular_bug+0x25c/0x2a8) from [<c0053e50>] (__lock_acquire+0x14ec/0x1b08)
> [ 55.270937] [<c0053e50>] (__lock_acquire+0x14ec/0x1b08) from [<c00548f0>] (lock_acquire+0x64/0x78)
> [ 55.279937] [<c00548f0>] (lock_acquire+0x64/0x78) from [<c035ea74>] (mutex_lock_nested+0x5c/0x2ec)
> [ 55.288937] [<c035ea74>] (mutex_lock_nested+0x5c/0x2ec) from [<c0178330>] (ubifs_init_security+0x24/0x5c)
> [ 55.298531] [<c0178330>] (ubifs_init_security+0x24/0x5c) from [<c01526b4>] (ubifs_mkdir+0x138/0x204)
> [ 55.307687] [<c01526b4>] (ubifs_mkdir+0x138/0x204) from [<c00c3e50>] (vfs_mkdir+0xb8/0x138)
> [ 55.316062] [<c00c3e50>] (vfs_mkdir+0xb8/0x138) from [<c00c74bc>] (sys_mkdirat+0x5c/0xb0)
> [ 55.324281] [<c00c74bc>] (sys_mkdirat+0x5c/0xb0) from [<c000e400>] (ret_fast_syscall+0x0/0x38)
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Industrial Linux Solutions | Phone: +49-231-2826-924 |
Vertretung West/Dortmund | Fax: +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de |
Download attachment "signature.asc" of type "application/pgp-signature" (264 bytes)
Powered by blists - more mailing lists