Re: [PATCH] cgroup/debug: Fix lockdep splat with "%pK" format specifier

From: Waiman Long
Date: Mon Sep 27 2021 - 14:17:55 EST

Next message: Thomas Gleixner: "Re: [PATCH 03/11] genirq: Export irq_set_affinity_locked()"
Previous message: Leon Romanovsky: "Re: [PATCH v3 6/6] hisi_acc_vfio_pci: Add support for VFIO live migration"
In reply to: Tejun Heo: "Re: [PATCH] cgroup/debug: Fix lockdep splat with "%pK" format specifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/27/21 12:43 PM, Tejun Heo wrote:

Hello,

On Sun, Sep 26, 2021 at 10:58:07PM -0400, Waiman Long wrote:

The lockdep splat is caused by the fact that the debug controller use the
"%pK" format specifier to print out address of cset's with css_set_lock
held. Under some circumstances, the use of "%pK" format specifier may
acquire the selinux_ss.policy_rwlock.

To avoid this possible deadlock scenario, we have to abandon the use of
the "%pK" format specifier and just use "%p" to always hash the cset
addresses. The actual cset addresses aren't that important as long as
they are unique for matching purpose.

Isn't the right thing to do here making the selinux rwlock an irqsafe one?
It's a bit crazy to have printf specifier to have restrictive locking
requirements.

I just realize that upstream had get rid of the policy_rwlock since v5.10 and use RCU instead. So this patch isn't applicable then.

My original thought was that policy_rwlock were referenced over 60 times in security/selinux/ss/services.c whereas we only use a few %pK format specifier in the debug controller. Anyway, it is moot now.

Sorry for the noise.

Cheers,
Longman

Next message: Thomas Gleixner: "Re: [PATCH 03/11] genirq: Export irq_set_affinity_locked()"
Previous message: Leon Romanovsky: "Re: [PATCH v3 6/6] hisi_acc_vfio_pci: Add support for VFIO live migration"
In reply to: Tejun Heo: "Re: [PATCH] cgroup/debug: Fix lockdep splat with "%pK" format specifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]