Hello Matthew,
Matthew Riley:
> I've hit an instance of a bug that was hypothesized here:
> http://sourceforge.net/p/aufs/mailman/aufs-users/thread/20120723152336.GB1894%40decadent.org.uk/
>
> The LSM called by security_mmap_file in aufs_mmap can attempt to take
> mmap_sem, in which case the thread deadlocks. The particular offender
> here is IMA, which ends up calling audit_log_task_info, which tries to
> get mmap_sem here:
I see.
That is a real bug due to aufs.
> This commit took security_mmap_file out of mmap_sem elsewhere in the kernel.
Yes.
That started the discussion between me and Ben Hutchings (as the url you
mentioned). If you are interested, you can also read the histroy in aufs
betwee 3.4 and 3.5 by these commits.
f62e498 2012-07-29 version 3.5
6608a07 2012-07-29 aufs: aufs_mmap() calls security_mmap_file() directly
66ecc70 2012-07-24 Revert "aufs: cosmetics for aufs_mmap()"
7573c5b 2012-07-24 Revert "aufs: for 3.5-rcN, new au_security_file_mmap() 1/2"
c3a3e02 2012-07-24 Revert "aufs: for 3.5-rcN, call au_security_file_mmap() 2/2"
ad02614 2012-06-13 aufs: for 3.5-rcN, call au_security_file_mmap() 2/2
aa29a06 2012-06-13 aufs: for 3.5-rcN, new au_security_file_mmap() 1/2
b028c62 2012-06-08 aufs: cosmetics for aufs_mmap()
f9ddc8c 2012-06-08 aufs: tiny, replace pr_warning() by pr_warn()
a1d9363 2012-06-08 aufs: for 3.5-rcN, security_mmap_file()
:::
f84481e 2012-05-21 version 3.4
> None of the other file systems in the Linux kernel call
> security_mmap_file. Why does aufs?
The reason is that aufs has several characters or aspects including
- a filesystem, callee of VFS helper
- sub-VFS, caller of VFS helper for branches
Usually the first aspect is called a filesystem, and I understand this
is what you mean. In this case, VFS calls aufs_mmap() for "/aufs/fileA".
For the second aspect, aufs behaves as VFS for its branch filesystems.
In this case, aufs calls the branch fs's mmap() for "/branch/fileA".
I hope this descirption is the answer for your question.
Now I am considering these two approaches...
- revert again and aufs calls security_file_mmap() from different
context. I don't like it.
- stop calling security_file_mmap() at all. I don't like it either.
If you (or anyone) have a good idea, please let me know.
Thanx for the bug report
J. R. Okajima
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos. Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
