[PATCH RESEND] device_cgroup: Fix RCU list debugging warning
Serge E. Hallyn
serge at hallyn.com
Mon Jun 8 04:17:34 UTC 2020
On Sun, Jun 07, 2020 at 12:08:40PM -0700, Paul E. McKenney wrote:
> On Sun, Jun 07, 2020 at 06:23:40AM +1000, Stephen Rothwell wrote:
> > Hi all,
> >
> > On Mon, 6 Apr 2020 16:29:50 +0530 Amol Grover <frextrite at gmail.com> wrote:
> > >
> > > exceptions may be traversed using list_for_each_entry_rcu()
> > > outside of an RCU read side critical section BUT under the
> > > protection of decgroup_mutex. Hence add the corresponding
> > > lockdep expression to fix the following false-positive
> > > warning:
> > >
> > > [ 2.304417] =============================
> > > [ 2.304418] WARNING: suspicious RCU usage
> > > [ 2.304420] 5.5.4-stable #17 Tainted: G E
> > > [ 2.304422] -----------------------------
> > > [ 2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!!
> > >
> > > Signed-off-by: Amol Grover <frextrite at gmail.com>
> > > ---
> > > security/device_cgroup.c | 3 ++-
> > > 1 file changed, 2 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> > > index 7d0f8f7431ff..b7da9e0970d9 100644
> > > --- a/security/device_cgroup.c
> > > +++ b/security/device_cgroup.c
> > > @@ -352,7 +352,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type,
> > > {
> > > struct dev_exception_item *ex;
> > >
> > > - list_for_each_entry_rcu(ex, exceptions, list) {
> > > + list_for_each_entry_rcu(ex, exceptions, list,
> > > + lockdep_is_held(&devcgroup_mutex)) {
> > > if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK))
> > > continue;
> > > if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))
> > > --
> > > 2.24.1
> > >
> >
> > I have been carrying the above patch in linux-next for some time now.
> > I have been carrying it because it fixes problems for syzbot (see the
> > third warning in
> > https://lore.kernel.org/linux-next/CACT4Y+YnjK+kq0pfb5fe-q1bqe2T1jq_mvKHf--Z80Z3wkyK1Q@mail.gmail.com/).
> > Is there some reason it has not been applied to some tree?
>
> The RCU changes on which this patch depends have long since made it to
> mainline, so it can go up any tree. I can take it if no one else will,
> but it might be better going in via the security tree.
>
> Thanx, Paul
James, do you mind pulling it in?
More information about the Linux-security-module-archive
mailing list