Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3248631pxk; Tue, 15 Sep 2020 14:10:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw6mTTiwjnC+M8q1XQe88NYaTPe3CGUoIU7gv32hvdnH6jrBrnFBR0/MTZxfvUfrOxxNPTC X-Received: by 2002:a17:906:b74a:: with SMTP id fx10mr21567565ejb.232.1600204208448; Tue, 15 Sep 2020 14:10:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600204208; cv=none; d=google.com; s=arc-20160816; b=iM5Xoc7swIAOCxWBlnhS3WLyWtNSWJ9x6TD4HDafFkLkTMSWSV1i45PdHCluIIn8fn lFUwUH1B0lYpsmWvsJITBXpbr6OmRkuQEUC82vYMo2Q4lULsmZ/kVPKc9KsTflUs37VI C2FQ7xp6ytemrXhmO683aH1+ZcEoiDfj2XjUfKXjjtvg9358OpBAt3zUD4Uer31PYEyp HMPt92zvpCRmMmYg/6KfDS2LyNtbeYvG9ndWCSCt0z90fn6otbDCL+LzKlOjQaajUTYq QPkroGKwWXpQD8I6e7efflMzHyAj+8RwaY7ygfQBoxEu9GVsD3yz2voLYvvPz9tPsvzG XZ2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:message-id :subject:cc:to:from:date; bh=6oBKeXZkhgpMVsQ7K1O4KqpEAfeHgItyb6Xlb4gJ0ds=; b=noak4Y4MInyvQR+cZkG/Vw+3KTkgZ7XDyskKcmX+YSSwsZS1cjxgr6FKEKVUfczCxQ MDOWaOFzDbtPyEz2RDEnfvO5UVPTb4qzVozhKjxWey1lr1jgUZEwu5GaPIA2KmXLQAcl kmV/1wjPf8k4bKkT54AjamxFWiCiwgF2vMmI0IRJxe/3nfkjCMwNowE+ZagtftwPodr3 a96KZWGj3+dAneebSxZ4sM/ArDLKwitMuxCWuuG7TXCKZ3jytMrhrDcN3UfuH/PubzIT OkF5WTfkRCUb/f1lLlblQjm+qgfy0h3tPDrCRiElfJi2WTVUt2lpNSZagX/OqdycBuGP Gnvw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b5si10484359ejq.317.2020.09.15.14.09.43; Tue, 15 Sep 2020 14:10:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728040AbgIOU20 (ORCPT + 99 others); Tue, 15 Sep 2020 16:28:26 -0400 Received: from namei.org ([65.99.196.166]:57558 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727982AbgIOUWX (ORCPT ); Tue, 15 Sep 2020 16:22:23 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id 08FKLTg6008561; Tue, 15 Sep 2020 20:21:29 GMT Date: Wed, 16 Sep 2020 06:21:29 +1000 (AEST) From: James Morris To: Linus Torvalds cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [GIT PULL] security: device_cgroup RCU warning fix Message-ID: User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This was posted a while back and been baking in -next for a while, please consider for 5.9. The following changes since commit bcf876870b95592b52519ed4aafcf9d95999bc9c: Linux 5.8 (2020-08-02 14:21:45 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git tags/fixes-v5.9a for you to fetch changes up to bc62d68e2a0a69fcdcf28aca8edb01abf306b698: device_cgroup: Fix RCU list debugging warning (2020-08-20 11:25:03 -0700) ---------------------------------------------------------------- device_cgroup RCU warning fix from Amol Grover ---------------------------------------------------------------- Amol Grover (1): device_cgroup: Fix RCU list debugging warning security/device_cgroup.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) commit bc62d68e2a0a69fcdcf28aca8edb01abf306b698 Author: Amol Grover Date: Mon Apr 6 16:29:50 2020 +0530 device_cgroup: Fix RCU list debugging warning exceptions may be traversed using list_for_each_entry_rcu() outside of an RCU read side critical section BUT under the protection of decgroup_mutex. Hence add the corresponding lockdep expression to fix the following false-positive warning: [ 2.304417] ============================= [ 2.304418] WARNING: suspicious RCU usage [ 2.304420] 5.5.4-stable #17 Tainted: G E [ 2.304422] ----------------------------- [ 2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!! Signed-off-by: Amol Grover Signed-off-by: James Morris diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 43ab0ad45c1b..04375df52fc9 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -354,7 +354,8 @@ static bool match_exception_partial(struct list_head *exceptions, short type, { struct dev_exception_item *ex; - list_for_each_entry_rcu(ex, exceptions, list) { + list_for_each_entry_rcu(ex, exceptions, list, + lockdep_is_held(&devcgroup_mutex)) { if ((type & DEVCG_DEV_BLOCK) && !(ex->type & DEVCG_DEV_BLOCK)) continue; if ((type & DEVCG_DEV_CHAR) && !(ex->type & DEVCG_DEV_CHAR))