On Fri, Jun 10, 2011 at 05:47:38PM +0400, Vasily Novikov wrote: > The issue is still reproduced on ubuntu 11.04: > > $ uname -a > Linux user-virtual-machine 2.6.38.2 #16 SMP Wed Jun 8 14:40:03 MSD 2011 > i686 i686 i386 GNU/Linux > $ g++ fanotify.c -o fanotify -lpthread > $ sudo su > $ ulimit -c unlimited > $ ./fanotify -o open_perm -C -m / > > In other console: > $ ls > > Then machine is dead. I could reproduce this with the sample code you provided. The problem could be avoided by setting FMODE_NONOTIFY flag when the core dump file is opened (see do_coredump() in fs/exec.c). This would tell fanotify not to create any event. But in recent kernel code if the flag is passed to filp_open() it is deleted by the call to build_open_flags(). This is done to ensure that userspace wont ever be able to set this flag and bypass the file permissions checks. Maybe we should not delete FMODE_NONOTIFY in filp_open() but somewhere at a higher level, before filp_open() is called. With this we could also allow other callers of filp_open() to tell fanotify not to create any file access events for the opened file. But we should really make sure that this is not possible from userspace. Eric what do you think? -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
