Linux v4.2-4507-g1e1a4e8f4391

1 files changed, 55 insertions, 55 deletions

diff --git a/security-device_cgroup-fix-RCU-lockdep-splat.patch b/security-device_cgroup-fix-RCU-lockdep-splat.patch
index 2de959ee9..0ecacdfe4 100644
--- a/security-device_cgroup-fix-RCU-lockdep-splat.patch
+++ b/security-device_cgroup-fix-RCU-lockdep-splat.patch
@@ -1,71 +1,71 @@
-From 28e1b4326abcc66839c6e21dd410fe983ee83fb3 Mon Sep 17 00:00:00 2001
-From: Felipe Balbi <balbi@ti.com>
-Date: Wed, 2 Sep 2015 08:12:28 -0500
+From 85f4e5ec7bbb5f8d7cc023a12af39d76c05cd204 Mon Sep 17 00:00:00 2001
+From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
+Date: Wed, 2 Sep 2015 17:14:33 -0700
 Subject: [PATCH] security: device_cgroup: fix RCU lockdep splat
 
-while booting AM437x device, the following splat
-triggered:
+On Wed, Sep 02, 2015 at 12:24:50PM -0400, Tejun Heo wrote:
+> cc'ing Paul.
+>
+> On Wed, Sep 02, 2015 at 08:12:28AM -0500, Felipe Balbi wrote:
+> > while booting AM437x device, the following splat
+> > triggered:
+> >
+> > [   12.005238] ===============================
+> > [   12.009749] [ INFO: suspicious RCU usage. ]
+> > [   12.014116] 4.2.0-next-20150831 #1154 Not tainted
+> > [   12.019050] -------------------------------
+> > [   12.023408] security/device_cgroup.c:405 device_cgroup:verify_new_ex called without proper synchronization!
+> ...
+> > [   12.128326] [<c0317a04>] (verify_new_ex) from [<c0317f50>] (devcgroup_access_write+0x374/0x658)
+> > [   12.137426] [<c0317f50>] (devcgroup_access_write) from [<c00d2800>] (cgroup_file_write+0x28/0x1bc)
+> > [   12.146796] [<c00d2800>] (cgroup_file_write) from [<c01f1670>] (kernfs_fop_write+0xc0/0x1b8)
+> > [   12.155620] [<c01f1670>] (kernfs_fop_write) from [<c0177c94>] (__vfs_write+0x1c/0xd8)
+> > [   12.163783] [<c0177c94>] (__vfs_write) from [<c0178594>] (vfs_write+0x90/0x16c)
+> > [   12.171426] [<c0178594>] (vfs_write) from [<c0178db4>] (SyS_write+0x44/0x9c)
+> > [   12.178806] [<c0178db4>] (SyS_write) from [<c000f680>] (ret_fast_syscall+0x0/0x1c)
+>
+> This shouldn't be happening because devcgroup_access_write() always
+> grabs devcgroup_mutex.  Looking at the log, the culprit seems to be
+> f78f5b90c4ff ("rcu: Rename rcu_lockdep_assert() to
+> RCU_LOCKDEP_WARN()").  It missed the bang for the second test while
+> inverting it, so adding rcu_read_lock() isn't the right fix here.
+>
+> Paul, can you please fix it?
 
-[   12.005238] ===============================
-[   12.009749] [ INFO: suspicious RCU usage. ]
-[   12.014116] 4.2.0-next-20150831 #1154 Not tainted
-[   12.019050] -------------------------------
-[   12.023408] security/device_cgroup.c:405 device_cgroup:verify_new_ex called without proper synchronization!
-[   12.033576] other info that might help us debug this:
+Gah!  Please see below.
 
-[   12.041942] rcu_scheduler_active = 1, debug_locks = 0
-[   12.048796] 4 locks held by systemd/1:
-[   12.052700]  #0:  (sb_writers#7){.+.+.+}, at: [<c017af84>] __sb_start_write+0x8c/0xb0
-[   12.060954]  #1:  (&of->mutex){+.+.+.}, at: [<c01f1600>] kernfs_fop_write+0x50/0x1b8
-[   12.069085]  #2:  (s_active#30){++++.+}, at: [<c01f1608>] kernfs_fop_write+0x58/0x1b8
-[   12.077310]  #3:  (devcgroup_mutex){+.+...}, at: [<c0317bfc>] devcgroup_access_write+0x20/0x658
-[   12.086575] stack backtrace:
-[   12.091124] CPU: 0 PID: 1 Comm: systemd Not tainted 4.2.0-next-20150831 #1154
-[   12.098609] Hardware name: Generic AM43 (Flattened Device Tree)
-[   12.104807] [<c001770c>] (unwind_backtrace) from [<c0013a58>] (show_stack+0x10/0x14)
-[   12.112924] [<c0013a58>] (show_stack) from [<c034f014>] (dump_stack+0x84/0x9c)
-[   12.120491] [<c034f014>] (dump_stack) from [<c0317a04>] (verify_new_ex+0xc4/0xdc)
-[   12.128326] [<c0317a04>] (verify_new_ex) from [<c0317f50>] (devcgroup_access_write+0x374/0x658)
-[   12.137426] [<c0317f50>] (devcgroup_access_write) from [<c00d2800>] (cgroup_file_write+0x28/0x1bc)
-[   12.146796] [<c00d2800>] (cgroup_file_write) from [<c01f1670>] (kernfs_fop_write+0xc0/0x1b8)
-[   12.155620] [<c01f1670>] (kernfs_fop_write) from [<c0177c94>] (__vfs_write+0x1c/0xd8)
-[   12.163783] [<c0177c94>] (__vfs_write) from [<c0178594>] (vfs_write+0x90/0x16c)
-[   12.171426] [<c0178594>] (vfs_write) from [<c0178db4>] (SyS_write+0x44/0x9c)
-[   12.178806] [<c0178db4>] (SyS_write) from [<c000f680>] (ret_fast_syscall+0x0/0x1c)
+							Thanx, Paul
 
-Fix it by making sure rcu_read_lock() is held
-around calls to parent_has_perm().
+------------------------------------------------------------------------
 
-Signed-off-by: Felipe Balbi <balbi@ti.com>
+security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition
+
+f78f5b90c4ff ("rcu: Rename rcu_lockdep_assert() to RCU_LOCKDEP_WARN()")
+introduced a bug by incorrectly inverting the condition when moving from
+rcu_lockdep_assert() to RCU_LOCKDEP_WARN().  This commit therefore fixes
+the inversion.
+
+Reported-by: Felipe Balbi <balbi@ti.com>
+Reported-by: Tejun Heo <tj@kernel.org>
+Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
+Cc: Serge Hallyn <serge@hallyn.com>
 ---
- security/device_cgroup.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
+ security/device_cgroup.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/security/device_cgroup.c b/security/device_cgroup.c
-index 73455089feef..dd77ed206fa4 100644
+index 73455089feef..03c1652c9a1f 100644
 --- a/security/device_cgroup.c
 +++ b/security/device_cgroup.c
-@@ -608,6 +608,7 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
- 	int count, rc = 0;
- 	struct dev_exception_item ex;
- 	struct dev_cgroup *parent = css_to_devcgroup(devcgroup->css.parent);
-+	int ret;
+@@ -401,7 +401,7 @@ static bool verify_new_ex(struct dev_cgroup *dev_cgroup,
+ 	bool match = false;
  
- 	if (!capable(CAP_SYS_ADMIN))
- 		return -EPERM;
-@@ -734,7 +735,11 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
- 			break;
- 		}
+ 	RCU_LOCKDEP_WARN(!rcu_read_lock_held() &&
+-			 lockdep_is_held(&devcgroup_mutex),
++			 !lockdep_is_held(&devcgroup_mutex),
+ 			 "device_cgroup:verify_new_ex called without proper synchronization");
  
--		if (!parent_has_perm(devcgroup, &ex))
-+		rcu_read_lock();
-+		ret = parent_has_perm(devcgroup, &ex);
-+		rcu_read_unlock();
-+
-+		if (!ret)
- 			return -EPERM;
- 		rc = dev_exception_add(devcgroup, &ex);
- 		break;
+ 	if (dev_cgroup->behavior == DEVCG_DEFAULT_ALLOW) {
 -- 
 2.4.3