| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <55AF869E.4030304@yandex-team.ru>
Date: Wed, 22 Jul 2015 15:03:42 +0300
From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
To: Daniel Borkmann <daniel@...earbox.net>
CC: netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>,
Tejun Heo <tj@...nel.org>, cgroups@...r.kernel.org,
Li Zefan <lizefan@...wei.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] cgroup: net_cls: fix false-positive "suspicious RCU
usage"
On 22.07.2015 14:56, Daniel Borkmann wrote:
> On 07/22/2015 11:23 AM, Konstantin Khlebnikov wrote:
>> In dev_queue_xmit() net_cls protected with rcu-bh.
> ...
>> Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
>> ---
>> net/core/netclassid_cgroup.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/net/core/netclassid_cgroup.c b/net/core/netclassid_cgroup.c
>> index 1f2a126f4ffa..6441f47b1a8f 100644
>> --- a/net/core/netclassid_cgroup.c
>> +++ b/net/core/netclassid_cgroup.c
>> @@ -23,7 +23,8 @@ static inline struct cgroup_cls_state
>> *css_cls_state(struct cgroup_subsys_state
>>
>> struct cgroup_cls_state *task_cls_state(struct task_struct *p)
>> {
>> - return css_cls_state(task_css(p, net_cls_cgrp_id));
>> + return css_cls_state(task_css_check(p, net_cls_cgrp_id,
>> + rcu_read_lock_bh_held()));
>
> Did you also check that after your patch this doesn't trigger on ingress
> either? There, this code path could be invoked under rcu_read_lock(). So,
> perhaps you need to check for both.
I haven't seen warnings with this patch. rcu_read_lock_held() is
checked inside rcu_dereference_check() inside task_css_check().
So, overall check expression is:
lockdep_is_held(&cgroup_mutex) || <- in task_css_set_check
lockdep_is_held(&css_set_rwsem) ||
((task)->flags & PF_EXITING) ||
rcu_read_lock_bh_held() || <- mine
rcu_read_lock_held() <- in rcu_dereference_check
>
>> }
>> EXPORT_SYMBOL_GPL(task_cls_state);
--
Konstantin
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists