From patchwork Wed Jan 9 08:39:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prateek Patel X-Patchwork-Id: 10753627 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9B43217FB for ; Wed, 9 Jan 2019 08:40:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DEF928F7D for ; Wed, 9 Jan 2019 08:40:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 81E3028F81; Wed, 9 Jan 2019 08:40:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 32E7828F7D for ; Wed, 9 Jan 2019 08:40:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729956AbfAIIjq (ORCPT ); Wed, 9 Jan 2019 03:39:46 -0500 Received: from hqemgate14.nvidia.com ([216.228.121.143]:1532 "EHLO hqemgate14.nvidia.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729702AbfAIIjp (ORCPT ); Wed, 9 Jan 2019 03:39:45 -0500 Received: from hqpgpgate102.nvidia.com (Not Verified[216.228.121.13]) by hqemgate14.nvidia.com (using TLS: TLSv1.2, DES-CBC3-SHA) id ; Wed, 09 Jan 2019 00:39:32 -0800 Received: from hqmail.nvidia.com ([172.20.161.6]) by hqpgpgate102.nvidia.com (PGP Universal service); Wed, 09 Jan 2019 00:39:44 -0800 X-PGP-Universal: processed; by hqpgpgate102.nvidia.com on Wed, 09 Jan 2019 00:39:44 -0800 Received: from HQMAIL108.nvidia.com (172.18.146.13) by HQMAIL103.nvidia.com (172.20.187.11) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 9 Jan 2019 08:39:44 +0000 Received: from hqnvemgw02.nvidia.com (172.16.227.111) by HQMAIL108.nvidia.com (172.18.146.13) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 9 Jan 2019 08:39:44 +0000 Received: from prpatel.nvidia.com (Not Verified[10.24.229.63]) by hqnvemgw02.nvidia.com with Trustwave SEG (v7,5,8,10121) id ; Wed, 09 Jan 2019 00:39:44 -0800 From: Prateek Patel To: , , , , , CC: , , , , , , , Sri Krishna chowdary Subject: [PATCH] selinux: avc: mark avc node as not a leak Date: Wed, 9 Jan 2019 14:09:22 +0530 Message-ID: <1547023162-6381-1-git-send-email-prpatel@nvidia.com> X-Mailer: git-send-email 2.7.4 X-NVConfidentiality: public MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1; t=1547023172; bh=d8nk7slwlRpiZg/raOdY1xeZB8HZ56EW4GxJN3oaLI4=; h=X-PGP-Universal:From:To:CC:Subject:Date:Message-ID:X-Mailer: X-NVConfidentiality:MIME-Version:Content-Type; b=hLEsvWQOHdvqppyoGhavWWiwtZHwSrIOoTQRuR78d2ScVatIwkp8OmLC69zts+iBf rsYu5zBXuve4SBmFveLWtpGwKsN55oKASYwIZl5Sc03RASnWufgc1HAJ6fcLTCXyWS k4jxYJkeBhaN2237bCl4Nj/Hq1rNbnsjWVJjOkRfrDUamBVpv2ydK51cEuhLo7IOKI 1PlqVrim5zVM/NoBOy3IirQw2x4hE/+Vy+Jxax+zSGEYfC2QUybzY7jqzFGBvvJIHF 5QhqomtxUsdzzeQOK5ssYb7M725bS95iCtix76TycWyH0bjc8zb/9ztsLv6nWJvpzM UTuAJev+smbpg== Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Sri Krishna chowdary kmemleak detects allocated objects as leaks if not accessed for default scan time. The memory allocated using avc_alloc_node is freed using rcu mechanism when nodes are reclaimed or on avc_flush. So, there is no real leak here and kmemleak_scan detects it as a leak which is false positive. Hence, mark it as kmemleak_not_leak. Following is the log for avc_alloc_node detected as leak: unreferenced object 0xffffffc0dd1a0e60 (size 64): comm "InputDispatcher", pid 648, jiffies 4294944629 (age 698.180s) hex dump (first 32 bytes): ed 00 00 00 ed 00 00 00 17 00 00 00 3f fe 41 00 ............?.A. 00 00 00 00 ff ff ff ff 01 00 00 00 00 00 00 00 ................ backtrace: [] __save_stack_trace+0x24/0x34 [] create_object+0x13c/0x290 [] kmemleak_alloc+0x80/0xbc [] kmem_cache_alloc+0x128/0x1f8 [] avc_alloc_node+0x2c/0x1e8 [] avc_insert+0x38/0x13c [] avc_compute_av+0x4c/0x60 [] avc_has_perm_flags+0x90/0x188 [] sock_has_perm+0x84/0x98 [] selinux_socket_sendmsg+0x1c/0x28 [] security_socket_sendmsg+0x14/0x20 [] sock_sendmsg+0x70/0xc8 [] SyS_sendto+0x140/0x1ec [] el0_svc_naked+0x34/0x38 [] 0xffffffffffffffff Signed-off-by: Sri Krishna chowdary Signed-off-by: Prateek --- security/selinux/avc.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 635e5c1..ecfd0cd 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "avc.h" #include "avc_ss.h" #include "classmap.h" @@ -573,6 +574,7 @@ static struct avc_node *avc_alloc_node(struct selinux_avc *avc) if (!node) goto out; + kmemleak_not_leak(node); INIT_HLIST_NODE(&node->list); avc_cache_stats_incr(allocations);