suspicious RCU usage in security/selinux/netport.c:127

From: Dave Jones
Date: Mon Nov 07 2011 - 11:25:41 EST

Next message: Peter Zijlstra: "Re: [PATCHv2 6/9] perf: expose perf capability to other modules."
Previous message: Linus Torvalds: "Re: [git patches] libata updates, GPG signed (but see admin notes)"
Next in thread: Eric Paris: "Re: suspicious RCU usage in security/selinux/netport.c:127"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think I reported this a while ago. Turns out it's still a problem.
This patch I think made the warning go away, but it might be a bit too 'big hammer' ?

Dave

===============================
[ INFO: suspicious RCU usage. ]
-------------------------------
security/selinux/netport.c:127 suspicious rcu_dereference_check() usage!

other info that might help us debug this:

rcu_scheduler_active = 1, debug_locks = 0
1 lock held by named/1687:
#0: (sel_netport_lock){+.....}, at: [<ffffffff812e3799>] sel_netport_sid+0xd9/0x260

stack backtrace:
Pid: 1687, comm: named Not tainted 3.1.0+ #1
Call Trace:
[<ffffffff810bcc37>] lockdep_rcu_suspicious+0xd7/0xe0
[<ffffffff812e3917>] sel_netport_sid+0x257/0x260
[<ffffffff812e36c0>] ? sel_netport_find+0xe0/0xe0
[<ffffffff812dd8ba>] selinux_socket_bind+0x22a/0x300
[<ffffffff8116ceb3>] ? might_fault+0x53/0xb0
[<ffffffff8116cefc>] ? might_fault+0x9c/0xb0
[<ffffffff8116ceb3>] ? might_fault+0x53/0xb0
[<ffffffff812d3fb6>] security_socket_bind+0x16/0x20
[<ffffffff81539b4a>] sys_bind+0x7a/0x100
[<ffffffff816572ba>] ? sysret_check+0x2e/0x69
[<ffffffff810c18dd>] ? trace_hardirqs_on_caller+0x11d/0x1b0
[<ffffffff8133c65e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff81657282>] system_call_fastpath+0x16/0x1b

diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 0b62bd1..69f6928 100644
--- a/security/selinux/netport.c
+++ b/security/selinux/netport.c
@@ -119,6 +119,7 @@ static void sel_netport_insert(struct sel_netport *port)
/* we need to impose a limit on the growth of the hash table so check
* this bucket to make sure it is within the specified bounds */
idx = sel_netport_hashfn(port->psec.port);
+ rcu_read_lock();
list_add_rcu(&port->list, &sel_netport_hash[idx].list);
if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) {
struct sel_netport *tail;
@@ -129,6 +130,7 @@ static void sel_netport_insert(struct sel_netport *port)
kfree_rcu(tail, rcu);
} else
sel_netport_hash[idx].size++;
+ rcu_read_unlock();
}

/**
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter Zijlstra: "Re: [PATCHv2 6/9] perf: expose perf capability to other modules."
Previous message: Linus Torvalds: "Re: [git patches] libata updates, GPG signed (but see admin notes)"
Next in thread: Eric Paris: "Re: suspicious RCU usage in security/selinux/netport.c:127"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]