From patchwork Tue May 17 20:59:27 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Bottomley X-Patchwork-Id: 9115231 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 6F11DBF29F for ; Tue, 17 May 2016 20:59:39 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 577DF201DD for ; Tue, 17 May 2016 20:59:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 497C820279 for ; Tue, 17 May 2016 20:59:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751327AbcEQU7e (ORCPT ); Tue, 17 May 2016 16:59:34 -0400 Received: from bedivere.hansenpartnership.com ([66.63.167.143]:54076 "EHLO bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750729AbcEQU7c (ORCPT ); Tue, 17 May 2016 16:59:32 -0400 Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 757918EE0D4; Tue, 17 May 2016 13:59:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hansenpartnership.com; s=20151216; t=1463518770; bh=AUwu0RnhgQ8l4kNd3/eSbIAf8XR+qymLT38B1tO31F4=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=c7t1DSZ1cG/1Qi3c+AE9sywcU83JNIM9BIZBR8Kp2HBsm+BEO9RqXfy+5K2XzqBns Bpx4nDhRCUXID0B8FOWp2JfyLnyqsw0QdM4MxIz4Z82wJFqgBgODuU8ehvTZXcYheY 9wMxDbID+1SKnfG5ZGy5T+jcFBUYCJLb5kPtBUHA= Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RQ7ofBhHhdTD; Tue, 17 May 2016 13:59:30 -0700 (PDT) Received: from [10.59.81.162] (unknown [129.33.205.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id B56CD8EE0CD; Tue, 17 May 2016 13:59:28 -0700 (PDT) Message-ID: <1463518767.13655.2.camel@HansenPartnership.com> Subject: Re: [RFC 1/1] shiftfs: uid/gid shifting bind mount From: James Bottomley To: "Serge E. Hallyn" Cc: Serge Hallyn , Djalal Harouni , Chris Mason , tytso@mit.edu, Serge Hallyn , Josh Triplett , "Eric W. Biederman" , Andy Lutomirski , Seth Forshee , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Dongsu Park , David Herrmann , Miklos Szeredi , Alban Crequy , Al Viro Date: Tue, 17 May 2016 16:59:27 -0400 In-Reply-To: <1463480597.2509.0.camel@HansenPartnership.com> References: <1463080006.2380.39.camel@HansenPartnership.com> <1463080076.2380.40.camel@HansenPartnership.com> <20160516194117.GA29354@ubuntumail> <1463452112.4101.25.camel@HansenPartnership.com> <20160517034712.GA10436@mail.hallyn.com> <1463480597.2509.0.camel@HansenPartnership.com> X-Mailer: Evolution 3.16.5 Mime-Version: 1.0 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Spam-Status: No, score=-8.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Tue, 2016-05-17 at 06:23 -0400, James Bottomley wrote: > On Mon, 2016-05-16 at 22:47 -0500, Serge E. Hallyn wrote: > > On Mon, May 16, 2016 at 10:28:32PM -0400, James Bottomley wrote: > > > On Mon, 2016-05-16 at 19:41 +0000, Serge Hallyn wrote: > > > > Hey James, > > > > > > > > I probably did something wrong - but i applied your patch onto > > > > 4.6, > > > > compiled in shiftfs, did > > > > > > > > mount -t shiftfs -o uidmap=0:100000:65536,gidmap=0:100000:65536 > > > > /home/ubuntu /mnt > > > > > > > > and ls segfaults and gives me kernel syslog msgs like: > > > > > > Hm, it looks to be something IMA related, since the SUSE default > > > is > > > no > > > IMA and this BUG in the filesystem is to do with the IMA version > > > of > > > i_readcount_dec. I'll recompile my kernel to see if I can > > > reproduce. > > > Just in case, what's the underlying filesystem on /home/ubuntu? > > > > It was ext4 > > Thanks. I've got it to reproduce with CONFIG_IMA set ... just > debugging now. OK, I think this is the fix, can you apply on top of what you have (it's two fixes, one for the RCU lookup and the other for the IMA problem). This probably has to be fixed in the VFS, but at least it will prove I've got the correct problem and diagnosis. Thanks, James --- -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/fs/shiftfs.c b/fs/shiftfs.c index d352377..2699b95 100644 --- a/fs/shiftfs.c +++ b/fs/shiftfs.c @@ -525,6 +525,9 @@ static int shiftfs_permission(struct inode *inode, int mask) int err; const struct cred *oldcred, *newcred; + if (mask & MAY_NOT_BLOCK) + return -ECHILD; + oldcred = shiftfs_new_creds(&newcred, inode->i_sb); if (iop->permission) err = iop->permission(reali, mask); @@ -598,6 +601,15 @@ static int shiftfs_release(struct inode *inode, struct file *file) if (sfc->release) err = sfc->release(inode, file); +#ifdef CONFIG_IMA + /* FIXME: IMA calls aren't balanced across ->open ->release + * they occur after ->open and after ->release, so manually + * swizzle here */ + + if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) + i_readcount_dec(sfc->inode); +#endif + file->f_inode = sfc->inode; file->f_op = sfc->inode->i_fop; fops_put(inode->i_fop); @@ -631,6 +643,16 @@ static int shiftfs_open(struct inode *inode, struct file *file) file->f_op = &sfc->fop; file->f_inode = reali; +#ifdef CONFIG_IMA + /* FIXME: IMA calls always operate on a saved copy of the + * inode so they increment the above and decrement the + * underlying. fix that here */ + + if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) + i_readcount_inc(reali); +#endif + + if (fop->open) err = fop->open(reali, file);