On Thu, 2019-12-12 at 08:57 -0800, Lakshmi Ramasubramanian wrote:
> On 12/12/19 12:19 AM, Mimi Zohar wrote:
>
> >>> + ima_process_keys = true;
> >> +
> >> + INIT_LIST_HEAD(&temp_ima_keys);
> >> +
> >> + mutex_lock(&ima_keys_mutex);
> >> +
> >> + list_for_each_entry_safe(entry, tmp, &ima_keys, list)
> >> + list_move_tail(&entry->list, &temp_ima_keys);
> >> +
> >> + mutex_unlock(&ima_keys_mutex);
> >
> >
> > The v1 comment, which explained the need for using a temporary
> > keyring, is an example of an informative comment. If you don't
> > object, instead of re-posting this patch, I can insert it.
>
> Sure Mimi. Thanks for including the comment in the patch.
Looking at this again, something seems off or at least the comment
doesn't match the code.
/*
* To avoid holding the mutex while processing queued keys,
* transfer the queued keys with the mutex held to a temp list,
* release the mutex, and then process the queued keys from
* the temp list.
*
* Since ima_process_keys is set to true above, any new key will
* be processed immediately and not queued.
*/
Setting ima_process_key before taking the lock won't prevent the race.
I think you want to test ima_process_keys before taking the lock and
again immediately afterward taking the lock, before setting it. Then
the comment would match the code.
Shouldn't ima_process_keys be defined as static to limit the scope to
this file?
Mimi
