From: Jeffrey Vander Stoep <jeffv@google.com>
To: Ondrej Mosnacek <omosnace@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
SElinux list <selinux@vger.kernel.org>,
Paul Moore <paul@paul-moore.com>,
will@kernel.org, Jovana Knezevic <jovanak@google.com>
Subject: Re: [PATCH v5] selinux: sidtab: reverse lookup hash table
Date: Thu, 7 Nov 2019 16:59:58 +0100 [thread overview]
Message-ID: <CABXk95CSWL4rf7XzE-AeDXiUs27TKjV1Axtpe86Z_pnifHa_Nw@mail.gmail.com> (raw)
In-Reply-To: <CAFqZXNvxn-g3_m-49xBtONwBJwEh7GkrFvy025oX1pe9KcyG1g@mail.gmail.com>
> > > @@ -305,29 +284,36 @@ static int sidtab_reverse_lookup(struct sidtab *s, struct context *context,
> > > rc = -ENOMEM;
> > > dst_convert = sidtab_do_lookup(convert->target, count, 1);
> > > if (!dst_convert) {
> > > - context_destroy(dst);
> > > + context_destroy(&dst->context);
> > > goto out_unlock;
> > > }
> > >
> > > - rc = convert->func(context, dst_convert, convert->args);
> > > + rc = convert->func(context, &dst_convert->context,
> > > + convert->args);
> > > if (rc) {
> > > - context_destroy(dst);
> > > + context_destroy(&dst->context);
> > > goto out_unlock;
> > > }
> > > + dst_convert->sid = index_to_sid(count);
> > > + convert->target->count = count + 1;
> > >
> > > /* at this point we know the insert won't fail */
> > > - convert->target->count = count + 1;
> > > + spin_lock_irqsave_nested(&convert->target->lock, flags,
> > > + SINGLE_DEPTH_NESTING);
> > > + hash_add_rcu(convert->target->context_to_sid,
> > > + &dst_convert->list, dst_convert->context.hash);
> > > + spin_unlock_irqrestore(&convert->target->lock, flags);
> >
> > Still having a hard time understanding why we need to lock the target.
> > The target here is always the newsidtab allocated by
> > security_load_policy(), not yet exposed to any other threads in the system?
>
> I believe this is to avoid a race with the hash_add() in
> sidtab_convert_hashtable(), which locks only the target table.
> However, I don't like the fact that we need to mess with inconsistent
> lock nesting here... I think it would be better to just lock the
> master's spinlock in sidtab_convert_hashtable() - it will then block
> more when entries would be added to sidtab, but that shouldn't be a
> big concern in practice.
>
I'll try that. Thanks.
next prev parent reply other threads:[~2019-11-07 16:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-07 10:17 [PATCH v5] selinux: sidtab: reverse lookup hash table Jeff Vander Stoep
2019-11-07 12:01 ` Jeffrey Vander Stoep
2019-11-14 23:35 ` Paul Moore
2019-11-07 14:54 ` Stephen Smalley
2019-11-07 15:42 ` Ondrej Mosnacek
2019-11-07 15:59 ` Jeffrey Vander Stoep [this message]
2019-11-07 15:49 ` Jeffrey Vander Stoep
2019-11-07 16:12 ` Ondrej Mosnacek
2019-11-07 16:44 ` Will Deacon
2019-11-07 18:41 ` Ondrej Mosnacek
2019-11-07 20:06 ` Jeffrey Vander Stoep
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABXk95CSWL4rf7XzE-AeDXiUs27TKjV1Axtpe86Z_pnifHa_Nw@mail.gmail.com \
--to=jeffv@google.com \
--cc=jovanak@google.com \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).