[Apparmor-dev] OOPS in fuse_do_setattr()
Luiz Fernando N. Capitulino
lcapitulino at mandriva.com.br
Wed Mar 19 14:12:36 MDT 2008
Em Wed, 19 Mar 2008 09:48:25 -0700
John Johansen <jjohansen at suse.de> escreveu:
| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA1
|
| Luiz Fernando N. Capitulino wrote:
| | Em Tue, 18 Mar 2008 16:03:01 -0700
| | John Johansen <jjohansen at suse.de> escreveu:
| |
| | | -----BEGIN PGP SIGNED MESSAGE-----
| | | Hash: SHA1
| | |
| | | Luiz Fernando N. Capitulino wrote:
| | | | Hello,
| | | |
| | | | A Mandriva user has reported a OOPS which seems to be caused by
| | | | Apparmor. It happens with the apparmor version for 2.6.24 kernels:
| | | |
| | | | """
| | | | BUG: unable to handle kernel NULL pointer dereference at virtual
| address
| | | | 00000148
| | | | printing eip: e0f69e50 *pde = 00000000
| | | | Oops: 0000 [#1] SMP
| | | | Modules linked in: nfs lockd nfs_acl sunrpc fuse af_packet
| snd_seq_dummy
| | | | snd_seq_oss snd_seq_midi_evente
| | | |
| | | | Pid: 4304, comm: rsync Not tainted (2.6.24.3-desktop-3mnb #1)
| | | | EIP: 0060:[<e0f69e50>] EFLAGS: 00010206 CPU: 0
| | | | EIP is at fuse_do_setattr+0x170/0x3b0 [fuse]
| | | | EAX: 000000d8 EBX: df2c9f70 ECX: 00002041 EDX: 000000d8
| | | | ESI: df1018d0 EDI: 00000000 EBP: df2c9f14 ESP: df2c9e20
| | | | DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
| | | | Process rsync (pid: 4304, ti=df2c8000 task=df153740 task.ti=df2c8000)
| | | | Stack: c0146eea df2c9e2c c01e4db8 df2c9e90 df2c9e48 df2c9eb0 000000d8
| | | df2a4000
| | | | dee44800 df1018d0 00000000 00000000 00000000 00000000 00000000
| | | 00000000
| | | | 00000000 00000000 00000000 00000000 00000000 00000000 00000000
| | | 00000000
| | | | Call Trace:
| | | | [<c010645a>] show_trace_log_lvl+0x1a/0x30
| | | | [<c010651b>] show_stack_log_lvl+0xab/0xd0
| | | | [<c01065fd>] show_registers+0xbd/0x1c0
| | | | [<c010682e>] die+0x12e/0x260
| | | | [<c012287f>] do_page_fault+0x33f/0x650
| | | | [<c0344c7a>] error_code+0x72/0x78
| | | | [<e0f6a0a1>] fuse_setattr+0x11/0x30 [fuse]
| | | | [<c01a2d70>] notify_change+0x110/0x420
| | | | [<c018d53c>] sys_fchmod+0xbc/0xf0
| | | | [<c010532e>] sysenter_past_esp+0x6b/0xa1
| | | | =======================
| | | | Code: 00 00 85 ff 0f 84 7e 01 00 00 66 f7 c1 00 a0 0f 84 73 01 00 00
| | | 8d b6 00
| | | | 00 00 00 8b 85 24 ff ff f
| | | | EIP: [<e0f69e50>] fuse_do_setattr+0x170/0x3b0 [fuse] SS:ESP
| 0068:df2c9e20
| | | | ---[ end trace 50a1735debb7586e ]---
| | | | """
| | | |
| | | | I can reproduce it quite easily with the following script:
| | | |
| | | | """
| | | | #!/bin/sh
| | | |
| | | | NFS_FILE=ntfs.fs
| | | | MOUNT_P=/mnt/temp
| | | | CP_SOURCE=/usr/
| | | |
| | | | sync
| | | |
| | | | dd if=/dev/zero of=$NFS_FILE bs=1M count=256
| | | | mkfs.ntfs -F $NFS_FILE 1> /dev/null
| | | | mount $NFS_FILE $MOUNT_P -t ntfs-3g
| | | |
| | | | mount | grep $NFS_FILE
| | | |
| | | | echo
| | | | echo mounted, trying to copy files
| | | |
| | | | rsync -a $CP_SOURCE $MOUNT_P
| | | | """
| | | |
| | | | I think it's because of apparmor because I can't reproduce with
| | | | a kernel compiled with no apparmor patches.
| | | |
| | | | But I didn't check the current 'for-mainline' patches yet.
| | | |
| | | | Is this problem a know issue?
| | | |
| | | Sadly it is, and has been fixed in the for-mainline development branch,
| | | but the fix hasn't been released for AppArmor 2.1 yet. There is a 2.1.3
| | | release coming, hopefully this week, that will address this bug.
| |
| | Do you know what patch has the fix? If yes, could you tell me what
| | it's so that I can try to backport the fix?
| |
| | We have about ten days to release our last kernel to be included
| | in the official distro and I'm afraid we won't have enough time
| | for testing.
| |
| | Thanks for the help.
| |
| The problem stems from FUSE, and a few other filesystems unconditionally
| using ia_file if available and not checking the file type. This causes
| them to break on special files.
|
| The fix is based on some patches from Miklos Szeredi (Fuse
| developer). Specifically fgetattr.diff, fsetattr.diff.
| The fsetattr-reintro-ATTR_FILE.diff then adds back in a
| the ATTR_FILE which is needed to distinguish notify_change
| events. The file-handle-ops.diff patch then needs to be updated
| to handle the changes from the previous patches.
|
| I had been planning on reworking the patches for 2.1.3 so that they
| just patched Fuse, and the other filesystems, to check the file type,
| which seemed better than introducing another vfs change for the 2.1.3
| maintenance branch, but in the end I just may stick with the
| fsetattr.diff approach.
|
| For now at least I have introduced the patches into the 2.1 tree, and
| committed. So you should only have to pull from the svn
|
| https://forgesvn1.novell.com/svn/apparmor/branches/2_1/kernel-patches/2.6.24/
Nice. I've tested it and seems to be working fine.
Thank you very much John.
--
Luiz Fernando N. Capitulino
More information about the Apparmor-dev
mailing list