[apparmor] [PATCH 21/36] apparmor: baby step - now add labels to the labelset trees
Seth Arnold
seth.arnold at canonical.com
Tue May 21 23:48:05 UTC 2013
On Wed, May 01, 2013 at 02:31:06PM -0700, John Johansen wrote:
> Just add the labels to the tree to make sure insertions and deletions
> into the rb tree are working.
> @@ -1330,6 +1347,8 @@ ssize_t aa_remove_profiles(char *fqname, size_t size)
> }
> name = profile->base.hname;
> __remove_profile(profile);
> + aa_label_remove(&ns->labels, &profile->label);
> + __aa_labelset_invalidate_all(ns, profile);
> mutex_unlock(&ns->lock);
> }
__remove_profile() may already call __aa_label_remove():
__remove_profile()
__list_remove_profile()
aa_put_profile()
aa_label_kref()
__aa_label_remove()
As a result of __remove_profile(), I believe that the next reference to
&profile->label may even be invalid:
...
aa_label_kref()
label_free_rcu()
aa_free_profile()
kzfree()
I guess the RCU mechanisms might mean that the data wouldn't actually
be reaped until after the above code has already run to completion --
I really should re-read the RCU paper -- but the mixing of cleanup
operations in current context vs in RCU callback is a bit more subtle
than me. :)
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130521/644107c0/attachment.pgp>
More information about the AppArmor
mailing list