Fwd: the NULL deref on umount in the 3.9.0-rc7 kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



FYI

-------- Original Message --------
Subject: 	the NULL deref on umount in the 3.9.0-rc7 kernel
Date: 	Thu, 18 Apr 2013 15:37:36 +0400
From: 	alexey.kodanev@xxxxxxxxxx
Organization: 	Oracle Corporation
To: 	Tejun Heo <tj@xxxxxxxxxx>, Li Zefan <lizefan@xxxxxxxxxx>
CC: Dan Carpenter <dan.carpenter@xxxxxxxxxx>, cgroups@xxxxxxxxxxxxxxx, containers@xxxxxxxxxxxxxxxxxxxxxxxxxx



Hi All

I would like to report the NULL deref on umount. Tested it in linux
kernel 3.7.10 and it's still in the 3.9.0-rc7.

Test-case description:
Mount cgroup filesystem with xattr option and create inside root cgroup
another hierarchy.
Then set extended attribute to any files within root hierarchy or sub
hierarchie.
Then remove (rmdir) sub hierarchy and call umount cgroup filesystem.
Afterthat, umount crash the kernel.

Also, if you don't remove sub hierarchy (steps 1.4&  2.9 in examples
below), calling umount will produce nothing except that cgroup
filesystem will be unmounted (no cgroup files in the directory) but with
error: cgroups continue working, while call mount again to get control
access to running cgroups will produce error, such as filesystem is
already mounted, but in /proc/mounts you don't have such mount point.
And there is no way to get control access back to the running cgroups,
except for reboot.

Here are some manual methods which will reproduce Linux crash.

1. One way to reproduce this fault:

     1.1% mount -t cgroup cgroot_test -o xattr /sys/fs/cgroup

     1.2% mkdir /sys/fs/cgroup/test_subsys

     1.3% setfattr -n trusted.value -v test_value /sys/fs/cgroup/tasks

     1.4% rmdir /sys/fs/cgroup/test_subsys

     1.5% umount cgroot_test


2. Another way:

     2.1% mount -t tmpfs cgroup_root /sys/fs/cgroup

     2.2% mkdir /sys/fs/cgroup/rg1

     2.3% mount -t cgroup -o cpuset,xattr hier1 /sys/fs/cgroup/rg1

     2.4% cd /sys/fs/cgroup/rg1

     2.5% mkdir test_subsys

     2.6% setfattr -n trusted.value -v test_value ./tasks

     2.7% setfattr -n trusted.value -v test_value ./test_subsys

     2.8% setfattr -n trusted.value -v test_value ./test_subsys/tasks

     2.9% rmdir test_subsys

     2.10% cd ../

     2.11% umount hier1

Thanks,
Alexey Kodanev


--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]     [Monitors]

  Powered by Linux