Re: [PATCH RESEND] device_cgroup: Fix RCU list debugging warning

From: Stephen Rothwell <sfr@canb.auug.org.au>
To: Amol Grover <frextrite@gmail.com>, James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>,
	"Paul E. McKenney" <paulmck@kernel.org>,
	linux-kernel@vger.kernel.org,
	linux-kernel-mentees@lists.linuxfoundation.org,
	Joel Fernandes <joel@joelfernandes.org>,
	Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com>,
	linux-security-module@vger.kernel.org
Subject: Re: [PATCH RESEND] device_cgroup: Fix RCU list debugging warning
Date: Mon, 17 Aug 2020 12:07:31 +1000	[thread overview]
Message-ID: <20200817120731.218e1bc5@canb.auug.org.au> (raw)
In-Reply-To: <20200608041734.GA10911@mail.hallyn.com>

[-- Attachment #1: Type: text/plain, Size: 2603 bytes --]

Hi all,

On Sun, 7 Jun 2020 23:17:34 -0500 "Serge E. Hallyn" <serge@hallyn.com> wrote:
> On Sun, Jun 07, 2020 at 12:08:40PM -0700, Paul E. McKenney wrote:
> > On Sun, Jun 07, 2020 at 06:23:40AM +1000, Stephen Rothwell wrote:  
> > > 
> > > On Mon, 6 Apr 2020 16:29:50 +0530 Amol Grover <frextrite@gmail.com> wrote:  
> > > >
> > > > exceptions may be traversed using list_for_each_entry_rcu()
> > > > outside of an RCU read side critical section BUT under the
> > > > protection of decgroup_mutex. Hence add the corresponding
> > > > lockdep expression to fix the following false-positive
> > > > warning:
> > > > 
> > > > [    2.304417] =============================
> > > > [    2.304418] WARNING: suspicious RCU usage
> > > > [    2.304420] 5.5.4-stable #17 Tainted: G            E
> > > > [    2.304422] -----------------------------
> > > > [    2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!!
> > > > 
> > > > Signed-off-by: Amol Grover <frextrite@gmail.com>
> > > > ---
> > > >  security/device_cgroup.c | 3 ++-
> > > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > > > 
> > > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> > > > index 7d0f8f7431ff..b7da9e0970d9 100644
> > > > --- a/security/device_cgroup.c
> > > > +++ b/security/device_cgroup.c
> > > > @@ -352,7 +352,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type,
> > > >  {
> > > >  	struct dev_exception_item *ex;
> > > >  
> > > > -	list_for_each_entry_rcu(ex, exceptions, list) {
> > > > +	list_for_each_entry_rcu(ex, exceptions, list,
> > > > +				lockdep_is_held(&devcgroup_mutex)) {
> > > >  		if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK))
> > > >  			continue;
> > > >  		if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))
> > > 
> > > I have been carrying the above patch in linux-next for some time now.
> > > I have been carrying it because it fixes problems for syzbot (see the
> > > third warning in
> > > https://lore.kernel.org/linux-next/CACT4Y+YnjK+kq0pfb5fe-q1bqe2T1jq_mvKHf--Z80Z3wkyK1Q@mail.gmail.com/).
> > > Is there some reason it has not been applied to some tree?  
> > 
> > The RCU changes on which this patch depends have long since made it to
> > mainline, so it can go up any tree.  I can take it if no one else will,
> > but it might be better going in via the security tree.
> 
> James, do you mind pulling it in?

I am still carrying this patch.  Has it been superceded, or is it still
necessary?

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]