[PATCH v2] netlabel: fix RCU annotation for IPv4 options on socket creation

Davide Caratti dcaratti at redhat.com
Mon Apr 29 10:10:27 UTC 2024 

hello Paul, thanks for reviewing!

On Thu, Apr 25, 2024 at 05:01:36PM -0400, Paul Moore wrote:
> On Apr 24, 2024 Davide Caratti <dcaratti at redhat.com> wrote:
> >

[...]
 
> > @@ -1826,7 +1827,8 @@ static int cipso_v4_genopt(unsigned char *buf, u32 buf_len,
> >   */
> >  int cipso_v4_sock_setattr(struct sock *sk,
> >  			  const struct cipso_v4_doi *doi_def,
> > -			  const struct netlbl_lsm_secattr *secattr)
> > +			  const struct netlbl_lsm_secattr *secattr,
> > +			  bool slock_held)
> 
> This is a nitpicky bikeshedding remark, but "slock_held" sounds really
> awkward to me, something like "sk_locked" sounds much better.

ok, will fix that in v3.

[...]

> > @@ -1876,18 +1878,15 @@ int cipso_v4_sock_setattr(struct sock *sk,
> >  
> >  	sk_inet = inet_sk(sk);
> >  
> > -	old = rcu_dereference_protected(sk_inet->inet_opt,
> > -					lockdep_sock_is_held(sk));
> > +	old = rcu_replace_pointer(sk_inet->inet_opt, opt, slock_held);
> >  	if (inet_test_bit(IS_ICSK, sk)) {
> >  		sk_conn = inet_csk(sk);
> >  		if (old)
> >  			sk_conn->icsk_ext_hdr_len -= old->opt.optlen;
> > -		sk_conn->icsk_ext_hdr_len += opt->opt.optlen;
> > +		sk_conn->icsk_ext_hdr_len += opt_len;
> >  		sk_conn->icsk_sync_mss(sk, sk_conn->icsk_pmtu_cookie);
> >  	}
> > -	rcu_assign_pointer(sk_inet->inet_opt, opt);
> > -	if (old)
> > -		kfree_rcu(old, rcu);
> > +	kfree_rcu(old, rcu);
> 
> Thanks for sticking with this and posting a v2.
> 
> These changes look okay to me, but considering the 'Fixes:' tag and the
> RCU splat it is reasonable to expect that this is going to be backported
> to the various stable trees.  With that in mind, I think we should try
> to keep the immediate fix as simple as possible, saving the other
> changes for a separate patch.  This means sticking with
> rcu_dereference_protected() and omitting the opt_len optimization; both
> can be done in a second patch without the 'Fixes:' marking.
> 
> Unless I missing something and those changes are somehow part of the
> fix?

just checked, rcu_replace_pointer() can be used also in the oldest LTS
but I'm not sure if kfree_rcu(NULL, ...) is ok. I agree to keep
rcu_dereference_protected(), and the useless NULL check - I will
follow-up with another patch (targeting net-next), after this one is
merged.

--
davide

More information about the Linux-security-module-archive mailing list