On Wed, 2024-10-09 at 18:25 +0200, Roberto Sassu wrote: > On Wed, 2024-10-09 at 11:37 -0400, Paul Moore wrote: > > On Wed, Oct 9, 2024 at 11:36 AM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > > On Tue, Oct 8, 2024 at 12:57 PM Roberto Sassu > > > <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > > > > > > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > > > > > Move out the mutex in the ima_iint_cache structure to a new structure > > > > called ima_iint_cache_lock, so that a lock can be taken regardless of > > > > whether or not inode integrity metadata are stored in the inode. > > > > > > > > Introduce ima_inode_security() to simplify accessing the new structure in > > > > the inode security blob. > > > > > > > > Move the mutex initialization and annotation in the new function > > > > ima_inode_alloc_security() and introduce ima_iint_lock() and > > > > ima_iint_unlock() to respectively lock and unlock the mutex. > > > > > > > > Finally, expand the critical region in process_measurement() guarded by > > > > iint->mutex up to where the inode was locked, use only one iint lock in > > > > __ima_inode_hash(), since the mutex is now in the inode security blob, and > > > > replace the inode_lock()/inode_unlock() calls in ima_check_last_writer(). > > > > > > > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > --- > > > > security/integrity/ima/ima.h | 26 ++++++++--- > > > > security/integrity/ima/ima_api.c | 4 +- > > > > security/integrity/ima/ima_iint.c | 77 ++++++++++++++++++++++++++----- > > > > security/integrity/ima/ima_main.c | 39 +++++++--------- > > > > 4 files changed, 104 insertions(+), 42 deletions(-) > > > > > > I'm not an IMA expert, but it looks reasonable to me, although > > > shouldn't this carry a stable CC in the patch metadata? > > > > > > Reviewed-by: Paul Moore <paul@xxxxxxxxxxxxxx> > > > > Sorry, one more thing ... did you verify this patchset resolves the > > syzbot problem? I saw at least one reproducer. > > Uhm, could not reproduce the deadlock with the reproducer. However, > without the patch I have a lockdep warning, and with I don't. > > I asked syzbot to try the patches. Let's see. @bpf: could you please manually trigger the tests in a PR? Next time will add the bpf-next tag (or I can send a PR directly from Github). This patch affects the BPF LSM, the bpf_ima_file_hash() and bpf_ima_inode_hash() helpers. Thanks Roberto
