lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhTup_3LnC+i77_bC93G0GUdh1xY7JM5fbRD5_oPO9=jMA@mail.gmail.com>
Date:   Fri, 20 Dec 2019 08:48:06 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     hui yang <yanghui.def@...il.com>
Cc:     Stephen Smalley <sds@...ho.nsa.gov>,
        Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] netnode.c : fix sel_netnode_hash be destroyed

On Fri, Dec 20, 2019 at 5:07 AM hui yang <yanghui.def@...il.com> wrote:
> From: YangHui <yanghui.def@...il.com>
>
> we often find below error :
> [   30.729718] Unable to handle kernel paging request at virtual address fffffffffffffffc
> [   30.747478] Kernel BUG at sel_netnode_find+0x6c/0xf0 [verbose debug info unavailable]
> [   30.818858] PC is at sel_netnode_find+0x6c/0xf0
> [   30.824671] LR is at sel_netnode_sid+0x3c/0x248
> [   30.829170] pc : [<ffffff8008428094>] lr : [<ffffff8008428154>] pstate: a0400145
> [   30.833701] sp : ffffffc026f27c50
> [   30.841319] x29: ffffffc026f27c50 x28: ffffffc026f27e40
> [   30.849634] x27: ffffff8009132000 x26: 0000000000000000
> [   30.854932] x25: ffffffc016f0aa80 x24: 0000000000000000
> [   30.860224] x23: ffffffc026f27e38 x22: ffffffc026f27d34
> [   30.865520] x21: 000000000000000a x20: ffffffc026f27e40
> [   30.870818] x19: 000000000000000a x18: 0000007a13b48000
> [   30.876118] x17: 0000007a16ca93c0 x16: ffffff8008e56b2c
> [   30.881406] x15: 0000000000000020 x14: 002dc6bffa5d9e00
> [   30.886701] x13: 203a644974654e4c x12: 00000000000017c1
> [   30.891997] x11: 0000000000000000 x10: 0000000000000001
> [   30.897292] x9 : 0000000000000002 x8 : ffffff8009933090
> [   30.902588] x7 : ffffffc0725fd090 x6 : 0000000004fd9f2c
> [   30.907881] x5 : 0000000000000000 x4 : 0000000000000000
> [   30.913176] x3 : 00000001ffffffff x2 : 0000000000000000
> [   30.918475] x1 : ffffff800a10ca80 x0 : ffffffffffffffe8
> some sel_netnode_hash[idx].list==NULL,so happend this.
> I add spin_lock_bh on sel_netnode_init.
>
> Signed-off-by: YangHui <yanghui.def@...il.com>
> ---
>  security/selinux/netnode.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
> index 9ab84ef..aa0eeb7 100644
> --- a/security/selinux/netnode.c
> +++ b/security/selinux/netnode.c
> @@ -293,11 +293,12 @@ static __init int sel_netnode_init(void)
>
>         if (!selinux_enabled)
>                 return 0;
> -
> +       spin_lock_bh(&sel_netnode_lock);
>         for (iter = 0; iter < SEL_NETNODE_HASH_SIZE; iter++) {
>                 INIT_LIST_HEAD(&sel_netnode_hash[iter].list);
>                 sel_netnode_hash[iter].size = 0;
>         }
> +       spin_unlock_bh(&sel_netnode_lock);
>
>         return 0;
>  }

I'm confused as to why this patch solved your problem.  The
sel_netnode_init() function is only run once during early boot and
there shouldn't be any other threads trying to access the netnode
cache at this point.

Can you explain the conditions under which you see this problem?  What
kernel are you using (stock distro kernel?  upstream?  Android?)?  Can
you reproduce this problem?  Can you provide source code line numbers
associated with the func/offset lines in the backtrace above?

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ