lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 7 Jun 2020 06:23:40 +1000
From:   Stephen Rothwell <sfr@...b.auug.org.au>
To:     Amol Grover <frextrite@...il.com>
Cc:     James Morris <jmorris@...ei.org>,
        "Serge E . Hallyn" <serge@...lyn.com>,
        linux-kernel@...r.kernel.org,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        Joel Fernandes <joel@...lfernandes.org>,
        Madhuparna Bhowmik <madhuparnabhowmik10@...il.com>,
        "Paul E . McKenney" <paulmck@...nel.org>,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH RESEND] device_cgroup: Fix RCU list debugging warning

Hi all,

On Mon, 6 Apr 2020 16:29:50 +0530 Amol Grover <frextrite@...il.com> wrote:
>
> exceptions may be traversed using list_for_each_entry_rcu()
> outside of an RCU read side critical section BUT under the
> protection of decgroup_mutex. Hence add the corresponding
> lockdep expression to fix the following false-positive
> warning:
> 
> [    2.304417] =============================
> [    2.304418] WARNING: suspicious RCU usage
> [    2.304420] 5.5.4-stable #17 Tainted: G            E
> [    2.304422] -----------------------------
> [    2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!!
> 
> Signed-off-by: Amol Grover <frextrite@...il.com>
> ---
>  security/device_cgroup.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> index 7d0f8f7431ff..b7da9e0970d9 100644
> --- a/security/device_cgroup.c
> +++ b/security/device_cgroup.c
> @@ -352,7 +352,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type,
>  {
>  	struct dev_exception_item *ex;
>  
> -	list_for_each_entry_rcu(ex, exceptions, list) {
> +	list_for_each_entry_rcu(ex, exceptions, list,
> +				lockdep_is_held(&devcgroup_mutex)) {
>  		if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK))
>  			continue;
>  		if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))
> -- 
> 2.24.1
> 

I have been carrying the above patch in linux-next for some time now.
I have been carrying it because it fixes problems for syzbot (see the
third warning in
https://lore.kernel.org/linux-next/CACT4Y+YnjK+kq0pfb5fe-q1bqe2T1jq_mvKHf--Z80Z3wkyK1Q@mail.gmail.com/).
Is there some reason it has not been applied to some tree?

-- 
Cheers,
Stephen Rothwell

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ