[Apparmor-dev] OOPS in fuse_do_setattr()

Wed Mar 19 07:13:21 MDT 2008

Em Tue, 18 Mar 2008 16:03:01 -0700
John Johansen <jjohansen at suse.de> escreveu:

| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA1
| 
| Luiz Fernando N. Capitulino wrote:
| |  Hello,
| |
| |  A Mandriva user has reported a OOPS which seems to be caused by
| | Apparmor. It happens with the apparmor version for 2.6.24 kernels:
| |
| | """
| | BUG: unable to handle kernel NULL pointer dereference at virtual address
| | 00000148
| | printing eip: e0f69e50 *pde = 00000000
| | Oops: 0000 [#1] SMP
| | Modules linked in: nfs lockd nfs_acl sunrpc fuse af_packet snd_seq_dummy
| | snd_seq_oss snd_seq_midi_evente
| |
| | Pid: 4304, comm: rsync Not tainted (2.6.24.3-desktop-3mnb #1)
| | EIP: 0060:[<e0f69e50>] EFLAGS: 00010206 CPU: 0
| | EIP is at fuse_do_setattr+0x170/0x3b0 [fuse]
| | EAX: 000000d8 EBX: df2c9f70 ECX: 00002041 EDX: 000000d8
| | ESI: df1018d0 EDI: 00000000 EBP: df2c9f14 ESP: df2c9e20
| |  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
| | Process rsync (pid: 4304, ti=df2c8000 task=df153740 task.ti=df2c8000)
| | Stack: c0146eea df2c9e2c c01e4db8 df2c9e90 df2c9e48 df2c9eb0 000000d8
| df2a4000
| |        dee44800 df1018d0 00000000 00000000 00000000 00000000 00000000
| 00000000
| |        00000000 00000000 00000000 00000000 00000000 00000000 00000000
| 00000000
| | Call Trace:
| |  [<c010645a>] show_trace_log_lvl+0x1a/0x30
| |  [<c010651b>] show_stack_log_lvl+0xab/0xd0
| |  [<c01065fd>] show_registers+0xbd/0x1c0
| |  [<c010682e>] die+0x12e/0x260
| |  [<c012287f>] do_page_fault+0x33f/0x650
| |  [<c0344c7a>] error_code+0x72/0x78
| |  [<e0f6a0a1>] fuse_setattr+0x11/0x30 [fuse]
| |  [<c01a2d70>] notify_change+0x110/0x420
| |  [<c018d53c>] sys_fchmod+0xbc/0xf0
| |  [<c010532e>] sysenter_past_esp+0x6b/0xa1
| |  =======================
| | Code: 00 00 85 ff 0f 84 7e 01 00 00 66 f7 c1 00 a0 0f 84 73 01 00 00
| 8d b6 00
| | 00 00 00 8b 85 24 ff ff f
| | EIP: [<e0f69e50>] fuse_do_setattr+0x170/0x3b0 [fuse] SS:ESP 0068:df2c9e20
| | ---[ end trace 50a1735debb7586e ]---
| | """
| |
| |  I can reproduce it quite easily with the following script:
| |
| | """
| | #!/bin/sh
| |
| | NFS_FILE=ntfs.fs
| | MOUNT_P=/mnt/temp
| | CP_SOURCE=/usr/
| |
| | sync
| |
| | dd if=/dev/zero of=$NFS_FILE bs=1M count=256
| | mkfs.ntfs -F $NFS_FILE 1> /dev/null
| | mount $NFS_FILE $MOUNT_P -t ntfs-3g
| |
| | mount | grep $NFS_FILE
| |
| | echo
| | echo mounted, trying to copy files
| |
| | rsync -a $CP_SOURCE $MOUNT_P
| | """
| |
| |  I think it's because of apparmor because I can't reproduce with
| | a kernel compiled with no apparmor patches.
| |
| |  But I didn't check the current 'for-mainline' patches yet.
| |
| |  Is this problem a know issue?
| |
| Sadly it is, and has been fixed in the for-mainline development branch,
| but the fix hasn't been released for AppArmor 2.1 yet.  There is a 2.1.3
| release coming, hopefully this week, that will address this bug.

 Do you know what patch has the fix? If yes, could you tell me what
it's so that I can try to backport the fix?

 We have about ten days to release our last kernel to be included
in the official distro and I'm afraid we won't have enough time
for testing.

 Thanks for the help.

-- 
Luiz Fernando N. Capitulino