From patchwork Tue Apr 13 07:09:37 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Johansen X-Patchwork-Id: 50042 X-Patchwork-Delegate: apw@canonical.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 1D5C8B7CF6 for ; Tue, 13 Apr 2010 17:10:34 +1000 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1O1aGS-00068B-1p; Tue, 13 Apr 2010 08:10:28 +0100 Received: from adelie.canonical.com ([91.189.90.139]) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1O1aG7-0005pu-2f for kernel-team@lists.ubuntu.com; Tue, 13 Apr 2010 08:10:07 +0100 Received: from hutte.canonical.com ([91.189.90.181]) by adelie.canonical.com with esmtp (Exim 4.69 #1 (Debian)) id 1O1aG7-0003OP-1F; Tue, 13 Apr 2010 08:10:07 +0100 Received: from [96.225.230.137] (helo=canonical.com) by hutte.canonical.com with esmtpsa (TLS-1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from ) id 1O1aG6-0002bL-IS; Tue, 13 Apr 2010 08:10:07 +0100 From: john.johansen@canonical.com To: kernel-team@lists.ubuntu.com Subject: [PATCH 08/11] AppArmor: Make sure to unmap aliases for vmalloced dfas before they are live Date: Tue, 13 Apr 2010 00:09:37 -0700 Message-Id: <1271142580-26555-9-git-send-email-john.johansen@canonical.com> X-Mailer: git-send-email 1.7.0 In-Reply-To: <1271142580-26555-1-git-send-email-john.johansen@canonical.com> References: <1271142580-26555-1-git-send-email-john.johansen@canonical.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com From: John Johansen OriginalAuthor: John Johansen OriginalLocation: git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparm$ commit: 6857acf643ba19eddfc29125fc011a3ce48fe87b BugLink: http://bugs.launchpad.net/bugs/529288 vmalloc doesn't guarentee that the tlbs of all cpus will be flushed when it completes. Instead the tlbs gets flushed lazily, however for AppArmor this is a problem as the dfa becomes live to all cpus as soon as the profile replacedby value is written (this is even before locking of the lists are removed). It is possible for another cpu to be in a state where it has an old tlb mapping for the vmalloc address (this will be caused by putting a reference on an old profile while replacing to the current), so that it references to the wrong memory location when doing dfa lookups. Replacement is not a common operation so make sure all memory aliases are removed before the dfa goes live. Signed-off-by: John Johansen Acked-by: Andy Whitcroft --- security/apparmor/match.c | 7 ++++++- 1 files changed, 6 insertions(+), 1 deletions(-) diff --git a/security/apparmor/match.c b/security/apparmor/match.c index 5a55959..afc2dd2 100644 --- a/security/apparmor/match.c +++ b/security/apparmor/match.c @@ -50,6 +50,7 @@ static struct table_header *unpack_table(char *blob, size_t bsize) { struct table_header *table = NULL; struct table_header th; + int unmap_alias = 0; size_t tsize; if (bsize < sizeof(struct table_header)) @@ -73,8 +74,10 @@ static struct table_header *unpack_table(char *blob, size_t bsize) /* freed by free_table */ table = kmalloc(tsize, GFP_KERNEL | __GFP_NOWARN); - if (!table) + if (!table) { + unmap_alias = 1; table = vmalloc(tsize); + } if (table) { *table = th; if (th.td_flags == YYTD_DATA8) @@ -91,6 +94,8 @@ static struct table_header *unpack_table(char *blob, size_t bsize) } out: + if (unmap_alias) + vm_unmap_aliases(); return table; fail: free_table(table);