kintegrityd workqueue fix backported, but only to some LTS

kintegrityd workqueue fix backported, but only to some LTS

[Niklas Cassel]

Hello Christoph, stable,

I recently saw a crash caused by the kintegrityd workqueue that could only
be reproduced on older kernels.
A null pointer dereference in function bio_integrity_verify_fn.

The fix in Linus's tree for this:
3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
was first merged in v5.15.

The fix has been backported to v5.10 LTS branch in:
1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")

The fix doesn't have a fixes tag, but from inspecting the code,
I don't understand why this was only backported to v5.10, AFAICT it should
at least have been backported to v5.4, v4.19 and v4.14 LTS as well.

Original series:
https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/

The blk_flush_integrity() call that actually fixes the crash should be
trivial to backport/add before clearing the flag and doing the memset.


Kind regards,
Niklas

Re: kintegrityd workqueue fix backported, but only to some LTS

[Greg KH]

On Mon, Mar 14, 2022 at 11:50:18AM +0000, Niklas Cassel wrote:
> Hello Christoph, stable,
> 
> I recently saw a crash caused by the kintegrityd workqueue that could only
> be reproduced on older kernels.
> A null pointer dereference in function bio_integrity_verify_fn.
> 
> The fix in Linus's tree for this:
> 3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
> was first merged in v5.15.
> 
> The fix has been backported to v5.10 LTS branch in:
> 1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")
> 
> The fix doesn't have a fixes tag, but from inspecting the code,
> I don't understand why this was only backported to v5.10, AFAICT it should
> at least have been backported to v5.4, v4.19 and v4.14 LTS as well.
> 
> Original series:
> https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/
> 
> The blk_flush_integrity() call that actually fixes the crash should be
> trivial to backport/add before clearing the flag and doing the memset.

A backported patch series would be great to have, to show that you have
tested that it works properly.

thanks,

greg k-h

Re: kintegrityd workqueue fix backported, but only to some LTS

[Niklas Cassel]

On Mon, Mar 14, 2022 at 01:28:38PM +0100, Greg KH wrote:
> On Mon, Mar 14, 2022 at 11:50:18AM +0000, Niklas Cassel wrote:
> > Hello Christoph, stable,
> > 
> > I recently saw a crash caused by the kintegrityd workqueue that could only
> > be reproduced on older kernels.
> > A null pointer dereference in function bio_integrity_verify_fn.
> > 
> > The fix in Linus's tree for this:
> > 3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > was first merged in v5.15.
> > 
> > The fix has been backported to v5.10 LTS branch in:
> > 1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > 
> > The fix doesn't have a fixes tag, but from inspecting the code,
> > I don't understand why this was only backported to v5.10, AFAICT it should
> > at least have been backported to v5.4, v4.19 and v4.14 LTS as well.
> > 
> > Original series:
> > https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/
> > 
> > The blk_flush_integrity() call that actually fixes the crash should be
> > trivial to backport/add before clearing the flag and doing the memset.
> 
> A backported patch series would be great to have, to show that you have
> tested that it works properly.

Hello Greg,

Unfortunately, I don't have access to the machine. I was only provided
a kernel crash dump to diagnose the crash.

I guess I was hoping for someone more familiar with the integrity stuff
to backport it. Both patch 1 and 3 are unrelated to the NULL pointer crash,
and because of various refactoring, I'm not sure if patch 1 and 3 are even
applicable for older kernel versions.


Kind regards,
Niklas

Re: kintegrityd workqueue fix backported, but only to some LTS

[Greg KH]

On Mon, Mar 14, 2022 at 01:08:57PM +0000, Niklas Cassel wrote:
> On Mon, Mar 14, 2022 at 01:28:38PM +0100, Greg KH wrote:
> > On Mon, Mar 14, 2022 at 11:50:18AM +0000, Niklas Cassel wrote:
> > > Hello Christoph, stable,
> > > 
> > > I recently saw a crash caused by the kintegrityd workqueue that could only
> > > be reproduced on older kernels.
> > > A null pointer dereference in function bio_integrity_verify_fn.
> > > 
> > > The fix in Linus's tree for this:
> > > 3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > was first merged in v5.15.
> > > 
> > > The fix has been backported to v5.10 LTS branch in:
> > > 1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > 
> > > The fix doesn't have a fixes tag, but from inspecting the code,
> > > I don't understand why this was only backported to v5.10, AFAICT it should
> > > at least have been backported to v5.4, v4.19 and v4.14 LTS as well.
> > > 
> > > Original series:
> > > https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/
> > > 
> > > The blk_flush_integrity() call that actually fixes the crash should be
> > > trivial to backport/add before clearing the flag and doing the memset.
> > 
> > A backported patch series would be great to have, to show that you have
> > tested that it works properly.
> 
> Hello Greg,
> 
> Unfortunately, I don't have access to the machine. I was only provided
> a kernel crash dump to diagnose the crash.
> 
> I guess I was hoping for someone more familiar with the integrity stuff
> to backport it. Both patch 1 and 3 are unrelated to the NULL pointer crash,
> and because of various refactoring, I'm not sure if patch 1 and 3 are even
> applicable for older kernel versions.

I do not know what patch 1 and 3 refer to here, sorry :(

greg k-h

Re: kintegrityd workqueue fix backported, but only to some LTS

[Niklas Cassel]

On Mon, Mar 14, 2022 at 02:54:50PM +0100, Greg KH wrote:
> On Mon, Mar 14, 2022 at 01:08:57PM +0000, Niklas Cassel wrote:
> > On Mon, Mar 14, 2022 at 01:28:38PM +0100, Greg KH wrote:
> > > On Mon, Mar 14, 2022 at 11:50:18AM +0000, Niklas Cassel wrote:
> > > > Hello Christoph, stable,
> > > > 
> > > > I recently saw a crash caused by the kintegrityd workqueue that could only
> > > > be reproduced on older kernels.
> > > > A null pointer dereference in function bio_integrity_verify_fn.
> > > > 
> > > > The fix in Linus's tree for this:
> > > > 3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > > was first merged in v5.15.
> > > > 
> > > > The fix has been backported to v5.10 LTS branch in:
> > > > 1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > > 
> > > > The fix doesn't have a fixes tag, but from inspecting the code,
> > > > I don't understand why this was only backported to v5.10, AFAICT it should
> > > > at least have been backported to v5.4, v4.19 and v4.14 LTS as well.
> > > > 
> > > > Original series:
> > > > https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/
> > > > 
> > > > The blk_flush_integrity() call that actually fixes the crash should be
> > > > trivial to backport/add before clearing the flag and doing the memset.
> > > 
> > > A backported patch series would be great to have, to show that you have
> > > tested that it works properly.
> > 
> > Hello Greg,
> > 
> > Unfortunately, I don't have access to the machine. I was only provided
> > a kernel crash dump to diagnose the crash.
> > 
> > I guess I was hoping for someone more familiar with the integrity stuff
> > to backport it. Both patch 1 and 3 are unrelated to the NULL pointer crash,
> > and because of various refactoring, I'm not sure if patch 1 and 3 are even
> > applicable for older kernel versions.
> 
> I do not know what patch 1 and 3 refer to here, sorry :(

Sorry, I was referring to patch 1/3 and 3/3 in the series:
https://lore.kernel.org/all/20210914070657.87677-1-hch@lst.de/

Looking at it again, patch 1/2 and 2/2 are both required.

Patch 3/3, I don't know, since the flag used to be in bdi, but is now in
request_queue.

But even then, since this doesn't have a Fixes tag, I'm not sure how far
this has to be backported. Christoph, thoughts?

I'm assuming that it was the machine learning scripts that backported it to
5.10, but considering that I've seen a crash dump with this in 4.18, it
definitely should have been backported to 4.19+ (but probably even further
back).


Kind regards,
Niklas

Re: kintegrityd workqueue fix backported, but only to some LTS

[Greg KH]

On Mon, Mar 14, 2022 at 03:48:59PM +0000, Niklas Cassel wrote:
> On Mon, Mar 14, 2022 at 02:54:50PM +0100, Greg KH wrote:
> > On Mon, Mar 14, 2022 at 01:08:57PM +0000, Niklas Cassel wrote:
> > > On Mon, Mar 14, 2022 at 01:28:38PM +0100, Greg KH wrote:
> > > > On Mon, Mar 14, 2022 at 11:50:18AM +0000, Niklas Cassel wrote:
> > > > > Hello Christoph, stable,
> > > > > 
> > > > > I recently saw a crash caused by the kintegrityd workqueue that could only
> > > > > be reproduced on older kernels.
> > > > > A null pointer dereference in function bio_integrity_verify_fn.
> > > > > 
> > > > > The fix in Linus's tree for this:
> > > > > 3df49967f6f1 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > > > was first merged in v5.15.
> > > > > 
> > > > > The fix has been backported to v5.10 LTS branch in:
> > > > > 1ef68b84bc11 ("block: flush the integrity workqueue in blk_integrity_unregister")
> > > > > 
> > > > > The fix doesn't have a fixes tag, but from inspecting the code,
> > > > > I don't understand why this was only backported to v5.10, AFAICT it should
> > > > > at least have been backported to v5.4, v4.19 and v4.14 LTS as well.
> > > > > 
> > > > > Original series:
> > > > > https://lore.kernel.org/all/20210914070657.87677-3-hch@lst.de/
> > > > > 
> > > > > The blk_flush_integrity() call that actually fixes the crash should be
> > > > > trivial to backport/add before clearing the flag and doing the memset.
> > > > 
> > > > A backported patch series would be great to have, to show that you have
> > > > tested that it works properly.
> > > 
> > > Hello Greg,
> > > 
> > > Unfortunately, I don't have access to the machine. I was only provided
> > > a kernel crash dump to diagnose the crash.
> > > 
> > > I guess I was hoping for someone more familiar with the integrity stuff
> > > to backport it. Both patch 1 and 3 are unrelated to the NULL pointer crash,
> > > and because of various refactoring, I'm not sure if patch 1 and 3 are even
> > > applicable for older kernel versions.
> > 
> > I do not know what patch 1 and 3 refer to here, sorry :(
> 
> Sorry, I was referring to patch 1/3 and 3/3 in the series:
> https://lore.kernel.org/all/20210914070657.87677-1-hch@lst.de/
> 
> Looking at it again, patch 1/2 and 2/2 are both required.
> 
> Patch 3/3, I don't know, since the flag used to be in bdi, but is now in
> request_queue.
> 
> But even then, since this doesn't have a Fixes tag, I'm not sure how far
> this has to be backported. Christoph, thoughts?
> 
> I'm assuming that it was the machine learning scripts that backported it to
> 5.10, but considering that I've seen a crash dump with this in 4.18, it
> definitely should have been backported to 4.19+ (but probably even further
> back).

Please test and if it works for you, provide a backported series and I
will be glad to consider it.

thanks,

greg k-h