Re: [PATCH v3 1/2] IMA: Define workqueue for early boot "key" measurements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2019-12-12 at 18:59 -0800, Lakshmi Ramasubramanian wrote:
> On 12/12/2019 6:32 PM, Mimi Zohar wrote:
> 
> >>>
> >>> Don't you need a test here, before setting ima_process_keys?
> >>>
> >>> 	if (ima_process_keys)
> >>> 		return;

> >> That check is done before the comment - at the start of
> >> ima_process_queued_keys().
> > 
> > The first test prevents taking the mutex unnecessarily.
> > 
> 
> I am trying to understand your concern here. Could you please clarify?
> 
>   => If ima_process_keys is false
>        -> With the mutex held, should check ima_process_keys again 
> before setting?
> 
> Let's say 2 or more threads are racing in calling ima_process_queued_keys():
> 
> The 1st one will set ima_process_keys and process queued keys.
> 
> The 2nd and subsequent ones - even if they have gone past the initial 
> check, will find an empty list of keys (the list "ima_keys") when they 
> take the mutex. So they'll not process any keys.

I just need to convince myself that this is correct.  Normally before
reading and writing a flag, there is some sort of locking.  With
taking the mutex before setting the flag, there is now only a lock
around the single writer.

Without taking a lock before reading the flag, will the queue always
be empty is the question.  If it is, then the comment is correct, but
the code assumes not and processes the list again.  Testing the flag
after taking the mutex just re-enforces the comment.

Bottom line, does reading the flag need to be lock protected?

Mimi





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux