lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250824130106.35366-1-mittalyugansh1@gmail.com>
Date: Sun, 24 Aug 2025 18:31:06 +0530
From: Yugansh Mittal <mittalyugansh1@...il.com>
To: paul@...l-moore.com,
	stephen.smalley.work@...il.com
Cc: omosnace@...hat.com,
	selinux@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	mittalyugansh1@...il.com
Subject: [PATCH 2/2] selinux: make __inode_security_revalidate non-sleeping

Replace the blocking revalidation logic in __inode_security_revalidate()
with a fast, RCU-safe check of the inode security struct.

Previously, the function could invoke inode_doinit_with_dentry() when
may_sleep was true, which might block. With this change we always avoid
sleeping and return -ECHILD if the inode label is invalid, forcing the
caller to retry in a sleepable context.

This ensures that __inode_security_revalidate() can safely run in
non-sleepable contexts while preserving correct retry semantics.

Signed-off-by: Yugansh Mittal <mittalyugansh1@...il.com>
---
 security/selinux/hooks.c | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c95a5874b..2bb94794e 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -282,19 +282,15 @@ static int __inode_security_revalidate(struct inode *inode,
 	if (!selinux_initialized())
 		return 0;
 
-	if (may_sleep)
-		might_sleep();
-	else
-		return -ECHILD;
-
-	/*
-	 * Check to ensure that an inode's SELinux state is valid and try
-	 * reloading the inode security label if necessary.  This will fail if
-	 * @dentry is NULL and no dentry for this inode can be found; in that
-	 * case, continue using the old label.
-	 */
-	inode_doinit_with_dentry(inode, dentry);
-	return 0;
+	rcu_read_lock();
+        isec = selinux_inode(inode);
+        if (unlikely(!isec || is_label_invalid(isec))) {
+                rcu_read_unlock();
+                return -ECHILD;  /* force caller to handle reload elsewhere */
+        }
+        rcu_read_unlock();
+
+	return 0; /* valid and no sleeping done */
 }
 
 static struct inode_security_struct *inode_security_novalidate(struct inode *inode)
-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ