Fuse-ext2 deadlocks on creating symlinks

Bug #1674868 reported by Andy Caldwell on 2017-03-22
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
fuse-umfuse-ext2 (Ubuntu)
Status tracked in Artful
Trusty
High
Andy Caldwell
Xenial
High
Simon Quigley
Zesty
High
Simon Quigley
Artful
High
Simon Quigley

Bug Description

[Impact]

 * Any attempt to create/overwrite symlinks in a partition mounted by fuseext2 causes the fuseext2 process to deadlock, preventing the mounted filesystem from being used at all until the userspace process is killed and the filesystem is remounted.

[Test Case]

 * dd if=/dev/zero of=partition bs=1M count=200
 * mkfs.ext2 partition
 * mkdir mount
 * fuseext2 partition mount -o rw+
 * cd mount
 * touch test
 * ln -s test link - Doesn't complete
 * In another shell try to do anything else in the mount directory (ls, touch, rm) - Don't complete

[Regression Potential]

 * Since this changes the locking strategy of the code to hold locks less, the main risk is exposing a case where data can be accessed in a non-threadsafe manner, leading to unexpected behaviour.
 * The places where the change has been made are at the exit points of the function, and match where similar unlocks are made in other places in the code.
 * Since the program at risk is (by design) a userspace program, the risk of kernel data leakage is minimal.

[Other Info]

 * I can't actually work out where the upstream code for this project lives, the only upstream I could find is https://github.com/alperakcan/fuse-ext2 but that doesn't have any locking code at all (even in the reentrant branch) so I can't see where this issue came from.
 * This issue seems to apply to all versions of fuseext2 in the ubuntu repos (well, at least it's there in trusty, xenial and zesty)

[Original Description]

Trying to create a symlink in a filesystem mounted by fuseext2 causes the fuseext2 userspace process to deadlock before responding to the fuse request. This is simply due to a code bug in fuse-ext2/op_link.c (lines 104 and 109) where the code calls FUSE_EXT2_LOCK rather than FUSE_EXT2_UNLOCK on exiting the function.

I've confirmed that making that changes allows me to create symlinks happily on the mounted filesystem. The bug appears to exist upstream too.

System info:

$ lsb_release -rd
Description: Linux Mint 18.1 Serena
Release: 18.1

Software version:

$ apt show fuseext2
Package: fuseext2
Version: 0.4-1.1
Priority: optional
Section: universe/misc
Source: fuse-umfuse-ext2
Origin: Ubuntu
Maintainer: Ubuntu Developers <email address hidden>
Original-Maintainer: Debian VSquare Team <email address hidden>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 103 kB
Depends: e2fslibs (>= 1.42), libc6 (>= 2.4), libfuse2 (>= 2.8.1), fuse
Homepage: http://view-os.sourceforge.net
Download-Size: 24.7 kB
APT-Manual-Installed: yes
APT-Sources: http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages

Related branches

Andy Caldwell (andy-m-caldwell) wrote :

Bringing the proposed fix over from bazaar.

Andy Caldwell (andy-m-caldwell) wrote :

[Impact]

 * Any attempt to create/overwrite symlinks in a partition mounted by fuseext2 causes the fuseext2 process to deadlock, preventing the mounted filesystem from being used at all until the userspace process is killed and the filesystem is remounted.

[Test Case]

 * dd if=/dev/zero of=partition bs=1M count=200
 * mkfs.ext2 partition
 * mkdir mount
 * fuseext2 partition mount
 * cd mount
 * touch test
 * ln -s test link - Doesn't complete
 * In another shell try to do anything else in the mount directory (ls, touch, rm) - Don't complete

[Regression Potential]

 * Since this changes the locking strategy of the code to hold locks less, the main risk is exposing a case where data can be accessed in a non-threadsafe manner, leading to unexpected behaviour.
 * The places where the change has been made are at the exit points of the function, and match where similar unlocks are made in other places in the code.
 * Since the program at risk is (by design) a userspace program, the risk of kernel data leakage is minimal.

[Other Info]

 * I can't actually work out where the upstream code for this project lives, the only upstream I could find is https://github.com/alperakcan/fuse-ext2 but that doesn't have any locking code at all (even in the reentrant branch) so I can't see where this issue came from.
 * This issue seems to apply to all versions of fuseext2 in the ubuntu repos (well, at least it's there in trusty, xenial and zesty)

Simon Quigley (tsimonq2) on 2017-08-30
description: updated
Changed in fuse-umfuse-ext2 (Ubuntu):
status: New → Fix Released
Changed in fuse-umfuse-ext2 (Ubuntu Trusty):
importance: Undecided → High
status: New → Confirmed
Simon Quigley (tsimonq2) wrote :

Uploaded to Trusty using your changelog from the Bazaar merge proposal and a few trivial tweaks. It's in the Unapproved queue now waiting for a member of the SRU team to approve it.

Thank you for your contribution to Ubuntu!

Changed in fuse-umfuse-ext2 (Ubuntu Trusty):
assignee: nobody → Andy Caldwell (andy-m-caldwell)
Andy Caldwell (andy-m-caldwell) wrote :

Ah, I've found the upstream! It's https://sourceforge.net/p/view-os/code/HEAD/tree/trunk/fuse-modules/fuse-umfuse-ext2/ but it's not been touched since 2013, and it does contain the deadlock.

Brian Murray (brian-murray) wrote :

From what I gather of the bug description (without doing any detective work) it seems that this is not fixed in the development release of Ubuntu (Artful Aardvark) and it should be before we accept it as as a Stable Release Update.

Changed in fuse-umfuse-ext2 (Ubuntu):
status: Fix Released → Triaged
Andy Caldwell (andy-m-caldwell) wrote :

As far as I can tell the patch is applicable without change to all shipped versions of the fuse-umfuse-ext2 codebase from Trusty onward (including Artful). I'm not sure which earlier releases it applies to, but I guess those are all EOL.

Simon Quigley (tsimonq2) on 2017-09-02
Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
importance: Undecided → High
Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
importance: Undecided → High
Changed in fuse-umfuse-ext2 (Ubuntu Artful):
importance: Undecided → High
Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
assignee: nobody → Simon Quigley (tsimonq2)
Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
assignee: nobody → Simon Quigley (tsimonq2)
Changed in fuse-umfuse-ext2 (Ubuntu Artful):
assignee: nobody → Simon Quigley (tsimonq2)
Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
status: New → Confirmed
Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
status: New → Confirmed
Changed in fuse-umfuse-ext2 (Ubuntu Artful):
status: Triaged → Confirmed
milestone: none → ubuntu-17.09
Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
milestone: none → zesty-updates
Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
milestone: none → xenial-updates
Changed in fuse-umfuse-ext2 (Ubuntu Trusty):
milestone: none → trusty-updates
Simon Quigley (tsimonq2) wrote :

Uploaded to Trusty, Xenial, Zesty, and Artful. For the stable releases, it's sitting in the Unapproved queue, for Artful it's building and will migrate like normal.

description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fuse-umfuse-ext2 - 0.4-1.1ubuntu0.1

---------------
fuse-umfuse-ext2 (0.4-1.1ubuntu0.1) artful; urgency=high

  * Correctly release locks in op_link (LP: #1674868).

 -- Andrew Caldwell <email address hidden> Wed, 22 Mar 2017 19:42:35 +0000

Changed in fuse-umfuse-ext2 (Ubuntu Artful):
status: Confirmed → Fix Released

Hello Andy, or anyone else affected,

Accepted fuse-umfuse-ext2 into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fuse-umfuse-ext2/0.4-1.1ubuntu0.17.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
status: Confirmed → Fix Committed
tags: added: verification-needed verification-needed-zesty
Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
status: Confirmed → Fix Committed
tags: added: verification-needed-xenial
Brian Murray (brian-murray) wrote :

Hello Andy, or anyone else affected,

Accepted fuse-umfuse-ext2 into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fuse-umfuse-ext2/0.4-1.1ubuntu0.16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in fuse-umfuse-ext2 (Ubuntu Trusty):
status: Confirmed → Fix Committed
tags: added: verification-needed-trusty
Brian Murray (brian-murray) wrote :

Hello Andy, or anyone else affected,

Accepted fuse-umfuse-ext2 into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fuse-umfuse-ext2/0.4-1.1ubuntu0.14.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-trusty to verification-done-trusty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-trusty. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Tested on Xenial and Trusty and the test-case passes fine.

tags: added: verification-done-trusty verification-done-xenial
removed: verification-needed-trusty verification-needed-xenial

Also confirmed on Artful and Zesty!

tags: added: verification-done verification-done-zesty
removed: verification-needed verification-needed-zesty
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fuse-umfuse-ext2 - 0.4-1.1ubuntu0.17.04.1

---------------
fuse-umfuse-ext2 (0.4-1.1ubuntu0.17.04.1) zesty; urgency=high

  * Correctly release locks in op_link (LP: #1674868).

 -- Andrew Caldwell <email address hidden> Wed, 22 Mar 2017 19:42:35 +0000

Changed in fuse-umfuse-ext2 (Ubuntu Zesty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for fuse-umfuse-ext2 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fuse-umfuse-ext2 - 0.4-1.1ubuntu0.16.04.1

---------------
fuse-umfuse-ext2 (0.4-1.1ubuntu0.16.04.1) xenial; urgency=high

  * Correctly release locks in op_link (LP: #1674868).

 -- Andrew Caldwell <email address hidden> Wed, 22 Mar 2017 19:42:35 +0000

Changed in fuse-umfuse-ext2 (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package fuse-umfuse-ext2 - 0.4-1.1ubuntu0.14.04.1

---------------
fuse-umfuse-ext2 (0.4-1.1ubuntu0.14.04.1) trusty; urgency=high

  * Correctly release locks in op_link (LP: #1674868).

 -- Andrew Caldwell <email address hidden> Wed, 22 Mar 2017 19:42:35 +0000

Changed in fuse-umfuse-ext2 (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers