summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2020-01-02 12:53:49 +0900
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2020-02-05 21:22:41 +0000
commit99652ee9c51669706216af7b6a32b4b792263c95 (patch)
tree2f0d9c8d24fb081062a71d518425c49c5a46fc90 /security
parent81b3fd0cb4216fe3027be8c4b57d68c1c7e0dfb7 (diff)
downloadlinux-stable-99652ee9c51669706216af7b6a32b4b792263c95.tar.gz
linux-stable-99652ee9c51669706216af7b6a32b4b792263c95.tar.bz2
linux-stable-99652ee9c51669706216af7b6a32b4b792263c95.zip
tomoyo: Use atomic_t for statistics counter
commit a8772fad0172aeae339144598b809fd8d4823331 upstream. syzbot is reporting that there is a race at tomoyo_stat_update() [1]. Although it is acceptable to fail to track exact number of times policy was updated, convert to atomic_t because this is not a hot path. [1] https://syzkaller.appspot.com/bug?id=a4d7b973972eeed410596e6604580e0133b0fc04 Reported-by: syzbot <syzbot+efea72d4a0a1d03596cd@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/common.c11
1 files changed, 4 insertions, 7 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index c36bafbcd77e..1b467381986f 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -2322,9 +2322,9 @@ static const char * const tomoyo_memory_headers[TOMOYO_MAX_MEMORY_STAT] = {
[TOMOYO_MEMORY_QUERY] = "query message:",
};
-/* Timestamp counter for last updated. */
-static unsigned int tomoyo_stat_updated[TOMOYO_MAX_POLICY_STAT];
/* Counter for number of updates. */
+static atomic_t tomoyo_stat_updated[TOMOYO_MAX_POLICY_STAT];
+/* Timestamp counter for last updated. */
static time64_t tomoyo_stat_modified[TOMOYO_MAX_POLICY_STAT];
/**
@@ -2336,10 +2336,7 @@ static time64_t tomoyo_stat_modified[TOMOYO_MAX_POLICY_STAT];
*/
void tomoyo_update_stat(const u8 index)
{
- /*
- * I don't use atomic operations because race condition is not fatal.
- */
- tomoyo_stat_updated[index]++;
+ atomic_inc(&tomoyo_stat_updated[index]);
tomoyo_stat_modified[index] = ktime_get_real_seconds();
}
@@ -2360,7 +2357,7 @@ static void tomoyo_read_stat(struct tomoyo_io_buffer *head)
for (i = 0; i < TOMOYO_MAX_POLICY_STAT; i++) {
tomoyo_io_printf(head, "Policy %-30s %10u",
tomoyo_policy_headers[i],
- tomoyo_stat_updated[i]);
+ atomic_read(&tomoyo_stat_updated[i]));
if (tomoyo_stat_modified[i]) {
struct tomoyo_time stamp;