diff mbox series

selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is true

Message ID 164996959615.228204.13557296900347416352.stgit@olly (mailing list archive)
State Accepted
Delegated to: Paul Moore
Headers show
Series selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is true | expand

Commit Message

Paul Moore April 14, 2022, 8:53 p.m. UTC 
Unfortunately commit 81200b0265b1 ("selinux: checkreqprot is
deprecated, add some ssleep() discomfort") added a five second sleep
during early kernel boot, e.g. start_kernel(), which could cause a
"scheduling while atomic" panic.  This patch fixes this problem by
moving the sleep out of checkreqprot_set() and into
sel_write_checkreqprot() so that we only sleep when the checkreqprot
setting is set during runtime, after the kernel has booted.  The
error message remains the same in both cases.

Fixes: 81200b0265b1 ("selinux: checkreqprot is deprecated, add some ssleep() discomfort")
Reported-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 security/selinux/include/security.h |    4 +---
 security/selinux/selinuxfs.c        |    2 ++
 2 files changed, 3 insertions(+), 3 deletions(-)

Comments

Paul Moore April 14, 2022, 8:54 p.m. UTC | #1 
On Thu, Apr 14, 2022 at 4:53 PM Paul Moore <paul@paul-moore.com> wrote:
>
> Unfortunately commit 81200b0265b1 ("selinux: checkreqprot is
> deprecated, add some ssleep() discomfort") added a five second sleep
> during early kernel boot, e.g. start_kernel(), which could cause a
> "scheduling while atomic" panic.  This patch fixes this problem by
> moving the sleep out of checkreqprot_set() and into
> sel_write_checkreqprot() so that we only sleep when the checkreqprot
> setting is set during runtime, after the kernel has booted.  The
> error message remains the same in both cases.
>
> Fixes: 81200b0265b1 ("selinux: checkreqprot is deprecated, add some ssleep() discomfort")
> Reported-by: J. Bruce Fields <bfields@fieldses.org>
> Signed-off-by: Paul Moore <paul@paul-moore.com>
> ---
>  security/selinux/include/security.h |    4 +---
>  security/selinux/selinuxfs.c        |    2 ++
>  2 files changed, 3 insertions(+), 3 deletions(-)

This patch is very trivial, but just a word of warning that I haven't
actually tested it yet, so YMMV ... my test kernel is building now.

> diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
> index f7e6be63adfb..393aff41d3ef 100644
> --- a/security/selinux/include/security.h
> +++ b/security/selinux/include/security.h
> @@ -152,10 +152,8 @@ static inline bool checkreqprot_get(const struct selinux_state *state)
>
>  static inline void checkreqprot_set(struct selinux_state *state, bool value)
>  {
> -       if (value) {
> +       if (value)
>                 pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot\n");
> -               ssleep(5);
> -       }
>         WRITE_ONCE(state->checkreqprot, value);
>  }
>
> diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
> index 6c8b6a0ddecf..8fcdd494af27 100644
> --- a/security/selinux/selinuxfs.c
> +++ b/security/selinux/selinuxfs.c
> @@ -762,6 +762,8 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf,
>         }
>
>         checkreqprot_set(fsi->state, (new_value ? 1 : 0));
> +       if (new_value)
> +               ssleep(5);
>         length = count;
>
>         selinux_ima_measure_state(fsi->state);
>
Paul Moore April 14, 2022, 10:05 p.m. UTC | #2 
On Thu, Apr 14, 2022 at 4:54 PM Paul Moore <paul@paul-moore.com> wrote:
> On Thu, Apr 14, 2022 at 4:53 PM Paul Moore <paul@paul-moore.com> wrote:
> >
> > Unfortunately commit 81200b0265b1 ("selinux: checkreqprot is
> > deprecated, add some ssleep() discomfort") added a five second sleep
> > during early kernel boot, e.g. start_kernel(), which could cause a
> > "scheduling while atomic" panic.  This patch fixes this problem by
> > moving the sleep out of checkreqprot_set() and into
> > sel_write_checkreqprot() so that we only sleep when the checkreqprot
> > setting is set during runtime, after the kernel has booted.  The
> > error message remains the same in both cases.
> >
> > Fixes: 81200b0265b1 ("selinux: checkreqprot is deprecated, add some ssleep() discomfort")
> > Reported-by: J. Bruce Fields <bfields@fieldses.org>
> > Signed-off-by: Paul Moore <paul@paul-moore.com>
> > ---
> >  security/selinux/include/security.h |    4 +---
> >  security/selinux/selinuxfs.c        |    2 ++
> >  2 files changed, 3 insertions(+), 3 deletions(-)
>
> This patch is very trivial, but just a word of warning that I haven't
> actually tested it yet, so YMMV ... my test kernel is building now.

Everything is behaving sanely on my Rawhide VM, both when built with 0
and 1 values for checkreqprot, so unless I hear any objections I'll
merge this later tonight.
Paul Moore April 14, 2022, 11:37 p.m. UTC | #3 
On Thu, Apr 14, 2022 at 6:05 PM Paul Moore <paul@paul-moore.com> wrote:
> On Thu, Apr 14, 2022 at 4:54 PM Paul Moore <paul@paul-moore.com> wrote:
> > On Thu, Apr 14, 2022 at 4:53 PM Paul Moore <paul@paul-moore.com> wrote:
> > >
> > > Unfortunately commit 81200b0265b1 ("selinux: checkreqprot is
> > > deprecated, add some ssleep() discomfort") added a five second sleep
> > > during early kernel boot, e.g. start_kernel(), which could cause a
> > > "scheduling while atomic" panic.  This patch fixes this problem by
> > > moving the sleep out of checkreqprot_set() and into
> > > sel_write_checkreqprot() so that we only sleep when the checkreqprot
> > > setting is set during runtime, after the kernel has booted.  The
> > > error message remains the same in both cases.
> > >
> > > Fixes: 81200b0265b1 ("selinux: checkreqprot is deprecated, add some ssleep() discomfort")
> > > Reported-by: J. Bruce Fields <bfields@fieldses.org>
> > > Signed-off-by: Paul Moore <paul@paul-moore.com>
> > > ---
> > >  security/selinux/include/security.h |    4 +---
> > >  security/selinux/selinuxfs.c        |    2 ++
> > >  2 files changed, 3 insertions(+), 3 deletions(-)
> >
> > This patch is very trivial, but just a word of warning that I haven't
> > actually tested it yet, so YMMV ... my test kernel is building now.
>
> Everything is behaving sanely on my Rawhide VM, both when built with 0
> and 1 values for checkreqprot, so unless I hear any objections I'll
> merge this later tonight.

.... aaaand it's merged.
diff mbox series

Patch

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index f7e6be63adfb..393aff41d3ef 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -152,10 +152,8 @@  static inline bool checkreqprot_get(const struct selinux_state *state)
 
 static inline void checkreqprot_set(struct selinux_state *state, bool value)
 {
-	if (value) {
+	if (value)
 		pr_err("SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot\n");
-		ssleep(5);
-	}
 	WRITE_ONCE(state->checkreqprot, value);
 }
 
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 6c8b6a0ddecf..8fcdd494af27 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -762,6 +762,8 @@  static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf,
 	}
 
 	checkreqprot_set(fsi->state, (new_value ? 1 : 0));
+	if (new_value)
+		ssleep(5);
 	length = count;
 
 	selinux_ima_measure_state(fsi->state);