lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20100527044528.GZ31073@ZenIV.linux.org.uk>
Date:	Thu, 27 May 2010 05:45:28 +0100
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Jens Axboe <jens.axboe@...cle.com>
Cc:	Tejun Heo <tj@...nel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Ciprian Docan <docan@...n.rutgers.edu>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] vfs: don't hold s_umount over close_bdev_exclusive() call

On Tue, May 25, 2010 at 10:30:03AM +0200, Jens Axboe wrote:
> On Sat, May 22 2010, Tejun Heo wrote:
> > This patch fixes an obscure AB-BA deadlock in get_sb_bdev().
> > 
> > When a superblock is mounted more than once get_sb_bdev() calls
> > close_bdev_exclusive() to drop the extra bdev reference while holding
> > s_umount.  However, sb->s_umount nests inside bd_mutex during
> > __invalidate_device() and close_bdev_exclusive() acquires bd_mutex
> > during blkdev_put(); thus creating an AB-BA deadlock.
> > 
> > This condition doesn't trigger frequently.  For this condition to be
> > visible to lockdep, the filesystem must occupy the whole device (as
> > __invalidate_device() only grabs bd_mutex for the whole device), the
> > FS must be mounted more than once and partition rescan should be
> > issued while the FS is still mounted.
> > 
> > Fix it by dropping s_umount over close_bdev_exclusive().
> 
> Looks safe to me, since it has (as you note) an elevated ref count.

Ehh...  It's probably OK, but I'm worried about the interplay with
->bd_fsfreeze_mutex logics there ;-/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ