lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c80528c2-31ee-ccfc-127b-66bc7f93b669@cn.fujitsu.com>
Date:   Thu, 21 Nov 2019 13:51:31 +0800
From:   Cao jin <caoj.fnst@...fujitsu.com>
To:     Masayoshi Mizuma <msys.mizuma@...il.com>,
        Miklos Szeredi <miklos@...redi.hu>,
        <linux-fsdevel@...r.kernel.org>
CC:     Masayoshi Mizuma <m.mizuma@...fujitsu.com>,
        <linux-kernel@...r.kernel.org>, <virtio-fs@...hat.com>
Subject: Re: [PATCH] fuse: Fix the return code of fuse_direct_IO() to deal
 with the error for aio

On 11/18/19 10:24 AM, Masayoshi Mizuma wrote:
> From: Masayoshi Mizuma <m.mizuma@...fujitsu.com>
> 
> exit_aio() is sometimes stuck in wait_for_completion() after aio is issued
> with direct IO and the task receives a signal.
> 
> That is because kioctx in mm->ioctx_table is in use by aio_kiocb.
> aio_kiocb->ki_refcnt is 1 at that time. That means iocb_put() isn't
> called correctly.
> 
> fuse_get_req() returns as -EINTR when it's blocked and receives a signal.
> fuse_direct_IO() deals with the -EINTER as -EIOCBQUEUED and returns as
> -EIOCBQUEUED even though the aio isn't queued.
> As the result, aio_rw_done() doesn't handle the error, so iocb_put() isn't
> called via aio_complete_rw(), which is the callback.
> 
> The flow is something like as:
> 
>   io_submit
>     aio_get_req
>       refcount_set(&req->ki_refcnt, 2)
>     __io_submit_one
>       aio_read
>       ...
>         fuse_direct_IO # return as -EIOCBQUEUED
>           __fuse_direct_read
>           ...
>             fuse_get_req # return as -EINTR
>         aio_rw_done
>           # Nothing to do because ret is -EIOCBQUEUED...
>     iocb_put
>       refcount_dec_and_test(&iocb->ki_refcnt) # 2->1
> 
> Return as the error code of fuse_direct_io() or __fuse_direct_read() in
> fuse_direct_IO() so that aio_rw_done() can handle the error and call
> iocb_put().
> 
> This issue is trucked as a virtio-fs issue:
> https://gitlab.com/virtio-fs/qemu/issues/14
> 

I didn't reproduce this issue on kernel v5.4-rc7, but did on 5.4-rc8.
And verified this patch fixed the case in issue 14 on v5.4-rc8 and
virtiofsd (virtio-fs-dev 5f068fa9).

Tested-by: Cao jin <caoj.fnst@...fujitsu.com>
-- 
Sincerely,
Cao jin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ