lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200607190840.GG4455@paulmck-ThinkPad-P72>
Date:   Sun, 7 Jun 2020 12:08:40 -0700
From:   "Paul E. McKenney" <paulmck@...nel.org>
To:     Stephen Rothwell <sfr@...b.auug.org.au>
Cc:     Amol Grover <frextrite@...il.com>,
        James Morris <jmorris@...ei.org>,
        "Serge E . Hallyn" <serge@...lyn.com>,
        linux-kernel@...r.kernel.org,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        Joel Fernandes <joel@...lfernandes.org>,
        Madhuparna Bhowmik <madhuparnabhowmik10@...il.com>,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH RESEND] device_cgroup: Fix RCU list debugging warning

On Sun, Jun 07, 2020 at 06:23:40AM +1000, Stephen Rothwell wrote:
> Hi all,
> 
> On Mon, 6 Apr 2020 16:29:50 +0530 Amol Grover <frextrite@...il.com> wrote:
> >
> > exceptions may be traversed using list_for_each_entry_rcu()
> > outside of an RCU read side critical section BUT under the
> > protection of decgroup_mutex. Hence add the corresponding
> > lockdep expression to fix the following false-positive
> > warning:
> > 
> > [    2.304417] =============================
> > [    2.304418] WARNING: suspicious RCU usage
> > [    2.304420] 5.5.4-stable #17 Tainted: G            E
> > [    2.304422] -----------------------------
> > [    2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!!
> > 
> > Signed-off-by: Amol Grover <frextrite@...il.com>
> > ---
> >  security/device_cgroup.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> > index 7d0f8f7431ff..b7da9e0970d9 100644
> > --- a/security/device_cgroup.c
> > +++ b/security/device_cgroup.c
> > @@ -352,7 +352,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type,
> >  {
> >  	struct dev_exception_item *ex;
> >  
> > -	list_for_each_entry_rcu(ex, exceptions, list) {
> > +	list_for_each_entry_rcu(ex, exceptions, list,
> > +				lockdep_is_held(&devcgroup_mutex)) {
> >  		if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK))
> >  			continue;
> >  		if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))
> > -- 
> > 2.24.1
> > 
> 
> I have been carrying the above patch in linux-next for some time now.
> I have been carrying it because it fixes problems for syzbot (see the
> third warning in
> https://lore.kernel.org/linux-next/CACT4Y+YnjK+kq0pfb5fe-q1bqe2T1jq_mvKHf--Z80Z3wkyK1Q@mail.gmail.com/).
> Is there some reason it has not been applied to some tree?

The RCU changes on which this patch depends have long since made it to
mainline, so it can go up any tree.  I can take it if no one else will,
but it might be better going in via the security tree.

							Thanx, Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ