On Thu, Dec 12, 2024 at 10:09 AM Lance Yang <ioworker0@xxxxxxxxx> wrote: > > CC+ Andrew > CC+ David > CC+ Matthew > CC+ Barry > CC+ Ryan > > > Regular file-system drivers handles everything internally but FUSE on > > the other hands, > > delegate the file system operation to a user process ( FUSE server ) > > If the FUSE server is turning bad, you don't want to reload right? > > To me, it makes sense to reload the system if HUNG_TASK_PANIC is > enabled. Doing so allows me to notice the issue in time and resolve it > through the kernel dump, IHMO. > Going thru the kdump and extract the gcore of the FUSE server is a bit convoluted. Maybe we should SIGABRT the server directly then? > > > > A non-privileged user can potentially exploit this flaw and trigger a > > reload. I'm > > surprised that this didn't get flagged before ( maybe I'm missing something ? ) > > IMO this is why I think something needs to be done for the stable > > branch as well. > > AFAIK, besides this, a non-privileged user has other ways to cause some > processes to stay in the D state for a long period of time. > On older releases it used to be possible to trip the timer by banging on some USB devices but I believe this is fixed. Do you have an example? > > > > > > > > If HUNG_TASK_PANIC is set, we should do a reload when a hung task is detected; > > > this is working as expected IHMO. > > Say when your browser hangs on your system, do you reload? FUSE server > > is just another > > process. > > Hmm... the choice to enable HUNG_TASK_PANIC should be up to the user, while > the decision to reload the system should be up to the hung task detector ;) > > Thanks a lot for including me. It seems like we're not on the same page and I'm > also not a FUSE expert. So, let's hear the views of others. > > Thanks, > Lance > > thanks, Etienne
