Re: [RFC] situation with fput() locking (was Re: [PULL REQUEST] :ima-appraisal patches)

From: Kasatkin, Dmitry
Date: Fri Apr 27 2012 - 03:35:27 EST

Next message: Jean-Christophe PLAGNIOL-VILLARD: "Re: [PATCH v3 2/4] pinctrl: pinctrl-imx: add imx pinctrl coredriver"
Previous message: Sascha Hauer: "Re: [PATCH v3 4/4] mmc: sdhci-imx-esdhc: convert to use pinctrlsubsystem"
Next in thread: Al Viro: "Re: [RFC] situation with fput() locking (was Re: [PULL REQUEST] :ima-appraisal patches)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 21, 2012 at 1:35 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Fri, Apr 20, 2012 at 3:13 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > Kinda-sorta. ÂI agree that such helpers make sense, but you are too
> > optimistic about the number of such places. ÂAnd clusterfuck around
> > mremap() is fairly deep, so propagating all way back to up_write()
> > wont' be fun.
>
> Fair enough.
>
> I'll do the helpers and see how much they get rid of, just because
> looking at all the callers, those helpers seem to be obviously the
> right thing anyway. So even if we don't do anything else, we can
> improve things regardless.
>
> For do_brk(), for example, it looks like do_brk() itself should
> actually be entirely static to mm/mmap.c, because every single caller
> from the outside actually wants the self-locking version.
>
> So plan right now: do "vm_xyzzy()" helper functions that do
> "do_xyzzy()" and take the lock (and do not take the "mm" argument,
> because it had better always be the current one - keep the calling
> convention as simple as possible).
>
> Â Â Â Â Â Â Â Â Â Linus

Moi Linus,

Taking the list of files to fput out of do_munmap() and doing it after
unlocking mmap sem
was one of possible solutions when we discussed it with Mimi.
But we were looking for the solution with less modifications of existing kernel.

In fact IMA is already doing some work before taking mmap sem.
---
ret = ima_file_mmap(filep, prot);
if (ret < 0)
return ret;
down_write(&current->mm->mmap_sem);
--

But have you seen the proposed patch for __fput()?
[PATCH v4 10/12] ima: defer calling __fput()

It defers only of course the last AND mmap_sem is locked AND open for write.

if (current->mm && rwsem_is_locked(&current->mm->mmap_sem)) {
if (ima_defer_fput(file) == 0)
return;
}

Just 5 out of ~100,000 mmap_sem held fput() calls were deferred.

t.
- Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean-Christophe PLAGNIOL-VILLARD: "Re: [PATCH v3 2/4] pinctrl: pinctrl-imx: add imx pinctrl coredriver"
Previous message: Sascha Hauer: "Re: [PATCH v3 4/4] mmc: sdhci-imx-esdhc: convert to use pinctrlsubsystem"
Next in thread: Al Viro: "Re: [RFC] situation with fput() locking (was Re: [PULL REQUEST] :ima-appraisal patches)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]