bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Andrea Righi | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification:
[Impact]
* Enabling parallel dirops in fuse (FUSE_PARALLEL_
* The problem is that the lock and unlock paths are relying on get_fuse_
[Test Case]
* A test case that triggers the bug almost immediately can be found here https:/
[Fix]
* Instead of relying on get_fuse_
[Regression Potential]
* Fix has been tested on the affected platform. It is an upstream fix that seems to affect only 4.7+ kernels, more exactly in our case only Bionic kernels (and derived) are affected. Cosmic and above already include this fix. So regression potential is minimal.
[Original bug report]
Hello up there,
We were reported about a deadlock in the kernel while using a FUSE-based filesystem on Ubuntu.
The kernel in question is Ubuntu-
https:/
Please see the following go-fuse issue for full details:
https:/
The bug is potentially applicable to libfuse users too since libfuse by default enables parallel dirops whenever kernel claims support for it, which libfuse maintained confirmed:
https:/
https:/
We tested that cherry-picking 63576c13bd into 4.15.x series makes the problem go away:
https:/
So please include https:/
--------
Here is a full list of FUSE patches marked to be needed in stable kernels starting from v4.15:
kirr@deco:
a2ebba824106 fuse: decrement NR_WRITEBACK_TEMP on the right page
9509941e9c53 fuse: call pipe_buf_release() under pipe lock
8a3177db59cd cuse: fix ioctl
97e1532ef81a fuse: handle zero sized retrieve correctly
2e64ff154ce6 fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
ebacb8127359 fuse: fix use-after-free in fuse_direct_IO()
2d84a2d19b61 fuse: fix possibly missed wake-up after abort
7fabaf303458 fuse: fix leaked notify reply
908a572b80f6 fuse: fix blocked_waitq wakeup
4c316f2f3ff3 fuse: set FR_SENT while locked
d2d2d4fb1f54 fuse: Fix use-after-free in fuse_dev_do_write()
bc78abbd55dd fuse: Fix use-after-free in fuse_dev_do_read()
a2477b0e67c5 fuse: Don't access pipe->buffers without pipe_lock()
63576c13bd17 fuse: fix initial parallel dirops
e8f3bd773d22 fuse: Fix oops at process_
b8f95e5d13f5 fuse: umount should wait for all requests
45ff350bbd9d fuse: fix unlocked access to processing queue
87114373ea50 fuse: fix double request_end()
543b8f8662fe (tag: fuse-update-4.18) fuse: don't keep dead fuse_conn at fuse_fill_super().
6becdb601bae fuse: fix control dir setup and teardown
8a301eb16d99 fuse: fix congested state leak on aborted connections
df0e91d48827 fuse: atomic_o_trunc should truncate pagecache
Among those only 8a3177db59cd and 2d84a2d19b61 should not be applied to 4.15.x becuase they cure a problem introduced in a later kernel (please see got log without --oneline for stable@ details)
However both bionic and xenial/hwe has much less fuse patches applied:
kirr@deco:
e992e3521885 fuse: fix control dir setup and teardown
f3a3e0537dcd fuse: don't keep dead fuse_conn at fuse_fill_super().
840c77082f93 fuse: atomic_o_trunc should truncate pagecache
c0e31b214498 fuse: fix congested state leak on aborted connections
45f23c59120f UBUNTU: SAUCE: (namespace) fuse: Allow user namespace mounts
1223588451c6 UBUNTU: SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant
b4d1889491a0 UBUNTU: SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
kirr@deco:
e992e3521885 fuse: fix control dir setup and teardown
f3a3e0537dcd fuse: don't keep dead fuse_conn at fuse_fill_super().
840c77082f93 fuse: atomic_o_trunc should truncate pagecache
c0e31b214498 fuse: fix congested state leak on aborted connections
45f23c59120f UBUNTU: SAUCE: (namespace) fuse: Allow user namespace mounts
1223588451c6 UBUNTU: SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant
b4d1889491a0 UBUNTU: SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
which suggests that other FUSE fixes should be cherry-picked too.
Please consider cherry-picking those additional patches too. They are all in upstream kernel
stable series, e.g. stable/linux-4.14.y has them:
kirr@deco:
266a69895b89 fuse: handle zero sized retrieve correctly
b928e93d864c fuse: decrement NR_WRITEBACK_TEMP on the right page
65f222bb370e fuse: call pipe_buf_release() under pipe lock
c1149b873482 fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
6ceec07cc84a fuse: fix leaked notify reply
a42d933dc281 fuse: fix use-after-free in fuse_direct_IO()
78da72ee42d8 fuse: set FR_SENT while locked
f6f21a2b70c6 fuse: fix blocked_waitq wakeup
ab962e91008a fuse: Fix use-after-free in fuse_dev_do_write()
d94b3a2375cb fuse: Fix use-after-free in fuse_dev_do_read()
e8a3f3a03655 fuse: Add missed unlock_page() to fuse_readpages_
ff4a71855d0a fuse: Fix oops at process_
973206923812 fuse: umount should wait for all requests
fc17d7519e8e fuse: fix unlocked access to processing queue
cfb6eca6e4bb fuse: fix double request_end()
7d392674443c fuse: fix initial parallel dirops
eaebcf902ae0 fuse: Don't access pipe->buffers without pipe_lock()
69829f749a43 fuse: fix control dir setup and teardown
3a37d85a90da fuse: don't keep dead fuse_conn at fuse_fill_super().
2f7bf369b5f8 fuse: atomic_o_trunc should truncate pagecache
02832578eb9d fuse: fix congested state leak on aborted connections
and it is just that stable/linux-4.15.y stopped being maintained by Greg KH.
Thanks beforehand,
Kirill
---
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CurrentDesktop: Unity
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=
InstallationDate: Installed on 2019-02-28 (39 days ago)
InstallationMedia: Ubuntu 16.04.6 LTS "Xenial Xerus" - Release amd64 (20190227)
IwConfig:
lo no wireless extensions.
ens3 no wireless extensions.
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: QEMU Standard PC (i440FX + PIIX, 1996)
Package: linux (not installed)
ProcFB: 0 virtiodrmfb
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
RelatedPackageV
linux-
linux-
linux-firmware 1.157.21
RfKill:
Tags: xenial
Uname: Linux 4.15.0-45-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
_MarkForUpload: True
dmi.bios.date: 04/01/2014
dmi.bios.vendor: SeaBIOS
dmi.bios.version: 1.12.0-1
dmi.chassis.type: 1
dmi.chassis.vendor: QEMU
dmi.chassis.
dmi.modalias: dmi:bvnSeaBIOS:
dmi.product.name: Standard PC (i440FX + PIIX, 1996)
dmi.product.
dmi.sys.vendor: QEMU
tags: | added: bionic |
description: | updated |
Changed in linux (Ubuntu): | |
assignee: | nobody → Andrea Righi (arighi) |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
status: | New → Fix Committed |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1823972
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.