Re: [PATCH] selinux: no recursive read_lock of policy_rwlock in security_genfs_sid()
From: Waiman Long
Date: Fri Jun 20 2014 - 19:37:36 EST
On 06/20/2014 01:49 PM, Stephen Smalley wrote:
On 06/20/2014 01:45 PM, Waiman Long wrote:
With introduction of fair queued rwlock, recursive read_lock() may hang
the offending process if there is a write_lock() somewhere in between.
With recursive read_lock checking enabled, the following error was
reported:
=============================================
[ INFO: possible recursive locking detected ]
3.16.0-rc1 #2 Tainted: G E
---------------------------------------------
load_policy/708 is trying to acquire lock:
(policy_rwlock){.+.+..}, at: [<ffffffff8125b32a>] security_genfs_sid+0x3a/0x170
but task is already holding lock:
(policy_rwlock){.+.+..}, at: [<ffffffff8125b48c>] security_fs_use+0x2c/0x110
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(policy_rwlock);
lock(policy_rwlock);
This patch fixes the occurrence of recursive read_lock() of
policy_rwlock in security_genfs_sid() by adding a 5th argument to
indicate if the rwlock has been taken.
Signed-off-by: Waiman Long<Waiman.Long@xxxxxx>
Thanks, but I'd prefer to instead create a static helper function in
services.c that does not take the lock at all, use that function from
security_fs_use, and leave the extern function unmodified.
On second thought, this is exactly what I want to change the patch. I
will send out a new one later today.
-Longman
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/