This patchset backports basically upstream commit 9287aed2
(selinux: Convert isec->lock into a spinlock). This
"fixes a deadlock between selinux and GFS2 when GFS2 invalidates a security label",
see the original discussion at
https://lore.kernel.org/all/1478812710-17190-2-git-send-email-agruenba@redh…
It also contains the follow-up fixes to make this correct.
The first 3 commits (by Andreas) are valuable on their own too as
they fix a documentation bug, avoid partially initialized structs
and (slightly) improve performance while making the code cleaner.
Andreas Gruenbacher (4):
selinux: Minor cleanups
proc: Pass file mode to proc_pid_make_inode
selinux: Clean up initialization of isec->sclass
selinux: Convert isec->lock into a spinlock
Paul Moore (1):
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
Tianyue Ren (1):
selinux: fix error initialization in inode_doinit_with_dentry()
fs/proc/base.c | 23 +++---
fs/proc/fd.c | 6 +-
fs/proc/internal.h | 2 +-
fs/proc/namespaces.c | 3 +-
security/selinux/hooks.c | 123 +++++++++++++++++++-----------
security/selinux/include/objsec.h | 5 +-
security/selinux/selinuxfs.c | 4 +-
7 files changed, 96 insertions(+), 70 deletions(-)
--
2.25.1
This bug is marked as fixed by commit:
net: core: netlink: add helper refcount dec and lock function
net: sched: add helper function to take reference to Qdisc
net: sched: extend Qdisc with rcu
net: sched: rename qdisc_destroy() to qdisc_put()
net: sched: use Qdisc rcu API instead of relying on rtnl lock
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.