Re: [PATCH 04/13] security/selinux: check for LOOKUP_RCU in _follow_link.
From: Al Viro
Date: Mon Mar 16 2015 - 17:00:48 EST
On Mon, Mar 16, 2015 at 03:43:19PM +1100, NeilBrown wrote:
> Some of dentry_has_perm() is not rcu-safe, so if LOOKUP_RCU
> is set in selinux_inode_follow_link(), give up with
> -ECHILD.
>
> It is possible that dentry_has_perm could sometimes complete
> in RCU more, in which case the flag could be propagated further
> down the stack...
It bloody well can. Expand it a bit and you'll see - the nastiness
comes from avc_audit() doing
return slow_avc_audit(ssid, tsid, tclass,
requested, audited, denied, result,
a, 0);
and passing that 0 to slow_avc_audit(). Pass it MAY_NOT_BLOCK instead
and it'll bugger off with -ECHILD in blocking case.
Call chain is dentry_has_perm -> inode_has_perm -> avc_has_perm -> avc_audit.
Expand those (including avc_audit()) and make slow_avc_audit() get
flags & LOOKUP_RCU ? MAY_NOT_BLOCK : 0.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/