[Top] [All Lists]

Re: [PATCH] security: Delay freeing inode->i_security till the end of RC

To: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH] security: Delay freeing inode->i_security till the end of RCU grace period
From: Chandra Seetharaman <sekharan@xxxxxxxxxx>
Date: Tue, 06 Dec 2011 11:04:53 -0600
Cc: Christoph Hellwig <hch@xxxxxxxxxxxxx>, sekharan@xxxxxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, Eric Paris <eparis@xxxxxxxxxxxxxx>, XFS Mailing List <xfs@xxxxxxxxxxx>
In-reply-to: <1323189102.2165.39.camel@falcor>
Organization: IBM
References: <1323110541.31919.1451.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20111206151429.GB11874@xxxxxxxxxxxxx> <1323189102.2165.39.camel@falcor>
Reply-to: sekharan@xxxxxxxxxx
On Tue, 2011-12-06 at 11:30 -0500, Mimi Zohar wrote:
> On Tue, 2011-12-06 at 10:14 -0500, Christoph Hellwig wrote:
> > On Mon, Dec 05, 2011 at 12:42:21PM -0600, Chandra Seetharaman wrote:
> > > while running test case 234 from xfstests test suite, I was getting an
> > > occational memory fault in inode_has_perm() with the following stack
> > 
> > Interesting.  Given that have no good way to free other data with the
> > normal inode callback it looks like we indeed need to do this
> > separately.
> > 
> > What about IMA or similar monsters?  Posix ACLs already are covered at
> > least.
> Looks like a similar problem exists with the 'iint'.

I walked thru the code and saw integrity_iint_find() is the one that
would be used to see if a iint data structure is associated. And, all
all the invocations of integrity_iint_find() check for NULL and handle
it properly.

I might be wrong since I am not familiar with the code. Can you please
double check and let me know if I am wrong. 

> Mimi

<Prev in Thread] Current Thread [Next in Thread>