| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250613141447.GF414686@horms.kernel.org>
Date: Fri, 13 Jun 2025 15:14:47 +0100
From: Simon Horman <horms@...nel.org>
To: Stephen Smalley <stephen.smalley.work@...il.com>
Cc: selinux@...r.kernel.org, paul@...l-moore.com, omosnace@...hat.com,
netdev@...r.kernel.org
Subject: Re: [PATCH v4 04/42] selinux: dynamically allocate selinux namespace
On Tue, Jun 10, 2025 at 01:21:35PM -0400, Stephen Smalley wrote:
> Move from static allocation of a single selinux namespace to
> dynamic allocation. Include necessary support for lifecycle management
> of the selinux namespace, modeled after the user namespace support.
>
> Signed-off-by: Stephen Smalley <stephen.smalley.work@...il.com>
...
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 112edf9b2106..c67965cbfcba 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -2202,7 +2202,7 @@ static void security_load_policycaps(struct selinux_state *state,
> static int security_preserve_bools(struct selinux_policy *oldpolicy,
> struct selinux_policy *newpolicy);
>
> -static void selinux_policy_free(struct selinux_policy *policy)
> +void selinux_policy_free(struct selinux_policy __rcu *policy)
Hi Stephen,
It looks like this __rcu annotation is insufficient, and further updates
are needed. I didn't look further, but Sparse says:
.../services.c:2212:27: warning: incorrect type in argument 1 (different address spaces)
.../services.c:2212:27: expected struct policydb *p
.../services.c:2212:27: got struct policydb [noderef] __rcu *
.../services.c:2214:15: warning: incorrect type in argument 1 (different address spaces)
.../services.c:2214:15: expected void const *objp
.../services.c:2214:15: got struct selinux_policy [noderef] __rcu *policy
.../services.c:2232:39: warning: incorrect type in argument 1 (different address spaces)
.../services.c:2232:39: expected struct selinux_policy [noderef] __rcu *policy
.../services.c:2232:39: got struct selinux_policy *policy
.../services.c:2297:29: warning: incorrect type in argument 1 (different address spaces)
.../services.c:2297:29: expected struct selinux_policy [noderef] __rcu *policy
.../services.c:2297:29: got struct selinux_policy *[assigned] oldpolicy
.../services.c:2210:24: warning: dereference of noderef expression
.../services.c:2211:15: warning: dereference of noderef expression
.../services.c:2213:15: warning: dereference of noderef expression
> {
> if (!policy)
> return;
...
Powered by blists - more mailing lists