Bug 70607 - Oops in get_filesystem_info due to lack of locking
Oops in get_filesystem_info due to lack of locking
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: kernel (Show other bugs)
2.1
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Stephen Tweedie
Brian Brock
:
Depends On:
Blocks: 107565
  Show dependency treegraph
 
Reported: 2002-08-02 16:43 EDT by Tim Wright
Modified: 2007-11-30 17:06 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-21 21:02:53 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Suggested patch (wrong line numbers but it applies). (879 bytes, patch)
2002-08-02 16:45 EDT, Tim Wright
no flags Details | Diff

  None (edit)
Description Tim Wright 2002-08-02 16:43:56 EDT
Description of Problem:
If multiple mounts/unmounts are occurring, and a process is accessing/reading
from /proc/mounts, it is possible for an oops to occur on an SMP machine. This
is because the vfsmntlist can change while we're navigating it, but the code
doesn't grab any locks to prevent this. If a vfsmount "p" is removed from the
list while we're in d_path(), then we'll follow an invalid "next" pointer on
return from d_path().

Version-Release number of selected component (if applicable):
Any of 2.4.9-e.3, e.5 and e.8 are susceptible.

How Reproducible:
100%.

Steps to Reproduce:
1. Start some processes mounting and unmounting filesystems in a loop.
2. Repeatedly 'cat /proc/mounts' or otherwise read it.
3. Wait for the oops.

Actual Results:
An oops happens.

Expected Results:
No oops :-)

Additional Information:
A suggested fix is to grab the dcache_lock which apparently protects vfsmntlist.
This seems reasonable since we only process one page worth of information.
Comment 1 Tim Wright 2002-08-02 16:45:23 EDT
Created attachment 68624 [details]
Suggested patch (wrong line numbers but it applies).
Comment 8 Jason Baron 2004-02-09 16:51:27 EST
patch applied to the U4 update stream. changing state to modified.
kernel is available at:

http://people.redhat.com/~jbaron/.private/u4/2.4.9-e.37.3.test/

Comment 9 John Flanagan 2004-04-21 21:02:54 EDT
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-105.html

Note You need to log in before you can comment on or make changes to this bug.