lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 9 Jun 2019 18:38:26 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Kirill Smelkov <kirr@...edi.com>
Cc:     stable@...r.kernel.org, Sasha Levin <sashal@...nel.org>,
        Ben Hutchings <ben@...adent.org.uk>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Miklos Szeredi <miklos@...redi.hu>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4.14 0/2] Fix FUSE read/write deadlock on stream-like
 files

On Sun, Jun 09, 2019 at 12:39:08PM +0000, Kirill Smelkov wrote:
> Hello stable team,
> 
> Please consider applying the following 2 patches to Linux-4.14 stable
> tree. The patches fix regression introduced in 3.14 where both read and
> write started to run under lock taken, which resulted in FUSE (and many
> other drivers) deadlocks for cases where stream-like files are used with
> read and write being run simultaneously.
> 
> Please see complete problem description in upstream commit 10dce8af3422
> ("fs: stream_open - opener for stream-like files so that read and write
> can run simultaneously without deadlock").
> 
> The actual FUSE fix (upstream commit bbd84f33652f "fuse: Add
> FOPEN_STREAM to use stream_open()") was merged into 5.2 with `Cc:
> stable@...r.kernel.org # v3.14+` mark and is already included into 5.1,
> 5.0 and 4.19 stable trees. However for some reason it is not (yet ?)
> included into 4.14, 4.9, 4.4, 3.18 and 3.16 trees.
> 
> The patches fix a real problem into which my FUSE filesystem ran, and
> which also likely affects OSSPD (full details are in the patches
> description). Please consider including the fixes into 4.14 (as well as
> into earlier stable trees - I will send corresponding series separately -
> - one per tree).

Many thanks for these.  I've queued up all but the 3.16 patches (those
are for Ben).

I hadn't done the backport yet, as I didn't know how "severe" this was,
and didn't have the time to do it.  Thanks for making it easy :)

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ