linux-audit.redhat.com archive mirror
 help / color / mirror / Atom feed
From: Paul Moore <paul@paul-moore.com>
To: Serhei Makarov <smakarov@redhat.com>
Cc: Jerome Marchand <jmarchan@redhat.com>,
	Daniel Borkmann <daniel@iogearbox.net>,
	ast@kernel.org, Frank Eigler <fche@redhat.com>,
	linux-audit@redhat.com, bpf@vger.kernel.org,
	Jiri Olsa <jolsa@redhat.com>,
	guro@fb.com
Subject: Re: deadlock bug related to bpf,audit subsystems
Date: Thu, 18 Mar 2021 13:44:16 -0400	[thread overview]
Message-ID: <CAHC9VhRMsWJmRr=OZ7FSj2sBmNRJHKNGMPv5nLY6RGX_dxroPA@mail.gmail.com> (raw)
In-Reply-To: <CANYvDQOH5ZDpQBAHtz13YNiJ2Bhd56wnoas71UdYco62g-xBDg@mail.gmail.com>

On Thu, Mar 18, 2021 at 12:57 PM Serhei Makarov <smakarov@redhat.com> wrote:
> On Thu, Mar 18, 2021 at 10:43 AM Serhei Makarov <smakarov@redhat.com> wrote:
> > Jiri Olsa also reports seeing a similar deadlock at v5.10. I'm in the
> > middle of double-checking my bisection which ended up at a
> > seemingly-unrelated commit [2]
> >
> > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1938312
> > [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.11-rc7&id=2dcb3964544177c51853a210b6ad400de78ef17d
>
> I've confirmed that my first bisection was incorrect by testing
> @1c2f67308af4 mm: thp: fix MADV_REMOVE deadlock on shmem THP
> and reproducing the deadlock. Previously this commit was marked as
> good, so it seems a kernel with the bug can sometimes pass the test.
>
> I'll double check rc6 next since I have the kernel handy. If
> 5.11.0-rc6 can also be made to fail, with Jiri Olsa's report it'd be
> necessary to do a wider search.
> There may be commits with intent similar to
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8d92db5c04d103
> which tightened some of the behaviour of kernel reads, but affecting
> the audit subsystem?
> The actual stack trace that leads to deadlock goes through
> security_locked_down() which was present since the original patch
> reworking probe_read into separate probe_read_{user,kernel} helpers
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.11-rc7&id=6ae08ae3dea2

Added thee SELinux list to the To/CC line; they should really be
involved.  I'm also CC'ing the LSM list for good measure as there may
be other people that care about this.

FYI, the first instance of this thread that I saw can be found here
via the linux-audit list:

https://lore.kernel.org/linux-audit/CANYvDQN7H5tVp47fbYcRasv4XF07eUbsDwT_eDCHXJUj43J7jQ@mail.gmail.com/

-- 
paul moore
www.paul-moore.com

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit


  reply	other threads:[~2021-03-18 17:45 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <2ed7a55e-7def-7faf-fc47-991b867bff9e@iogearbox.net>
     [not found] ` <CANYvDQOfygmqv0V-1PuzXV8ZFzk0uD566oEF3v9uX21G4fSFKg@mail.gmail.com>
     [not found]   ` <1e410caf-019a-ade7-465d-3d936d2f7dc6@iogearbox.net>
     [not found]     ` <5845cef9-5aaf-f85e-8280-472f61ddaeed@iogearbox.net>
     [not found]       ` <CANYvDQNCKmEy9ZzPRvhNYvK0=TKk1pRS=seUuAkby92ic8tVqw@mail.gmail.com>
     [not found]         ` <f97bd923-bf12-69a0-f0a8-c9a764abbed2@iogearbox.net>
     [not found]           ` <YFIwzhE00OpU1zro@krava>
     [not found]             ` <ff0db44e-aa55-da94-785f-ba10792a5ae1@iogearbox.net>
     [not found]               ` <YFKOeGqUwBPTkPzT@krava>
     [not found]                 ` <61494cfb-1ceb-4886-3023-1ac0b35697d6@iogearbox.net>
     [not found]                   ` <YFM+Ijeu4bN4IzH1@krava>
2021-03-18 14:43                     ` deadlock bug related to bpf,audit subsystems Serhei Makarov
2021-03-18 16:43                       ` Serhei Makarov
2021-03-18 17:44                         ` Paul Moore [this message]
2021-03-18 17:45                           ` Paul Moore
2021-03-18 18:19                             ` Paul Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHC9VhRMsWJmRr=OZ7FSj2sBmNRJHKNGMPv5nLY6RGX_dxroPA@mail.gmail.com' \
    --to=paul@paul-moore.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=fche@redhat.com \
    --cc=guro@fb.com \
    --cc=jmarchan@redhat.com \
    --cc=jolsa@redhat.com \
    --cc=linux-audit@redhat.com \
    --cc=smakarov@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).