Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp1318617ybn; Wed, 25 Sep 2019 16:16:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqxqvo0VkRsWZPzarWg7UVOWBLcDSnp3wk8cQhPYuOwf1cOgmI/qnUzFpz6Zab0Rai7VLi98 X-Received: by 2002:a50:852c:: with SMTP id 41mr477741edr.201.1569453377673; Wed, 25 Sep 2019 16:16:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569453377; cv=none; d=google.com; s=arc-20160816; b=dd2ugsz/pHdfzT/+VHL8TJlJWQkH7I4+mROZnW0NJ+q+OMxBDguaSfckNTv6QPW6p1 8CSjOVIkCLiH7+iC5PeChsxHdSAt2cmWeOS3vuC8QBDQpYX9HKPnfvWL6JlIlK0GKjtH d5R3o6Rf2+vKTJwoyYUSNoAVU9jmvP6FxIkYvQ0mj/YDgEoblShzAyW/V621gn4TE9SR kXgmnYhmthtTRr+H80TGiVqKMcCN8vD8a0qW0Vh58ozWv4F9M5ywXR2eEpS9W4PB6Bm1 cO/3jsS5GDlJ7dBVjRY03TkKjYN1Gv70wXas/wfJTG8LOsIDjRhxngYKKRgIJM24h3x1 nMSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=GHCBm/1jGmQwHbU3E0NMphnn1MxQoT3D3BrUANEfkOQ=; b=KFjbJHDeZyznNJn+bGQMyIuQ6/dm9mePdVd6/lrvE7+QFzAA5KSiTemBPHkkAaoSa4 6rD2q97IX9luui1rOA/cRtCWta2lxbtNJPQ5LsyGe2sufS4y5u8NfpoGOAMKMT6hzGF5 TDkSScVkL/QXSyEQ2R4IKs789ZXA3HEG7K56C4TfdBIwd4eloI0VSKXgjbeKwGKtEl1P Mwgw9PZV2ZakemYZuLeOUhQDICrAPD5gAmP2mEXGo4kuX1Kpgsn0rOtVLGfcvG2u/iQO g+semakbzDVBJR4iVnBhPW58CcIeuHVkCftABFGF8yRV93dClqKkZ0aZhscCZw6kiffa V7Wg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=YmtIQM7n; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b16si288048edb.341.2019.09.25.16.15.54; Wed, 25 Sep 2019 16:16:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=YmtIQM7n; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728149AbfIWT2k (ORCPT + 99 others); Mon, 23 Sep 2019 15:28:40 -0400 Received: from mail-lj1-f195.google.com ([209.85.208.195]:42902 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726777AbfIWT2j (ORCPT ); Mon, 23 Sep 2019 15:28:39 -0400 Received: by mail-lj1-f195.google.com with SMTP id y23so14870118lje.9 for ; Mon, 23 Sep 2019 12:28:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GHCBm/1jGmQwHbU3E0NMphnn1MxQoT3D3BrUANEfkOQ=; b=YmtIQM7n5dLYeJlfCVJ+MLwa5thzJ1ho3tngibt6UbSJkJPTQph1Vu2oFAv8ZLBEaN HEgNm5xkLBRGq23jgSJXV6Q9UkhNxsip0g20ZmKDNUdmDZhw8MtidquZ9VF6aL9TIqiP i8RkBSi926RqOawjghgbl4ZvL+ejQt7wCqw+0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GHCBm/1jGmQwHbU3E0NMphnn1MxQoT3D3BrUANEfkOQ=; b=Q8RxURZDnyl/Uimhx7TpG/xU+IkZ6IXK5e4yztFNzgjdiVy+VofKJFpKTM5zEq4EUC pW80wkpRG1LZDYEv4DDhU44E2rqm34D7+SrjL+TfR5mr8JHfztJv4atGVpAUgayyTxW/ N817SFQHrzUbJ1osPW+mrCzWwc/04VmL3r7P8+pOH1YDYVGZcoWHt+0tGbEzWkJTCN57 p7SNalh8FCPCCbXurxFtIXDj4QJ2LkNXfDJ5/nJ/bBrg1yigwrzP2PCgrkpfM4aFN5xc gvB+Q3tmkWW+o/rGGJmwqoBfoNmcrVC5gcw/a6OEFt0XgzXaETjQ7SOWAD4Fo3cxTRl1 blJQ== X-Gm-Message-State: APjAAAWqLd7NTMw03NQ0wTZe3RNUKWAVO86g5js2znJNutCVMUG5mNg3 H4WnSZZgOzxmHt5n3+exw0d/3dXTC1E= X-Received: by 2002:a2e:894b:: with SMTP id b11mr590906ljk.152.1569266916410; Mon, 23 Sep 2019 12:28:36 -0700 (PDT) Received: from mail-lj1-f174.google.com (mail-lj1-f174.google.com. [209.85.208.174]) by smtp.gmail.com with ESMTPSA id x76sm2801679ljb.81.2019.09.23.12.28.35 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 23 Sep 2019 12:28:35 -0700 (PDT) Received: by mail-lj1-f174.google.com with SMTP id b20so9511514ljj.5 for ; Mon, 23 Sep 2019 12:28:35 -0700 (PDT) X-Received: by 2002:a2e:1208:: with SMTP id t8mr584695lje.84.1569266914859; Mon, 23 Sep 2019 12:28:34 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Mon, 23 Sep 2019 12:28:19 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] SafeSetID LSM changes for 5.4 To: Micah Morton , Jann Horn , Bart Van Assche , "Paul E. McKenney" Cc: Linux Kernel Mailing List , linux-security-module Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 23, 2019 at 12:01 PM Linus Torvalds wrote: > > Anyway, this bug would likely had been avoided if rcu_swap_protected() > just returned the old pointer instead of changing the argument. Also, I have to say that the fact that I got the fundamentally buggy commit in a pull request during the 5.3 merge window, and merged it on July 16, but then get the pull request for the fix two months later, after 5.3 has been released, makes me very unhappy with the state of safesetid. The pull request itself was clearly never tested. That's a big problem. And *nobody* used it at all or tested it at all during the whole release process. That's another big problem. Should we just remove safesetid again? It's not really maintained, and it's apparently not used. It was merged in March (with the first commit in January), and here we are at end of September and this happens. So yes, syntactically I'll blame the bad RCU interfaces for why the bug happened. But the fact that the code didn't _work_ and was never tested by anybody for two months, that's not the fault of the RCU code. Linus