Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp876073ybc;
        Tue, 19 Nov 2019 10:42:36 -0800 (PST)
X-Google-Smtp-Source: APXvYqwiS6qkD1You2tCr2AoaWXH5zeIPn6e10IIB5e78MXDhgzB9NlAwiztWBpdOhwTp/Ow0eob
X-Received: by 2002:a17:906:27ca:: with SMTP id k10mr35357488ejc.242.1574188956880;
        Tue, 19 Nov 2019 10:42:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1574188956; cv=none;
        d=google.com; s=arc-20160816;
        b=Nbv2Zk1pvMQ+/IuGuFW/pyFvbH8GuqTFAUtQdGDQEJ7qJdXnL144kqHrrg7SL8i8ek
         6J8hNnXt9NqX9QAA++wQd7ih5+60FCtXJjBYgmsrecdBaN3pcOeVxXvq/FWippL9UzAw
         qhKpIuqVcociycIYAo/O1ww6h5VDsf90Zn65fUhVTY0rSePb5sZxu0l3dnFmAGdnJqBr
         5vWTDIjv7QYxsutVKwMmpJCuDK5xqlHKHUPh6OqTj1ZY39HKfWns1TeeulAkj7cfNaEG
         /Ji/3T+6g7GCVt7Pn7NSxApzWs/7pp0Ie2NX/Ww833IRSBi+KRV7smEPwd+aFQIaUl5F
         B/Qg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=x4FHjri2HHrchT0G0asCzuzVbx+9jVexILOf35q0mB8=;
        b=wNOE0Y7uVQDGu4WG29xSqUbt4EitF/VUjHkzO5rvbeVCM3c1uSGZ3qpxUf5l3/bSs6
         wh7D3NT6Fs71o9g/WQsMMAEh3V+X5NwbMXGpJ0gN0qDPURNSVT/dxwNC5YmpS6U5p8qZ
         FwIRF9JA93RWZ+e4Y+qZTPH3Fhnc+H422XR5ZjY+cGAU+nij6SGJgHrV75TgrXVc26jN
         ++B9nq5dOMDIvH+JDfHUbjqse3doA3iRBMgZIoM02rNkAhThTmaStWgsAulX8fYphdHy
         FBkZNOE1Z2IlFS55RYpwZKAEXDLahhVNkqhPvpaaWlBYjILnFf9BXnk3xhlrJwb/QBDS
         psKg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=AO993QY7;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h12si14432521ejf.418.2019.11.19.10.42.10;
        Tue, 19 Nov 2019 10:42:36 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=AO993QY7;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727368AbfKSSlE (ORCPT <rfc822;parkch98@gmail.com> + 99 others);
        Tue, 19 Nov 2019 13:41:04 -0500
Received: from mail.kernel.org ([198.145.29.99]:52776 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726994AbfKSSlE (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 19 Nov 2019 13:41:04 -0500
Received: from localhost.localdomain (236.31.169.217.in-addr.arpa [217.169.31.236])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 5A8FD223E4;
        Tue, 19 Nov 2019 18:41:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1574188863;
        bh=xA0ajxnB6VzJLOi7+RioMph7fWev++IdvBzPPGwcjBI=;
        h=From:To:Cc:Subject:Date:From;
        b=AO993QY7QtiT1Hl0P/Em9VuQAv8EvAoj29/5f2+psplZ/sKQmURkOku2fqsXj71As
         +F/YLPM/XUAkkgW8hSnv73SueCx+8f6OTTjnkM79j2lB0fnVs/Xe8Sc4EAPMwItZba
         HZp2KIsfFgu2x2Arta6P0Ed86k2rh98j0/hYHN78=
From:   Will Deacon <will@kernel.org>
To:     selinux@vger.kernel.org
Cc:     linux-kernel@vger.kernel.org, Will Deacon <will@kernel.org>,
        Paul Moore <paul@paul-moore.com>,
        Ondrej Mosnacek <omosnace@redhat.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        Jeffrey Vander Stoep <jeffv@google.com>
Subject: [RFC PATCH 0/2] Avoid blocking in selinux inode callbacks on RCU walk
Date:   Tue, 19 Nov 2019 18:40:55 +0000
Message-Id: <20191119184057.14961-1-will@kernel.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi all,

While debugging a KASAN report in the selinux access vector cache hash
table, I noticed that it looks like we may block in the inode_follow_link()
and inode_permission() callbacks, even when called from the VFS layer as
part of an RCU-protected path walk.

These two patches attempt to fix that, but since I found this by
inspection and I'm not familiar with this code, I'm sending as an RFC in
case I missed something that means this cannot happen.

Comments very welcome,

Will

Cc: Paul Moore <paul@paul-moore.com>
Cc: Ondrej Mosnacek <omosnace@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Jeffrey Vander Stoep <jeffv@google.com>

--->8

Will Deacon (2):
  selinux: Don't call avc_compute_av() from RCU path walk
  selinux: Propagate RCU walk status from 'security_inode_follow_link()'

 security/selinux/avc.c         | 21 +++++++++++++--------
 security/selinux/hooks.c       |  5 +++--
 security/selinux/include/avc.h | 12 ++++++++----
 3 files changed, 24 insertions(+), 14 deletions(-)

-- 
2.24.0.432.g9d3f5f5b63-goog