unprivileged users may trigger page cache invalidation WARN
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Thadeu Lima de Souza Cascardo |
Bug Description
[Impact]
Unprivileged users may trigger a page cache invalidation failure when doing parallel direct I/O and buffered I/O. On some kernels, that may lead to a WARN.
[ 22.415082] WARNING: CPU: 3 PID: 3404 at /build/
[ 22.415083] Modules linked in: xfs isofs kvm_intel kvm irqbypass joydev input_leds serio_raw ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_
[ 22.415099] CPU: 3 PID: 3404 Comm: xfs_io Not tainted 4.15.0-192-generic #203-Ubuntu
[ 22.415100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014
[ 22.415103] RIP: 0010:iomap_
[ 22.415104] RSP: 0018:ffffb7c782
[ 22.415104] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000000009
[ 22.415105] RDX: 00000000000001ff RSI: 0000000000000000 RDI: ffffb7c782fe7e20
[ 22.415105] RBP: ffffb7c782fe7c68 R08: ffffb7c782fe7c88 R09: ffff9bbc9f48fba0
[ 22.415106] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000009
[ 22.415106] R13: ffff9bbc9f48fba0 R14: ffffb7c782fe7c88 R15: 0000000000001000
[ 22.415107] FS: 00007f2b802ed70
[ 22.415107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.415108] CR2: 0000000001639000 CR3: 000000001e6b0003 CR4: 0000000000760ee0
[ 22.415110] PKRU: 55555554
[ 22.415110] Call Trace:
[ 22.415122] ? iomap_dio_
[ 22.415123] iomap_apply+
[ 22.415124] ? iomap_dio_
[ 22.415125] iomap_dio_
[ 22.415126] ? iomap_dio_
[ 22.415148] xfs_file_
[ 22.415157] ? xfs_file_
[ 22.415165] xfs_file_
[ 22.415170] new_sync_
[ 22.415171] __vfs_read+
[ 22.415172] vfs_read+0x8e/0x130
[ 22.415173] SyS_pread64+
[ 22.415176] do_syscall_
[ 22.415183] entry_SYSCALL_
[ 22.415184] RIP: 0033:0x7f2b7fbc0b73
[ 22.415185] RSP: 002b:00007ffc13
[ 22.415186] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2b7fbc0b73
[ 22.415186] RDX: 0000000000001000 RSI: 0000000001639000 RDI: 0000000000000003
[ 22.415186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 22.415187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc134e1b00
[ 22.415187] R13: 0000000000020000 R14: 0000000000000000 R15: 0000000000000000
[ 22.415188] Code: 21 d0 48 89 45 a0 0f 85 aa 03 00 00 41 0f b7 46 18 66 83 f8 03 0f 84 7e 02 00 00 66 83 f8 04 74 52 66 83 f8 01 0f 84 c8 02 00 00 <0f> 0b 48 c7 45 a0 fb ff ff ff 48 8b 5d d0 65 48 33 1c 25 28 00
[Test case]
Run xfstests generic/446 test.
[Potential regressions]
Data corruption could be caused, though it is expected to be caused in such scenarions anyway. That should affecte direct I/O.
CVE References
Changed in linux (Ubuntu Bionic): | |
assignee: | nobody → Thadeu Lima de Souza Cascardo (cascardo) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux (Ubuntu): | |
status: | New → Invalid |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
This bug is awaiting verification that the linux/4. 15.0-195. 206 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- bionic' to 'verification- done-bionic' . If the problem still exists, change the tag 'verification- needed- bionic' to 'verification- failed- bionic' .
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!