Bug 2210795 - CIFS cannot gain access to a file when fanotify works with OPEN_PERM
Summary: CIFS cannot gain access to a file when fanotify works with OPEN_PERM
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 38
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-05-29 14:06 UTC by santucco
Modified: 2024-05-22 11:13 UTC (History)
16 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed: 2024-05-22 11:13:51 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
a simulator of the antiviral software (7.31 KB, text/plain)
2023-05-29 14:07 UTC, santucco
no flags Details
a simulate script of the editor (2.30 KB, application/x-shellscript)
2023-05-29 14:08 UTC, santucco
no flags Details
an output of the test script (1.26 KB, text/plain)
2023-05-29 14:09 UTC, santucco
no flags Details
dmesg output with the reproduction (69.96 KB, text/plain)
2023-05-29 14:10 UTC, santucco
no flags Details
strace output of the script (55.00 KB, text/plain)
2023-05-29 14:12 UTC, santucco
no flags Details
dmesg output of the correct work (37.04 KB, text/plain)
2023-05-29 14:13 UTC, santucco
no flags Details
an output of the correct work of the script (1.03 KB, text/plain)
2023-05-29 14:14 UTC, santucco
no flags Details

Description santucco 2023-05-29 14:06:04 UTC
When a cifs mount point marked in fanotify with OPEN_PERM mark, access to some files can be denied despite an access is allowed by fanotify.

An antiviral software monitors files on a cifs share.
An editor tries to work with a document on the share. Beside it creates a lock file and a temporary file for the document.
When the editor tries to store a data to the file, it fails with an error "cannot create reserved copy of the document".

I simulate the antiviral software by a fanotify.c (it is a reworked sample from fanotify(7)) and the editor by a script test.sh (both are attached).

An strace log of the test.sh (attached) shows EPERM during an attempt to open the document on read/write before making copy of the tempfile into the document.

10920 openat(AT_FDCWD, "/mnt/boxes/test2.docx", O_RDWR|O_CREAT, 0666) = -1 EPERM (Operation not permitted)


When I run the test.sh without fanotify, everything works correctly.

Such behaviour can be also simulated with an almost exact sample fanotify_example.c from fanotify(7) with an added delay before allowing, but it reproduced not always.

The bug can be reproduced on old kernels too. 

Reproducible: Always

Steps to Reproduce:
1. compile attached fanotify.c
2. mount CIFS share to /mnt/boxes
3. run ./fanotify /mnt/boxes
4. run attached ./test.sh 

Actual Results:  
the test fails with an error


Expected Results:  
the test succeeds

[root@fedora ~]# uname -a
Linux fedora 6.2.9-300.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Mar 30 22:32:58 UTC 2023 x86_64 GNU/Linux

Comment 1 santucco 2023-05-29 14:07:22 UTC
Created attachment 1967678 [details]
a simulator of the antiviral software

Comment 2 santucco 2023-05-29 14:08:40 UTC
Created attachment 1967679 [details]
a simulate script of the editor

Comment 3 santucco 2023-05-29 14:09:18 UTC
Created attachment 1967688 [details]
an output of the test script

Comment 4 santucco 2023-05-29 14:10:10 UTC
Created attachment 1967689 [details]
dmesg output with the reproduction

Comment 5 santucco 2023-05-29 14:12:31 UTC
Created attachment 1967690 [details]
strace output of the script

Comment 6 santucco 2023-05-29 14:13:36 UTC
Created attachment 1967691 [details]
dmesg output of the correct work

Comment 7 santucco 2023-05-29 14:14:08 UTC
Created attachment 1967692 [details]
an output of the correct work of the script

Comment 8 Aoife Moloney 2024-05-22 11:13:51 UTC
Fedora Linux 38 entered end-of-life (EOL) status on 2024-05-21.

Fedora Linux 38 is no longer maintained, which means that it
will not receive any further security or bug fix updates. As a result we
are closing this bug.

If you can reproduce this bug against a currently maintained version of Fedora Linux
please feel free to reopen this bug against that version. Note that the version
field may be hidden. Click the "Show advanced fields" button if you do not see
the version field.

If you are unable to reopen this bug, please file a new report against an
active release.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.