lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <63df45984a1a7fe5998861abd3210b781662d7f9.camel@web.de>
Date: Mon, 09 Dec 2024 13:53:57 +0100
From: Bert Karwatzki <spasswolf@....de>
To: Jan Kara <jack@...e.cz>
Cc: Josef Bacik <josef@...icpanda.com>, linux-kernel@...r.kernel.org, 
	kernel-team@...com, linux-fsdevel@...r.kernel.org, amir73il@...il.com, 
	brauner@...nel.org, torvalds@...ux-foundation.org, viro@...iv.linux.org.uk,
 	linux-xfs@...r.kernel.org, linux-btrfs@...r.kernel.org,
 linux-mm@...ck.org, 	linux-ext4@...r.kernel.org, spasswolf@....de
Subject: Re: commit 0790303ec869 leads to cpu stall without
 CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

Am Montag, dem 09.12.2024 um 13:26 +0100 schrieb Jan Kara:
> On Mon 09-12-24 13:11:04, Jan Kara wrote:
> > > Then I took a closer look at the function called in the problematic code
> > > and noticed that fsnotify_file_area_perm(), is a NOOP when
> > > CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set (which was the case in my
> > > .config). This also explains why this was not found before, as
> > > distributional .config file have this option enabled.  Setting the option
> > > to y solves the issue, too
> >
> > Well, I agree with you on all the points but the real question is, how come
> > the test FMODE_FSNOTIFY_HSM(file->f_mode) was true on our kernel when you
> > clearly don't run HSM software, even more so with
> > CONFIG_FANOTIFY_ACCESS_PERMISSIONS disabled. That's the real cause of this
> > problem. Something fishy is going on here... checking...
> >
> > Ah, because I've botched out file_set_fsnotify_mode() in case
> > CONFIG_FANOTIFY_ACCESS_PERMISSIONS is disabled. This should fix the
> > problem:
> >
> > index 1a9ef8f6784d..778a88fcfddc 100644
> > --- a/include/linux/fsnotify.h
> > +++ b/include/linux/fsnotify.h
> > @@ -215,6 +215,7 @@ static inline int fsnotify_open_perm(struct file *file)
> >  #else
> >  static inline void file_set_fsnotify_mode(struct file *file)
> >  {
> > +       file->f_mode |= FMODE_NONOTIFY_PERM;
> >  }
> >
> > I'm going to test this with CONFIG_FANOTIFY_ACCESS_PERMISSIONS disabled and
> > push out a fixed version. Thanks again for the report and analysis!
>
> So this was not enough, What we need is:
> index 1a9ef8f6784d..778a88fcfddc 100644
> --- a/include/linux/fsnotify.h
> +++ b/include/linux/fsnotify.h
> @@ -215,6 +215,10 @@ static inline int fsnotify_open_perm(struct file *file)
>  #else
>  static inline void file_set_fsnotify_mode(struct file *file)
>  {
> +	/* Is it a file opened by fanotify? */
> +	if (FMODE_FSNOTIFY_NONE(file->f_mode))
> +		return;
> +	file->f_mode |= FMODE_NONOTIFY_PERM;
>  }
>
> This passes testing for me so I've pushed it out and the next linux-next
> build should have this fix.
>
> 								Honza

I had "mixed success" with your first fix, out of 4 boots I got 2 hangs, but the
new version seems to work fine (4 boots, zero hangs).

Bert Karwatzki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ