lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 7 Jun 2020 23:17:34 -0500
From:   "Serge E. Hallyn" <serge@...lyn.com>
To:     "Paul E. McKenney" <paulmck@...nel.org>
Cc:     Stephen Rothwell <sfr@...b.auug.org.au>,
        Amol Grover <frextrite@...il.com>,
        James Morris <jmorris@...ei.org>,
        "Serge E . Hallyn" <serge@...lyn.com>,
        linux-kernel@...r.kernel.org,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        Joel Fernandes <joel@...lfernandes.org>,
        Madhuparna Bhowmik <madhuparnabhowmik10@...il.com>,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH RESEND] device_cgroup: Fix RCU list debugging warning

On Sun, Jun 07, 2020 at 12:08:40PM -0700, Paul E. McKenney wrote:
> On Sun, Jun 07, 2020 at 06:23:40AM +1000, Stephen Rothwell wrote:
> > Hi all,
> > 
> > On Mon, 6 Apr 2020 16:29:50 +0530 Amol Grover <frextrite@...il.com> wrote:
> > >
> > > exceptions may be traversed using list_for_each_entry_rcu()
> > > outside of an RCU read side critical section BUT under the
> > > protection of decgroup_mutex. Hence add the corresponding
> > > lockdep expression to fix the following false-positive
> > > warning:
> > > 
> > > [    2.304417] =============================
> > > [    2.304418] WARNING: suspicious RCU usage
> > > [    2.304420] 5.5.4-stable #17 Tainted: G            E
> > > [    2.304422] -----------------------------
> > > [    2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!!
> > > 
> > > Signed-off-by: Amol Grover <frextrite@...il.com>
> > > ---
> > >  security/device_cgroup.c | 3 ++-
> > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> > > index 7d0f8f7431ff..b7da9e0970d9 100644
> > > --- a/security/device_cgroup.c
> > > +++ b/security/device_cgroup.c
> > > @@ -352,7 +352,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type,
> > >  {
> > >  	struct dev_exception_item *ex;
> > >  
> > > -	list_for_each_entry_rcu(ex, exceptions, list) {
> > > +	list_for_each_entry_rcu(ex, exceptions, list,
> > > +				lockdep_is_held(&devcgroup_mutex)) {
> > >  		if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK))
> > >  			continue;
> > >  		if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))
> > > -- 
> > > 2.24.1
> > > 
> > 
> > I have been carrying the above patch in linux-next for some time now.
> > I have been carrying it because it fixes problems for syzbot (see the
> > third warning in
> > https://lore.kernel.org/linux-next/CACT4Y+YnjK+kq0pfb5fe-q1bqe2T1jq_mvKHf--Z80Z3wkyK1Q@mail.gmail.com/).
> > Is there some reason it has not been applied to some tree?
> 
> The RCU changes on which this patch depends have long since made it to
> mainline, so it can go up any tree.  I can take it if no one else will,
> but it might be better going in via the security tree.
> 
> 							Thanx, Paul

James, do you mind pulling it in?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ