From: Paul Moore <paul@paul-moore.com>
To: Richard Guy Briggs <rgb@redhat.com>
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-audit@redhat.com, edumazet@google.com,
xiyou.wangcong@gmail.com, dvyukov@google.com
Subject: Re: [RFC PATCH v3] audit: use proper refcount locking on audit_sock
Date: Tue, 13 Dec 2016 15:50:18 -0500 [thread overview]
Message-ID: <CAHC9VhSpMKS+9mDRiS2ekpJWCKsVSZGgJV-3v_T2+9D7PNGUnA@mail.gmail.com> (raw)
In-Reply-To: <61c37ca790bc11bc023aea8f9b70ab3098aa30f5.1481626466.git.rgb@redhat.com>
On Tue, Dec 13, 2016 at 10:03 AM, Richard Guy Briggs <rgb@redhat.com> wrote:
> Resetting audit_sock appears to be racy.
>
> audit_sock was being copied and dereferenced without using a refcount on
> the source sock.
>
> Bump the refcount on the underlying sock when we store a refrence in
> audit_sock and release it when we reset audit_sock. audit_sock
> modification needs the audit_cmd_mutex.
>
> See: https://lkml.org/lkml/2016/11/26/232
>
> Thanks to Eric Dumazet <edumazet@google.com> and Cong Wang
> <xiyou.wangcong@gmail.com> on ideas how to fix it.
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> ---
> There has been a lot of change in the audit code that is about to go
> upstream to address audit queue issues. This patch is based on the
> source tree: git://git.infradead.org/users/pcmoore/audit#next
> ---
> kernel/audit.c | 28 +++++++++++++++++++++++-----
> 1 files changed, 23 insertions(+), 5 deletions(-)
This looks more reasonable. I still wonder about synchronization
between threads changing the audit_* connection variables and the
kauditd_thread, but I guess we can treat that as another issue; this
patch fixes a bug and is worth merging now.
I'm building a test kernel right now, assuming nothing blows up I'll
push this patch with the rest of the audit patches tomorrow; if
something bad happens, this is going to miss the first audit pull
request.
> diff --git a/kernel/audit.c b/kernel/audit.c
> index f20eee0..3bb4126 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -446,14 +446,19 @@ static void kauditd_retry_skb(struct sk_buff *skb)
> * Description:
> * Break the auditd/kauditd connection and move all the records in the retry
> * queue into the hold queue in case auditd reconnects.
> + * The audit_cmd_mutex must be held when calling this function.
> */
Don't resend, but in the future please start comments like this on the
previous line.
next prev parent reply other threads:[~2016-12-13 20:51 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CACT4Y+aG1+91U1PWMTwpE_6vbEuqG7CdLCM1H=3WVJWtz=>
[not found] ` <CAM_iQpVeLvfYV+1jX1ZKOntZim4roof4=>
2016-11-29 16:48 ` netlink: GPF in sock_sndtimeo Richard Guy Briggs
2016-11-29 23:13 ` Cong Wang
2016-11-30 4:52 ` Richard Guy Briggs
2016-12-09 6:02 ` Richard Guy Briggs
2016-12-09 6:57 ` Cong Wang
2016-12-09 11:01 ` Richard Guy Briggs
2016-12-10 4:13 ` Cong Wang
2016-12-10 7:40 ` Cong Wang
2016-12-12 10:07 ` Dmitry Vyukov
2016-12-13 7:51 ` Richard Guy Briggs
2016-12-13 8:28 ` Richard Guy Briggs
2016-12-12 10:02 ` Richard Guy Briggs
2016-12-12 10:03 ` [PATCH v2] audit: use proper refcount locking on audit_sock Richard Guy Briggs
2016-12-12 17:10 ` Paul Moore
2016-12-13 4:49 ` Richard Guy Briggs
2016-12-12 20:18 ` Paul Moore
2016-12-13 5:10 ` Richard Guy Briggs
2016-12-13 15:01 ` Richard Guy Briggs
2016-12-12 23:58 ` Cong Wang
2016-12-13 14:55 ` Richard Guy Briggs
2016-12-13 0:10 ` netlink: GPF in sock_sndtimeo Cong Wang
2016-12-13 10:52 ` Richard Guy Briggs
2016-12-14 0:17 ` Cong Wang
2016-12-14 4:17 ` Richard Guy Briggs
2016-12-13 15:03 ` [RFC PATCH v3] audit: use proper refcount locking on audit_sock Richard Guy Briggs
2016-12-13 20:50 ` Paul Moore [this message]
2016-12-14 0:19 ` Cong Wang
2016-12-14 4:00 ` Richard Guy Briggs
2016-12-14 5:36 ` Cong Wang
2016-12-09 10:49 ` netlink: GPF in sock_sndtimeo Dmitry Vyukov
2016-12-09 11:48 ` Richard Guy Briggs
2016-12-09 11:53 ` Dmitry Vyukov
2016-12-09 12:12 ` Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHC9VhSpMKS+9mDRiS2ekpJWCKsVSZGgJV-3v_T2+9D7PNGUnA@mail.gmail.com \
--to=paul@paul-moore.com \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rgb@redhat.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).