Re: 3.0.0-rc2-git1 -- BUG: sleeping function called from invalidcontext at mm/slub.c:847

From: Kyle Moffett
Date: Wed Jun 08 2011 - 17:57:32 EST

Next message: Eric Reischer: "Oops in 2.6.39 on auditd restart"
Previous message: Thomas Gleixner: "Re: [debug patch] printk: Add a printk killswitch to robustify NMIwatchdog messages"
In reply to: David Rientjes: "Re: 3.0.0-rc2-git1 -- BUG: sleeping function called from invalidcontext at mm/slub.c:847"
Next in thread: John Johansen: "Re: 3.0.0-rc2-git1 -- BUG: sleeping function called from invalidcontext at mm/slub.c:847"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Whoops, sent my previous reply as HTML... sorry!

On Wed, Jun 8, 2011 at 17:34, David Rientjes <rientjes@xxxxxxxxxx> wrote:
> On Wed, 8 Jun 2011, Matt Mackall wrote:
>
>> > Not sure why this ever actually worked with apparmor if prepare_creds()
>> > does an unconditional GFP_KERNEL allocation since this codepath hasn't
>> > changed in at least a year and we're holding a spinlock from setrlimit.
>> > John?
>>
>> Probably a lack of people enabling (and using!) both apparmor and
>> might_sleep. I don't this would be caught by a randconfig boot test.
>>
>
> Right, CONFIG_DEBUG_SPINLOCK_SLEEP isn't enabled by default even though
> CONFIG_DEBUG_KERNEL is. ÂWe should probably just allow prepare_creds() to
> take a gfp_t argument just like security_prepare_creds() and change
> existing callers to use GFP_KERNEL with the exception of those using
> setrlimit where we're always holding the spinlock.
>
> Documentation/security/credentials.txt says this:
>
> Â Â Â ÂTo alter the current process's credentials, a function should first prepare a
> Â Â Â Ânew set of credentials by calling:
>
> Â Â Â Â Â Â Â Âstruct cred *prepare_creds(void);
>
> Â Â Â Âthis locks current->cred_replace_mutex and then allocates and constructs a
> Â Â Â Âduplicate of the current process's credentials, returning with the mutex still
> Â Â Â Âheld if successful. ÂIt returns NULL if not successful (out of memory).
>
> although that mutex doesn't exist. ÂDavid, any downsides to passing the
> gfp_t into prepare_creds()?

Are you sure that would actually help? The bit about the "cred_replace_mutex"
seems to suggest that you would be locking a mutex *inside* of a spinlock, which
is not OK either, right?

I'm not all that familiar with the problematic code, but I think the
design is that the
code should call prepare_creds() *before* it takes the spinlock and then it can
decide inside the spinlock whether or not it actually needs to change
credentials.
I could be wrong, though.

Cheers,
Kyle Moffett
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric Reischer: "Oops in 2.6.39 on auditd restart"
Previous message: Thomas Gleixner: "Re: [debug patch] printk: Add a printk killswitch to robustify NMIwatchdog messages"
In reply to: David Rientjes: "Re: 3.0.0-rc2-git1 -- BUG: sleeping function called from invalidcontext at mm/slub.c:847"
Next in thread: John Johansen: "Re: 3.0.0-rc2-git1 -- BUG: sleeping function called from invalidcontext at mm/slub.c:847"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]