From: Amol Grover <frextrite@gmail.com>
To: Paul Moore <paul@paul-moore.com>
Cc: Juri Lelli <juri.lelli@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
David Howells <dhowells@redhat.com>,
Joel Fernandes <joel@joelfernandes.org>,
Vincent Guittot <vincent.guittot@linaro.org>,
James Morris <jamorris@linux.microsoft.com>,
Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com>,
Ingo Molnar <mingo@redhat.com>, Mel Gorman <mgorman@suse.de>,
linux-kernel-mentees@lists.linuxfoundation.org,
"Paul E . McKenney" <paulmck@kernel.org>,
Jann Horn <jannh@google.com>,
Steven Rostedt <rostedt@goodmis.org>,
Shakeel Butt <shakeelb@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Dietmar Eggemann <dietmar.eggemann@arm.com>,
Ben Segall <bsegall@google.com>,
linux-kernel@vger.kernel.org, Eric Paris <eparis@redhat.com>,
linux-audit@redhat.com,
"Eric W . Biederman" <ebiederm@xmission.com>,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [Linux-kernel-mentees] [PATCH 3/3 RESEND] auditsc: Do not use RCU primitive to read from cred pointer
Date: Fri, 3 Apr 2020 13:26:13 +0530 [thread overview]
Message-ID: <20200403075613.GA2788@workstation-portable> (raw)
In-Reply-To: <CAHC9VhTUKepKiGZgAaWDADyTPnnM5unbM65T7jXZ3p8MFTNUuQ@mail.gmail.com>
On Thu, Apr 02, 2020 at 08:56:36AM -0400, Paul Moore wrote:
> On Thu, Apr 2, 2020 at 1:57 AM Amol Grover <frextrite@gmail.com> wrote:
> > task_struct::cred is only used task-synchronously and does
> > not require any RCU locks, hence, rcu_dereference_check is
> > not required to read from it.
> >
> > Suggested-by: Jann Horn <jannh@google.com>
> > Co-developed-by: Joel Fernandes (Google) <joel@joelfernandes.org>
> > Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
> > Signed-off-by: Amol Grover <frextrite@gmail.com>
> > ---
> > kernel/auditsc.c | 15 +++++----------
> > 1 file changed, 5 insertions(+), 10 deletions(-)
>
> This is the exact same patch I ACK'd back in February, yes?
>
> https://lore.kernel.org/linux-audit/CAHC9VhQCbg1V290bYEZM+izDPRpr=XYXakohnDaMphkBBFgUaA@mail.gmail.com
>
Hi Paul,
That's correct. I've resend the series out of the fear that the first 2
patches might've gotten lost as it's been almost a month since I last
sent them. Could you please ack this again, and if you don't mind could
you please go through the other 2 patches and ack them aswell?
Thanks
Amol
> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> > index 4effe01ebbe2..d3510513cdd1 100644
> > --- a/kernel/auditsc.c
> > +++ b/kernel/auditsc.c
> > @@ -430,24 +430,19 @@ static int audit_field_compare(struct task_struct *tsk,
> > /* Determine if any context name data matches a rule's watch data */
> > /* Compare a task_struct with an audit_rule. Return 1 on match, 0
> > * otherwise.
> > - *
> > - * If task_creation is true, this is an explicit indication that we are
> > - * filtering a task rule at task creation time. This and tsk == current are
> > - * the only situations where tsk->cred may be accessed without an rcu read lock.
> > */
> > static int audit_filter_rules(struct task_struct *tsk,
> > struct audit_krule *rule,
> > struct audit_context *ctx,
> > struct audit_names *name,
> > - enum audit_state *state,
> > - bool task_creation)
> > + enum audit_state *state)
> > {
> > const struct cred *cred;
> > int i, need_sid = 1;
> > u32 sid;
> > unsigned int sessionid;
> >
> > - cred = rcu_dereference_check(tsk->cred, tsk == current || task_creation);
> > + cred = tsk->cred;
> >
> > for (i = 0; i < rule->field_count; i++) {
> > struct audit_field *f = &rule->fields[i];
> > @@ -745,7 +740,7 @@ static enum audit_state audit_filter_task(struct task_struct *tsk, char **key)
> > rcu_read_lock();
> > list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) {
> > if (audit_filter_rules(tsk, &e->rule, NULL, NULL,
> > - &state, true)) {
> > + &state)) {
> > if (state == AUDIT_RECORD_CONTEXT)
> > *key = kstrdup(e->rule.filterkey, GFP_ATOMIC);
> > rcu_read_unlock();
> > @@ -791,7 +786,7 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
> > list_for_each_entry_rcu(e, list, list) {
> > if (audit_in_mask(&e->rule, ctx->major) &&
> > audit_filter_rules(tsk, &e->rule, ctx, NULL,
> > - &state, false)) {
> > + &state)) {
> > rcu_read_unlock();
> > ctx->current_state = state;
> > return state;
> > @@ -815,7 +810,7 @@ static int audit_filter_inode_name(struct task_struct *tsk,
> >
> > list_for_each_entry_rcu(e, list, list) {
> > if (audit_in_mask(&e->rule, ctx->major) &&
> > - audit_filter_rules(tsk, &e->rule, ctx, n, &state, false)) {
> > + audit_filter_rules(tsk, &e->rule, ctx, n, &state)) {
> > ctx->current_state = state;
> > return 1;
> > }
> > --
> > 2.24.1
>
> --
> paul moore
> www.paul-moore.com
_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees
next prev parent reply other threads:[~2020-04-03 7:56 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-02 5:56 [Linux-kernel-mentees] [PATCH 1/3 RESEND] sched: Remove __rcu annotation from cred pointer Amol Grover
2020-04-02 5:56 ` [Linux-kernel-mentees] [PATCH 2/3 RESEND] cred: Do not use RCU primitives to access " Amol Grover
2020-04-02 5:56 ` [Linux-kernel-mentees] [PATCH 3/3 RESEND] auditsc: Do not use RCU primitive to read from " Amol Grover
2020-04-02 12:56 ` Paul Moore
2020-04-03 7:56 ` Amol Grover [this message]
2020-04-03 19:25 ` Paul Moore
2020-04-03 21:21 ` Richard Guy Briggs
2020-04-03 21:43 ` Paul Moore
2020-04-04 2:53 ` Richard Guy Briggs
2020-05-24 8:11 ` [Linux-kernel-mentees] [PATCH 1/3 RESEND] sched: Remove __rcu annotation " Amol Grover
2020-05-25 13:17 ` Richard Guy Briggs
2020-05-25 18:04 ` Amol Grover
2020-05-26 12:34 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200403075613.GA2788@workstation-portable \
--to=frextrite@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=bsegall@google.com \
--cc=dhowells@redhat.com \
--cc=dietmar.eggemann@arm.com \
--cc=ebiederm@xmission.com \
--cc=eparis@redhat.com \
--cc=jamorris@linux.microsoft.com \
--cc=jannh@google.com \
--cc=joel@joelfernandes.org \
--cc=juri.lelli@redhat.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel-mentees@lists.linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=madhuparnabhowmik10@gmail.com \
--cc=mgorman@suse.de \
--cc=mingo@redhat.com \
--cc=paul@paul-moore.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=shakeelb@google.com \
--cc=tglx@linutronix.de \
--cc=vincent.guittot@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).