| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Jun 2018 17:27:10 +0300
From: Konstantin Khorenko <khorenko@...tuozzo.com>
To: Kirill Gorkunov <kgorkunov@...tuozzo.com>,
Andrey Vagin <avagin@...tuozzo.com>,
Benjamin Coddington <bcodding@...hat.com>,
Jeff Layton <jlayton@...nel.org>,
"J. Bruce Fields" <bfields@...ldses.org>,
Alexander Viro <viro@...iv.linux.org.uk>
Cc: Konstantin Khorenko <khorenko@...tuozzo.com>,
Vasily Averin <vvs@...tuozzo.com>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 0/2] fs/lock: show locks info owned by dead/invisible processes
The behavior has been changed after 9d5b86ac13c5 ("fs/locks: Remove fl_nspid
and use fs-specific l_pid for remote locks")
and now /proc/$PID/fdinfo/$FD does not show the info about the lock
* if the flock owner process is dead and its pid has been already freed
or
* if the lock owner is not visible in current pidns.
CRIU uses this interface to store locks info during dump and thus can break
on v4.13 and newer.
So let's show info about locks anyway in described cases (like it was before
9d5b86ac13c5), but show pid number saved in file_lock struct if we are in
init_pid_ns (patch 1) or just zero otherwise (patch 2) like we do with SID.
Reproducer:
process A process A1 process A2
fork()--------->
exit() open()
flock()
fork()--------->
exit() sleep()
Before the patch:
================
(root@vz7)/: cat /proc/${PID_A2}/fdinfo/3
pos: 4
flags: 02100002
mnt_id: 257
lock: (root@vz7)/:
After the patch:
===============
(root@vz7)/:cat /proc/${PID_A2}/fdinfo/3
pos: 4
flags: 02100002
mnt_id: 295
lock: 1: FLOCK ADVISORY WRITE ${PID_A1} b6:f8a61:529946 0 EOF
===============
# cat flock1.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/file.h>
#include <fcntl.h>
int main(void)
{
int fd;
int err;
pid_t child_pid;
child_pid = fork();
if (child_pid == -1)
perror("fork failed");
if (child_pid) {
exit(0);
}
fd = open("/tmp/a", O_CREAT | O_RDWR);
if (fd == -1)
perror("Failed to open the file");
err = flock(fd, LOCK_EX);
if (err == -1)
perror("flock failed");
child_pid = fork();
if (child_pid == -1)
perror("fork failed");
if (child_pid)
exit(0);
sleep(10000);
return 0;
}
Konstantin Khorenko (2):
fs/lock: skip lock owner pid translation in case we are in init_pid_ns
fs/lock: show locks taken by processes from another pidns
fs/locks.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
--
2.15.1
Powered by blists - more mailing lists