From: Manfred Spraul <manfred@colorfullife.com>
To: mtk.manpages@gmail.com, Andrew Morton <akpm@linux-foundation.org>,
Kees Cook <keescook@chromium.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
1vier1@web.de, Davidlohr Bueso <dave@stgolabs.net>,
mingo@kernel.org, peterz@infradead.org, fabf@skynet.be,
Manfred Spraul <manfred@colorfullife.com>
Subject: [PATCH 15/20] ipc/msg.c: Avoid ipc_rcu_putref for failed ipc_addid()
Date: Thu, 25 May 2017 20:51:02 +0200 [thread overview]
Message-ID: <20170525185107.12869-16-manfred@colorfullife.com> (raw)
In-Reply-To: <20170525185107.12869-1-manfred@colorfullife.com>
Loosely based on a patch from Kees Cook <keescook@chromium.org>:
- id and retval can be merged
- if ipc_addid() fails, then use call_rcu() directly.
The difference is that call_rcu is used for failed ipc_addid() calls,
to continue to guaranteed an rcu delay for security_msg_queue_free().
Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
Cc: Kees Cook <keescook@chromium.org>
---
ipc/msg.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/ipc/msg.c b/ipc/msg.c
index 10094a7..cd90bfd 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -132,7 +132,7 @@ static struct msg_queue *msg_alloc(void)
static int newque(struct ipc_namespace *ns, struct ipc_params *params)
{
struct msg_queue *msq;
- int id, retval;
+ int retval;
key_t key = params->key;
int msgflg = params->flg;
@@ -160,10 +160,10 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params)
INIT_LIST_HEAD(&msq->q_senders);
/* ipc_addid() locks msq upon success. */
- id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni);
- if (id < 0) {
- ipc_rcu_putref(&msq->q_perm, msg_rcu_free);
- return id;
+ retval = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni);
+ if (retval < 0) {
+ call_rcu(&msq->q_perm.rcu, msg_rcu_free);
+ return retval;
}
ipc_unlock_object(&msq->q_perm);
--
2.9.3
next prev parent reply other threads:[~2017-05-25 18:53 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-08 22:23 [PATCH] ipc/sem: Avoid indexing past end of sem_array Kees Cook
2017-05-14 13:54 ` Manfred Spraul
2017-05-15 17:40 ` Kees Cook
2017-05-15 17:19 ` [PATCH 0/2] Misc cleanups for ipc Manfred Spraul
2017-05-15 17:19 ` [PATCH 1/3] ipc/sem.c: remove sem_base, embed struct sem Manfred Spraul
2017-05-15 20:08 ` Andrew Morton
2017-05-15 22:16 ` Kees Cook
2017-05-16 5:46 ` Christoph Hellwig
2017-05-15 17:19 ` [PATCH 2/3] ipc: merge ipc_rcu and kern_ipc_perm Manfred Spraul
2017-05-16 0:03 ` Kees Cook
2017-05-19 5:52 ` [lkp-robot] [ipc] 2f93a15114: [No primary change] will-it-scale.time.involuntary_context_switches -99% kernel test robot
2017-05-15 17:19 ` [PATCH 3/3] include/linux/sem.h: Correctly document sem_ctime Manfred Spraul
2017-05-25 18:50 ` [PATCH 0/20 V3] Misc cleanups for ipc Manfred Spraul
2017-05-25 18:50 ` [PATCH 01/20] ipc/sem.c: remove sem_base, embed struct sem Manfred Spraul
2017-05-25 19:43 ` Kees Cook
2017-05-25 18:50 ` [PATCH 02/20] ipc: merge ipc_rcu and kern_ipc_perm Manfred Spraul
2017-05-25 19:34 ` Kees Cook
2017-05-26 3:37 ` Kees Cook
2017-05-25 18:50 ` [PATCH 03/20] include/linux/sem.h: Correctly document sem_ctime Manfred Spraul
2017-05-25 18:50 ` [PATCH 04/20] ipc: Drop non-RCU allocation Manfred Spraul
2017-05-25 19:35 ` Kees Cook
2017-05-25 18:50 ` [PATCH 05/20] ipc/sem: Do not use ipc_rcu_free() Manfred Spraul
2017-05-25 18:50 ` [PATCH 06/20] ipc/shm: " Manfred Spraul
2017-05-25 18:50 ` [PATCH 07/20] ipc/msg: " Manfred Spraul
2017-05-25 18:50 ` [PATCH 08/20] ipc/util: Drop ipc_rcu_free() Manfred Spraul
2017-05-25 18:50 ` [PATCH 09/20] ipc/sem: Avoid ipc_rcu_alloc() Manfred Spraul
2017-05-25 18:50 ` [PATCH 10/20] ipc/shm: " Manfred Spraul
2017-05-25 18:50 ` [PATCH 11/20] ipc/msg: " Manfred Spraul
2017-05-25 18:50 ` [PATCH 12/20] ipc/util: Drop ipc_rcu_alloc() Manfred Spraul
2017-05-25 18:51 ` [PATCH 13/20] ipc/sem.c: Avoid ipc_rcu_putref for failed ipc_addid() Manfred Spraul
2017-05-25 18:51 ` [PATCH 14/20] ipc/shm.c: " Manfred Spraul
2017-05-25 18:51 ` Manfred Spraul [this message]
2017-05-25 18:51 ` [PATCH 16/20] ipc: Move atomic_set() to where it is needed Manfred Spraul
2017-05-25 18:51 ` [PATCH 17/20] ipc/shm: Remove special shm_alloc/free Manfred Spraul
2017-05-25 18:51 ` [PATCH 18/20] ipc/msg: Remove special msg_alloc/free Manfred Spraul
2017-05-25 18:51 ` [PATCH 19/20] ipc/sem: Drop __sem_free() Manfred Spraul
2017-05-25 18:51 ` [PATCH 20/20] ipc/util.h: Update documentation for ipc_getref() and ipc_putref() Manfred Spraul
2017-05-25 19:45 ` [PATCH 0/20 V3] Misc cleanups for ipc Kees Cook
2017-05-26 1:56 ` Manfred Spraul
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170525185107.12869-16-manfred@colorfullife.com \
--to=manfred@colorfullife.com \
--cc=1vier1@web.de \
--cc=akpm@linux-foundation.org \
--cc=dave@stgolabs.net \
--cc=fabf@skynet.be \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.