2046021 – kernel 4.18.0-358.el8 async dirops causes write errors with namespace restricted caps

Bug 2046021 - kernel 4.18.0-358.el8 async dirops causes write errors with namespace restricted caps

Summary: kernel 4.18.0-358.el8 async dirops causes write errors with namespace restric...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	kernel
Sub Component:
Version:	CentOS Stream
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Jeff Layton
QA Contact:	Yogesh Mane
Docs Contact:	John Wilkins
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-01-26 08:06 UTC by Dan van der Ster
Modified:	2022-05-10 16:14 UTC (History)
CC List:	11 users (show)
Fixed In Version:	kernel-4.18.0-372.1.1.el8
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-05-10 15:11:40 UTC
Type:	Bug
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Ceph Project Bug Tracker	54013	None	None	None	2022-01-26 08:06:29 UTC
Gitlab	redhat/rhel/src/kernel rhel-8 merge_requests 2065	None	None	None	2022-02-04 18:11:58 UTC
Red Hat Issue Tracker	RHELPLAN-109738	None	None	None	2022-01-26 08:27:52 UTC
Red Hat Product Errata	RHSA-2022:1988	None	None	None	2022-05-10 15:11:51 UTC

Description Dan van der Ster 2022-01-26 08:06:30 UTC

Description of problem:

kernel 4.18.0-358.el8 breaks the ceph client for clients with osd caps restricted to an osd namespace. This kernel was the first to enable async dirops by default; the issue was fixed by mounting with async dirops disabled (-owsync).
Details are in https://tracker.ceph.com/issues/54013


Version-Release number of selected component (if applicable):

kernel 4.18.0-358.el8

Also reproduced with upstream kernel 5.16.2

How to reproduce:

Mount a ceph file share with caps like

[client.xxx]
        key = xx==
        caps mds = "allow rw path=/volumes/_nogroup/xxx" 
        caps mon = "allow r" 
        caps osd = "allow rw pool=cephfs_data namespace=fsvolumens_xxx" 

Then try to untar a kernel, you'll get errors like

# tar xf linux-5.17-rc1.tar.gz 2>&1 | head
tar: linux-5.17-rc1/.get_maintainer.ignore: Cannot write: Operation not permitted
tar: linux-5.17-rc1/.gitattributes: Cannot write: Operation not permitted
tar: linux-5.17-rc1/.gitignore: Cannot write: Operation not permitted

Fix:

This patch is the proposed fix: https://lore.kernel.org/ceph-devel/20220125211022.114286-1-jlayton@kernel.org/T/#u

Comment 28 errata-xmlrpc 2022-05-10 15:11:40 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: kernel security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:1988

Note You need to log in before you can comment on or make changes to this bug.