Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1317638imm;
        Sun, 2 Sep 2018 18:46:09 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdYxYc4kdErIJHjD98tsGrPqJ17mEoCD9OKArIEn7xvbUuffoiHqcc9blPwYn5LylAfLRUnC
X-Received: by 2002:a63:3387:: with SMTP id z129-v6mr24218801pgz.104.1535939169054;
        Sun, 02 Sep 2018 18:46:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1535939169; cv=none;
        d=google.com; s=arc-20160816;
        b=LLJVhYlV/Bwukgjt1loD12OzRljHWhzWW68HV+fjy2l2Za93p1lCD+bynBoaHI9Bc9
         hyfbZrEHl6CBQ9hVFv3f2VcIiCeELiL4tkj0pb8JKqxjAqlK1u9mP+s4nx/lrTHFUIKR
         T3BobmHWn/c2SdtKnsaLRcQozrcyW5wSg+Ndc8ZrC+IAo0pZum6Td3XzPVm7YdPreWR6
         0hW41Gib0p6phqDP9ZHPyINCEMMCjYZOK420qy1OTzkD3LRqXC3cMOxst+hVpJ8+ira9
         rzXQlZ8+IgGx3r3JSxPRzqNQkw8q+kEZdjGuBH1k2aEn0gcrUwAjeBoRTxTFeLe6yvi0
         zbqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=9wgy6/5BHTRfTSg2v8lvQnt8TozMG8bUSp7agPIOGr8=;
        b=0y9u8HVFePrjQ8OF37S+gjLlpYqIiEzqG6lnF/T9g6XhZ5K8pMck7Yucu6dlnlMTyu
         3+bzMq6tUNygdtnU9Yvtd0UHL4yruQUKcWuDkpXDQrrSUm6Au/MEH8x9BlyTbJwwAadU
         mqH3ohWhzdkOMkmdJ1WklyLXti0CQKN2Hs2WHNjqmjEdxN9pY+wbGaRmtCrLeTrwyegA
         SJkwdSeMEtiGs5k8y1yAsgXWDAc5IspCi4dGWKmUFgrxT6DeFXi1J0xVT/RsTcQER44N
         ap1SYOBHPaFiaBRUbD4kAFtwkrVk5zp1wU3lNUyldAznJ7+mm1gH3Ilb75sXeek63S/Y
         12Rg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=jY3J6BHX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u2-v6si15818373pge.585.2018.09.02.18.45.54;
        Sun, 02 Sep 2018 18:46:09 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=jY3J6BHX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727113AbeICGBn (ORCPT
        <rfc822;fygvjjghggcfgvhhgsgrguf@gmail.com> + 99 others);
        Mon, 3 Sep 2018 02:01:43 -0400
Received: from mail-pf1-f194.google.com ([209.85.210.194]:38952 "EHLO
        mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725762AbeICGBn (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 3 Sep 2018 02:01:43 -0400
Received: by mail-pf1-f194.google.com with SMTP id j8-v6so7934567pff.6;
        Sun, 02 Sep 2018 18:43:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-transfer-encoding:content-language;
        bh=9wgy6/5BHTRfTSg2v8lvQnt8TozMG8bUSp7agPIOGr8=;
        b=jY3J6BHXW+9tWWuR/2HastT8HUpOgyIHaeMmIGtF2XBd6HQpB6V3l3hOe52/I0F7rS
         5sEDO7KoqiMAjYeIM+7Uw5S23H/51w8Cd4/cajBN1HzqJTmkU2PCCRpPKgASVQYiuRGd
         HBkjky6BRZmuX1Za+6+m2ObUnmyl4ZQJ5GOux2nVzB0kv9COn0kNwwAa9h3FmuunahyR
         DBt9xW2pWndncBjJEo4e+gn3Q2QSDB9/YuQdyTJ21Maz38COtKtxiSZXGg61jIjZwAbM
         DK7diYc747/Ij/XxrXinyuA5XY8O+m2vMhTgbVVTCv8/9CbZ5com/536N5YGHvVk7VAK
         xCEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-transfer-encoding
         :content-language;
        bh=9wgy6/5BHTRfTSg2v8lvQnt8TozMG8bUSp7agPIOGr8=;
        b=bUqhFRNZBnbjBkhO2LiwhsfHdyNgbHV/UFgZStKQlIRoSUDQvaeWxPUSKQTe1L9OAJ
         Pv/yI8tejpCB5AhdAI1BE4otPPohVzn9Zj/bl9aDBdK8CFvPCK62cxW5jCyVHXg90lb6
         K74i+0QaTBUyQZRtVmlFagy7oonXqXVg93i1MlpqAePkvwTaCscrbMRMNt0a8yTTNh34
         Eb5r/LdHP0ogMtJC2la8lCyje9A8hmFUe6OCMq8lXkxQP9rvbHYbvVKe6a2RYQWOtP4D
         +6Pn96RjFcAccoNf1HOqH7KSqbhHM8HIeo77dsPt8adHHdWU2XMKZrU1EjBqLTdixRf1
         +C/w==
X-Gm-Message-State: APzg51CIjBgsUTvRWZ3gZveKuZYiv/a4gPqiNsOtgJUl4CetxMgvQ4SS
        6MIkmtzMmJsXzngiSuHvBeDVl0f8
X-Received: by 2002:a63:ec14:: with SMTP id j20-v6mr24209159pgh.28.1535939032979;
        Sun, 02 Sep 2018 18:43:52 -0700 (PDT)
Received: from ?IPv6:2402:f000:1:1501:200:5efe:166.111.71.58? ([2402:f000:1:1501:200:5efe:a66f:473a])
        by smtp.gmail.com with ESMTPSA id z63-v6sm22378070pgd.69.2018.09.02.18.43.50
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 02 Sep 2018 18:43:52 -0700 (PDT)
Subject: Re: [PATCH] net: scm: Fix a possible sleep-in-atomic-context bug in
 scm_fp_copy()
To:     David Miller <davem@davemloft.net>
Cc:     ktkhai@virtuozzo.com, viro@zeniv.linux.org.uk, adobriyan@gmail.com,
        dvlasenk@redhat.com, xiyou.wangcong@gmail.com,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org
References: <20180901100026.16956-1-baijiaju1990@gmail.com>
 <20180902.160144.542360312136980090.davem@davemloft.net>
From:   Jia-Ju Bai <baijiaju1990@gmail.com>
Message-ID: <0b682dc4-9c94-027d-dbab-25fdb15f48a7@gmail.com>
Date:   Mon, 3 Sep 2018 09:43:49 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <20180902.160144.542360312136980090.davem@davemloft.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Thanks for your reply.


On 2018/9/3 7:01, David Miller wrote:
> From: Jia-Ju Bai <baijiaju1990@gmail.com>
> Date: Sat,  1 Sep 2018 18:00:26 +0800
>
>> The kernel module may sleep with holding a spinlock.
>>
>> The function call paths (from bottom to top) in Linux-4.16 are:
>>
>> [FUNC] kmalloc(GFP_KERNEL)
>> net/core/scm.c, 85: kmalloc in scm_fp_copy
>> net/core/scm.c, 161: scm_fp_copy in __scm_send
>> ./include/net/scm.h, 88: __scm_send in scm_send
>> net/unix/af_unix.c, 1600: scm_send in maybe_init_creds
>> net/unix/af_unix.c, 1983: maybe_init_creds in unix_stream_sendpage
>> net/unix/af_unix.c, 1973: spin_lock in unix_stream_sendpage
> Please, do a full analysis of the code for these changes you are
> submitting.
>
> Read maybe_init_creds(), it sets msg.msg_controllen to zero.
>
> 	struct msghdr msg = { .msg_controllen = 0 };
>
> When that is zero, __scm__send() is never called.

Oh, I did not notice this, sorry...

> static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
> 			       struct scm_cookie *scm, bool forcecreds)
> {
>   ...
> 	if (msg->msg_controllen <= 0)
> 		return 0;
> 	return __scm_send(sock, msg, scm);
>
> If this bug existed, sleeping in atomic warnings would be triggering
> all the time and people would report that.

Sorry for this false positive.
I will check the code more carefully before submitting my patches.


Best wishes,
Jia-Ju Bai