Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp475205imu;
        Wed, 9 Jan 2019 00:41:41 -0800 (PST)
X-Google-Smtp-Source: ALg8bN4p8nMrRbYgM/HG9FWhv1nBc/ffu0aAtlvuX4b4FgiTpCyMureiuz+olcUgli1hRehHMN2R
X-Received: by 2002:a17:902:5066:: with SMTP id f35mr5183925plh.78.1547023301064;
        Wed, 09 Jan 2019 00:41:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1547023301; cv=none;
        d=google.com; s=arc-20160816;
        b=t2YcMyVsqDsIfEoSDEFFr3D1pePDNftu08XCnJUkbK2hnvb8PVsdj5aL3neURylfC4
         DSVgrcMKsZk5a+xqP29V3nqYyQaj1iIdaC40sKt6LK8FmVRaZW9FLb9DEuLNiPEY9N0J
         HymDCfuqtWNxuvZ2vVI3pT5dIkrXoOzwHIC0WgM5rCIapZlfORqhPKfIMEnAYrZcv6iP
         HYBBu4GdRvUDDJJdJNSFt1w5aDgQ9d5yAa7u7tACqnP1o3U/VBznYUF075seSO8p7sTC
         EU3PKl0DXsCYEuAPK5TXvMDYXTZPRzyb0uHHcOwafg5Scj+An/XyKvFtaUrx2iIjj8+a
         mQHA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:dkim-signature:mime-version:message-id
         :date:subject:cc:to:from;
        bh=d8nk7slwlRpiZg/raOdY1xeZB8HZ56EW4GxJN3oaLI4=;
        b=rZxoSWv5Kc7txwe4QgAGKAYW7PVlQLHP0SgECuYoPFdClQPWsALv+WM8YqjuAl9Xre
         92LUW+ssrhOVZdl0tOnRoq93yqgbKcwZ3FG6mbT5dS1ITsOs2aZP/pFgp2IJj6qBqlKQ
         lVmISeQn1eJzuBLfNQHEJ1fr8OuaytBr8osfkJBwmSKaWLQmrxj3MFk7+lTuwVpzBOGm
         JB/bzHqTsdu85F0OeYAtKLMbR3Bl2ZGMFC+4zMvzc4tM/GpixQSOUyLalig3j/FsnU90
         82/vLPGvuHvPdL67dApc3i8Uoy9paQ2DEWdQIOVCcXl/13Scdj6V6jMsQ6iM46L3qH2y
         4KPg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@nvidia.com header.s=n1 header.b=hLEsvWQO;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nvidia.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 1si16509456plp.114.2019.01.09.00.41.25;
        Wed, 09 Jan 2019 00:41:41 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@nvidia.com header.s=n1 header.b=hLEsvWQO;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nvidia.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729968AbfAIIjr (ORCPT <rfc822;zjuysxie86@gmail.com>
        + 99 others); Wed, 9 Jan 2019 03:39:47 -0500
Received: from hqemgate14.nvidia.com ([216.228.121.143]:1532 "EHLO
        hqemgate14.nvidia.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729702AbfAIIjp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 9 Jan 2019 03:39:45 -0500
Received: from hqpgpgate102.nvidia.com (Not Verified[216.228.121.13]) by hqemgate14.nvidia.com (using TLS: TLSv1.2, DES-CBC3-SHA)
        id <B5c35b3440001>; Wed, 09 Jan 2019 00:39:32 -0800
Received: from hqmail.nvidia.com ([172.20.161.6])
  by hqpgpgate102.nvidia.com (PGP Universal service);
  Wed, 09 Jan 2019 00:39:44 -0800
X-PGP-Universal: processed;
        by hqpgpgate102.nvidia.com on Wed, 09 Jan 2019 00:39:44 -0800
Received: from HQMAIL108.nvidia.com (172.18.146.13) by HQMAIL103.nvidia.com
 (172.20.187.11) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 9 Jan
 2019 08:39:44 +0000
Received: from hqnvemgw02.nvidia.com (172.16.227.111) by HQMAIL108.nvidia.com
 (172.18.146.13) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend
 Transport; Wed, 9 Jan 2019 08:39:44 +0000
Received: from prpatel.nvidia.com (Not Verified[10.24.229.63]) by hqnvemgw02.nvidia.com with Trustwave SEG (v7,5,8,10121)
        id <B5c35b34c0006>; Wed, 09 Jan 2019 00:39:44 -0800
From:   Prateek Patel <prpatel@nvidia.com>
To:     <paul@paul-moore.com>, <sds@tycho.nsa.gov>,
        <eparis@parisplace.org>, <linux-kernel@vger.kernel.org>,
        <catalin.marinas@arm.com>, <selinux@vger.kernel.org>
CC:     <linux-tegra@vger.kernel.org>, <talho@nvidia.com>,
        <swarren@nvidia.com>, <prpatel@nvidia.com>, <linux-mm@kvack.org>,
        <snikam@nvidia.com>, <vdumpa@nvidia.com>,
        Sri Krishna chowdary <schowdary@nvidia.com>
Subject: [PATCH] selinux: avc: mark avc node as not a leak
Date:   Wed, 9 Jan 2019 14:09:22 +0530
Message-ID: <1547023162-6381-1-git-send-email-prpatel@nvidia.com>
X-Mailer: git-send-email 2.7.4
X-NVConfidentiality: public
MIME-Version: 1.0
Content-Type: text/plain
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1;
        t=1547023172; bh=d8nk7slwlRpiZg/raOdY1xeZB8HZ56EW4GxJN3oaLI4=;
        h=X-PGP-Universal:From:To:CC:Subject:Date:Message-ID:X-Mailer:
         X-NVConfidentiality:MIME-Version:Content-Type;
        b=hLEsvWQOHdvqppyoGhavWWiwtZHwSrIOoTQRuR78d2ScVatIwkp8OmLC69zts+iBf
         rsYu5zBXuve4SBmFveLWtpGwKsN55oKASYwIZl5Sc03RASnWufgc1HAJ6fcLTCXyWS
         k4jxYJkeBhaN2237bCl4Nj/Hq1rNbnsjWVJjOkRfrDUamBVpv2ydK51cEuhLo7IOKI
         1PlqVrim5zVM/NoBOy3IirQw2x4hE/+Vy+Jxax+zSGEYfC2QUybzY7jqzFGBvvJIHF
         5QhqomtxUsdzzeQOK5ssYb7M725bS95iCtix76TycWyH0bjc8zb/9ztsLv6nWJvpzM
         UTuAJev+smbpg==
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Sri Krishna chowdary <schowdary@nvidia.com>

kmemleak detects allocated objects as leaks if not accessed for
default scan time. The memory allocated using avc_alloc_node
is freed using rcu mechanism when nodes are reclaimed or on
avc_flush. So, there is no real leak here and kmemleak_scan
detects it as a leak which is false positive. Hence, mark it as
kmemleak_not_leak.

Following is the log for avc_alloc_node detected as leak:
unreferenced object 0xffffffc0dd1a0e60 (size 64):
  comm "InputDispatcher", pid 648, jiffies 4294944629 (age 698.180s)
  hex dump (first 32 bytes):
    ed 00 00 00 ed 00 00 00 17 00 00 00 3f fe 41 00  ............?.A.
    00 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffc000192390>] __save_stack_trace+0x24/0x34
    [<ffffffc000192dcc>] create_object+0x13c/0x290
    [<ffffffc000b926f0>] kmemleak_alloc+0x80/0xbc
    [<ffffffc00018e018>] kmem_cache_alloc+0x128/0x1f8
    [<ffffffc000313d40>] avc_alloc_node+0x2c/0x1e8
    [<ffffffc000313f34>] avc_insert+0x38/0x13c
    [<ffffffc000314084>] avc_compute_av+0x4c/0x60
    [<ffffffc00031461c>] avc_has_perm_flags+0x90/0x188
    [<ffffffc000319430>] sock_has_perm+0x84/0x98
    [<ffffffc0003194e4>] selinux_socket_sendmsg+0x1c/0x28
    [<ffffffc000312f58>] security_socket_sendmsg+0x14/0x20
    [<ffffffc0009c60c4>] sock_sendmsg+0x70/0xc8
    [<ffffffc0009c8884>] SyS_sendto+0x140/0x1ec
    [<ffffffc0000853c0>] el0_svc_naked+0x34/0x38
    [<ffffffffffffffff>] 0xffffffffffffffff

Signed-off-by: Sri Krishna chowdary <schowdary@nvidia.com>
Signed-off-by: Prateek <prpatel@nvidia.com>
---
 security/selinux/avc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 635e5c1..ecfd0cd 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -30,6 +30,7 @@
 #include <linux/audit.h>
 #include <linux/ipv6.h>
 #include <net/ipv6.h>
+#include <linux/kmemleak.h>
 #include "avc.h"
 #include "avc_ss.h"
 #include "classmap.h"
@@ -573,6 +574,7 @@ static struct avc_node *avc_alloc_node(struct selinux_avc *avc)
 	if (!node)
 		goto out;
 
+	kmemleak_not_leak(node);
 	INIT_HLIST_NODE(&node->list);
 	avc_cache_stats_incr(allocations);
 
-- 
2.7.4