| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Aug 2018 11:20:04 +0300
From: Konstantin Khorenko <khorenko@...tuozzo.com>
To: Murphy Zhou <jencce.kernel@...il.com>
Cc: Kirill Gorkunov <kgorkunov@...tuozzo.com>,
Andrey Vagin <avagin@...tuozzo.com>,
Benjamin Coddington <bcodding@...hat.com>,
Jeff Layton <jlayton@...nel.org>,
"J. Bruce Fields" <bfields@...ldses.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Vasily Averin <vvs@...tuozzo.com>,
Linux-Fsdevel <linux-fsdevel@...r.kernel.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/2] fs/lock: show locks info owned by dead/invisible
processes
On 08/09/2018 10:16 AM, Murphy Zhou wrote:
> Hi,
>
> Looks like this missed v4.18 ?
Hi Murphy,
yes, Jeff planned to push those patches into 4.19 and they are in "linux-next" now,
but not in 4.18 "master" currently.
On 06/14/2018 01:41 PM, Jeff Layton wrote:
> These look fine to me. I'll plan to pick them up for v4.19 unless anyone
> has objections.
linux-next:
1cf8e5de4055 ("fs/lock: show locks taken by processes from another pidns")
826d7bc9f013 ("fs/lock: skip lock owner pid translation in case we are in init_pid_ns")
--
Best regards,
Konstantin Khorenko,
Virtuozzo Linux Kernel Team
> On Fri, Jun 8, 2018 at 10:27 PM, Konstantin Khorenko
> <khorenko@...tuozzo.com> wrote:
>> The behavior has been changed after 9d5b86ac13c5 ("fs/locks: Remove fl_nspid
>> and use fs-specific l_pid for remote locks")
>> and now /proc/$PID/fdinfo/$FD does not show the info about the lock
>> * if the flock owner process is dead and its pid has been already freed
>> or
>> * if the lock owner is not visible in current pidns.
>>
>> CRIU uses this interface to store locks info during dump and thus can break
>> on v4.13 and newer.
>>
>> So let's show info about locks anyway in described cases (like it was before
>> 9d5b86ac13c5), but show pid number saved in file_lock struct if we are in
>> init_pid_ns (patch 1) or just zero otherwise (patch 2) like we do with SID.
>>
>> Reproducer:
>> process A process A1 process A2
>> fork()--------->
>> exit() open()
>> flock()
>> fork()--------->
>> exit() sleep()
>>
>> Before the patch:
>> ================
>> (root@vz7)/: cat /proc/${PID_A2}/fdinfo/3
>> pos: 4
>> flags: 02100002
>> mnt_id: 257
>> lock: (root@vz7)/:
>>
>> After the patch:
>> ===============
>> (root@vz7)/:cat /proc/${PID_A2}/fdinfo/3
>> pos: 4
>> flags: 02100002
>> mnt_id: 295
>> lock: 1: FLOCK ADVISORY WRITE ${PID_A1} b6:f8a61:529946 0 EOF
>>
>> ===============
>> # cat flock1.c
>>
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <unistd.h>
>> #include <sys/types.h>
>> #include <sys/stat.h>
>> #include <sys/file.h>
>> #include <fcntl.h>
>>
>> int main(void)
>> {
>> int fd;
>> int err;
>> pid_t child_pid;
>>
>> child_pid = fork();
>> if (child_pid == -1)
>> perror("fork failed");
>> if (child_pid) {
>> exit(0);
>> }
>>
>> fd = open("/tmp/a", O_CREAT | O_RDWR);
>> if (fd == -1)
>> perror("Failed to open the file");
>>
>> err = flock(fd, LOCK_EX);
>> if (err == -1)
>> perror("flock failed");
>>
>> child_pid = fork();
>> if (child_pid == -1)
>> perror("fork failed");
>> if (child_pid)
>> exit(0);
>>
>> sleep(10000);
>>
>> return 0;
>> }
>>
>> Konstantin Khorenko (2):
>> fs/lock: skip lock owner pid translation in case we are in init_pid_ns
>> fs/lock: show locks taken by processes from another pidns
>>
>> fs/locks.c | 15 ++++++++++-----
>> 1 file changed, 10 insertions(+), 5 deletions(-)
>>
>> --
>> 2.15.1
>>
> .
>
Powered by blists - more mailing lists