Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5132820yba;
        Wed, 10 Apr 2019 12:05:06 -0700 (PDT)
X-Google-Smtp-Source: APXvYqy7hCD/Bh5RyxnRXdWTCOqWhogJoz+R5FqfDgHemMC7Tr7FT1jSIg92dBFufMfabh/nQfNu
X-Received: by 2002:a17:902:8a81:: with SMTP id p1mr46133537plo.106.1554923105942;
        Wed, 10 Apr 2019 12:05:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554923105; cv=none;
        d=google.com; s=arc-20160816;
        b=Ded8L/8clHKv3t3HJAHziLyswXbTCNKD60rI6zgQlolOkSfnjj0mp6WrnDU0qCN4JO
         pVmkG5aT5jRiHjRANKsQ47wA5zmxIAgc0ekZ2fIO2IMn2eVeOAN0HOs4pByWxwIVOIxM
         H/PPbMWLkQKA+WuxpUoJthPbPzKxRtIyX6Q7+bNBmoSxScFBBl1DJceXVApQcyk7mezE
         4wubyogxprEqwnWoJxP45SvEEOm+CT0J17hGMpTh+Tu2mKmkXOXRSNGmHEPQGbPreDWH
         t0dhmnvQIaJFJ+t956R4nkm4XTUtP60KKO1zqYIihnkEsWXDpU2DzZnkkOy57UhSjwr3
         dAYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=nAH6NAlgtl175TLgbumZx7NKcw5PYq5notwREA+Ubnw=;
        b=dqXmbpbqysWPmDyq7A9r0kUkR+x2W6joTq6JDbA7v3Cta55RNPv7xVEtJ0q4RVLgY0
         bwuUMWKFNeQ4oLDf4IhSblMJqHjmTp738SOy9kl26F1aiTg8FBUjT1n7qlAGEUv8yFpP
         B+ipUPLOBpySDFqpwimRaNx8v8TCYD2hxLVhNf9EX3ll4MXo4Y41HU27K6R4vFji1nBH
         0jJhF3E1iDno02EW2zM0ESc/CZEls3BHRoq+ME86yC0vXZQHOpYjwl6gRDkj7/QsS44E
         iUDCOP/kK40cckRCicvkx5VHhO7WT0400EBhUiAOcV36VTyvsfSDb9vucJELoBkTveK6
         tSkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p22si33056693pgh.468.2019.04.10.12.04.49;
        Wed, 10 Apr 2019 12:05:05 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729268AbfDJR3Q (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Wed, 10 Apr 2019 13:29:16 -0400
Received: from namei.org ([65.99.196.166]:33462 "EHLO namei.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729226AbfDJR3Q (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 10 Apr 2019 13:29:16 -0400
Received: from localhost (localhost [127.0.0.1])
        by namei.org (8.14.4/8.14.4) with ESMTP id x3AHT7nZ026352;
        Wed, 10 Apr 2019 17:29:07 GMT
Date:   Thu, 11 Apr 2019 03:29:07 +1000 (AEST)
From:   James Morris <jmorris@namei.org>
To:     Jann Horn <jannh@google.com>
cc:     David Howells <dhowells@redhat.com>,
        "Serge E. Hallyn" <serge@hallyn.com>, linux-kernel@vger.kernel.org,
        keyrings@vger.kernel.org, linux-security-module@vger.kernel.org
Subject: Re: [PATCH] security: don't use RCU accessors for
 cred->session_keyring
In-Reply-To: <20190327153938.82007-1-jannh@google.com>
Message-ID: <alpine.LRH.2.21.1904110328490.25754@namei.org>
References: <20190327153938.82007-1-jannh@google.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 27 Mar 2019, Jann Horn wrote:

> sparse complains that a bunch of places in kernel/cred.c access
> cred->session_keyring without the RCU helpers required by the __rcu
> annotation.
> 
> cred->session_keyring is written in the following places:
> 
>  - prepare_kernel_cred() [in a new cred struct]
>  - keyctl_session_to_parent() [in a new cred struct]
>  - prepare_creds [in a new cred struct, via memcpy]
>  - install_session_keyring_to_cred()
>   - from install_session_keyring() on new creds
>   - from join_session_keyring() on new creds [twice]
>   - from umh_keys_init()
>    - from call_usermodehelper_exec_async() on new creds
> 
> All of these writes are before the creds are committed; therefore,
> cred->session_keyring doesn't need RCU protection.
> 
> Remove the __rcu annotation and fix up all existing users that use __rcu.
> 
> Signed-off-by: Jann Horn <jannh@google.com>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general


-- 
James Morris
<jmorris@namei.org>