On Tue, Nov 15, 2016 at 5:06 AM, Andreas Gruenbacher <agruenba@xxxxxxxxxx> wrote: > On Mon, Nov 14, 2016 at 11:22 PM, Paul Moore <paul@xxxxxxxxxxxxxx> wrote: >> We shouldn't need the spinlocks on the socket_post_create() and the >> socket_accept() hooks as the callers should still have exclusive >> access to the socket/inode at that point. >> >> I didn't check all the callers of the inode_init_security(), but it >> looks like the same idea applies. > > Indeed. An updated patch with the unnecessary locking removed follows. > > Thanks, > Andreas > > -- > > Convert isec->lock from a mutex into a spinlock. Instead of holding the > lock while sleeping in inode_doinit_with_dentry, set isec->initialized > to LABEL_PENDING and release the lock. Then, when the sid has been > determined, re-acquire the lock. If isec->initialized is still set to > LABEL_PENDING, set isec->sid; otherwise, the sid has been set by another > task (LABEL_INITIALIZED) or invalidated (LABEL_INVALID) in the meantime. > > This fixes a deadlock on gfs2 where > > * one task is in inode_doinit_with_dentry -> gfs2_getxattr, holds > isec->lock, and tries to acquire the inode's glock, and > > * another task is in do_xmote -> inode_go_inval -> > selinux_inode_invalidate_secctx, holds the inode's glock, and tries > to acquire isec->lock. > > Signed-off-by: Andreas Gruenbacher <agruenba@xxxxxxxxxx> > --- > security/selinux/hooks.c | 102 +++++++++++++++++++++++--------------- > security/selinux/include/objsec.h | 5 +- > 2 files changed, 66 insertions(+), 41 deletions(-) Merged with some minor tweaks to keep ./scripts/checkpatch.pl happy, e.g. use "spinlock_t". -- paul moore www.paul-moore.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
