On Fri, Feb 08, 2013 at 01:00:55PM -0800, John Johansen wrote: The patch changed the 'Requires' comment here to mention rcu_read_lock must be held before calling __policy_find(). I've found code paths that appear to ignore this advice (again, using HEAD).
> /**
> * __policy_find - find a policy by @name on a policy list
> * @head: list to search (NOT NULL)
> * @name: name to search for (NOT NULL)
> *
> * Requires: rcu_read_lock be held
> *
> * Returns: unrefcounted policy that match @name or NULL if not found
> */
> static struct aa_policy *__policy_find(struct list_head *head, const char
> *name)
> {
> struct aa_policy *policy;
>
> list_for_each_entry_rcu(policy, head, list) {
> if (!strcmp(policy->name, name))
> return policy;
> }
> return NULL;
> }
profile_load() / profile_replace()
aa_replace_profiles()
aa_prepare_namespace() (locks root->lock)
__aa_find_namespace()
__policy_find()
profile_load() / profile_replace()
aa_replace_profiles()
__lookup_replace()
__lookup_profile()
__find_child()
__policy_find()
profile_remove()
aa_remove_profiles() (locks ns->lock)
__lookup_profile()
__find_child()
__policy_find()
Thanks John
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
