On 2025/09/07 16:35, Tetsuo Handa wrote:
> On 2025/09/05 2:52, Paul Moore wrote:
>> + if (!str) {
>> + str = str_tmp;
>> + len = len_tmp - 1;
>
> This needs to be
>
> len = len_tmp - 1;
> mb();
> str = str_tmp;
>
> , or concurrent access might reach simple_read_from_buffer()
> with str != 0 and len == 0. (If you don't want mb(), you can use
>
> - if (unlikely(!str)) {
> + if (unlikely(!str || !len)) {
>
> instead).
Well, memory barrier is more complicated; it will be
len = len_tmp - 1;
wmb();
str = str_tmp;
and
}
rmb();
return simple_read_from_buffer(buf, count, ppos, str, len);
pair.
Just splitting the whole { } block that follows "if (unlikely(!str))"
out as an initcall function is much simpler; no need to use spinlock
(because the userspace threads has not started yet), no need to worry
about kmalloc() failure (because the allocation failure will panic()
because the userspace threads has not started yet), and the memory size
saved by use of __init function will be larger than the memory size
wasted by /sys/kernel/security/lsm being never accessed...
