** Description changed: - This is a new test case added 4 days ago. - From the commit message it looks like this is a test case for a buggy commit 8db6c34f1dbc: - The regression is introduced from 8db6c34f1dbc ("Introduce v3 namespaced - file capabilities"). Overlayfs and possibly other networking filesystems - unhash the dentry on unlink, fail on this test with above change. + == Justification == + The code in cap_inode_getsecurity(), introduced by commit 8db6c34f1dbc + ("Introduce v3 namespaced file capabilities"), should use + d_find_any_alias() instead of d_find_alias() do handle unhashed dentry + correctly. This is needed, for example, if execveat() is called with an + open but unlinked overlayfs file, because overlayfs unhashes dentry on + unlink. + This is a regression of real life application, first reported at + https://www.spinics.net/lists/linux-unionfs/msg05363.html - This commit has been applied in the Xenial AWS kernel (14985d791) with - bug 1778286 - - This might have something to do with the way how we backport it (the - EINVAL return value is the clue) - + With the execveat03 test in the LTP test suite on an affected kernel, it will fail with: <<<test_start>>> tag=execveat03 stime=1534135632 cmdline="execveat03" contacts="" analysis=exit <<<test_output>>> incrementing stop tst_test.c:1017: INFO: Timeout per run is 0h 05m 00s execveat03.c:70: FAIL: execveat() returned unexpected errno: EINVAL Summary: passed 0 failed 1 skipped 0 warnings 0 - <<<execution_status>>> - initiation_status="ok" - duration=0 termination_type=exited termination_id=1 corefile=no - cutime=0 cstime=0 - <<<test_end>>> + + == Fix == + 355139a8 (cap_inode_getsecurity: use d_find_any_alias() instead of + d_find_alias()) + + It can be cherry-picked for Bionic, but it needs to be backported to + Xenial along with the logic when we backport 8db6c34f1dbc (bug 1778286). + + The test kernel for Xenial / Bionic could be found here: + http://people.canonical.com/~phlin/kernel/lp-1786729-execveat03/ + + == Test Case == + Run the reproducer in the commit message, or, + run the execveat03 test in ubuntu_ltp_syscalls test suite. And it will pass with the patched kernel. + ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-1064-aws 4.4.0-1064.74 ProcVersionSignature: User Name 4.4.0-1064.74-aws 4.4.140 Uname: Linux 4.4.0-1064-aws x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Mon Aug 13 04:51:09 2018 Ec2AMI: ami-529fb82a Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-west-2b Ec2InstanceType: x1e.xlarge Ec2Kernel: unavailable Ec2Ramdisk: unavailable SourcePackage: linux-aws UpgradeStatus: No upgrade log present (probably fresh install)
** Description changed: == Justification == The code in cap_inode_getsecurity(), introduced by commit 8db6c34f1dbc ("Introduce v3 namespaced file capabilities"), should use d_find_any_alias() instead of d_find_alias() do handle unhashed dentry correctly. This is needed, for example, if execveat() is called with an open but unlinked overlayfs file, because overlayfs unhashes dentry on unlink. This is a regression of real life application, first reported at https://www.spinics.net/lists/linux-unionfs/msg05363.html With the execveat03 test in the LTP test suite on an affected kernel, it will fail with: <<<test_start>>> tag=execveat03 stime=1534135632 cmdline="execveat03" contacts="" analysis=exit <<<test_output>>> incrementing stop tst_test.c:1017: INFO: Timeout per run is 0h 05m 00s execveat03.c:70: FAIL: execveat() returned unexpected errno: EINVAL Summary: passed 0 failed 1 skipped 0 warnings 0 == Fix == 355139a8 (cap_inode_getsecurity: use d_find_any_alias() instead of - d_find_alias()) + d_find_alias()) It can be cherry-picked for Bionic, but it needs to be backported to Xenial along with the logic when we backport 8db6c34f1dbc (bug 1778286). The test kernel for Xenial / Bionic could be found here: http://people.canonical.com/~phlin/kernel/lp-1786729-execveat03/ + This patch has already been cherry-picked into Cosmic and Unstable. + == Test Case == Run the reproducer in the commit message, or, run the execveat03 test in ubuntu_ltp_syscalls test suite. And it will pass with the patched kernel. - ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-1064-aws 4.4.0-1064.74 ProcVersionSignature: User Name 4.4.0-1064.74-aws 4.4.140 Uname: Linux 4.4.0-1064-aws x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Mon Aug 13 04:51:09 2018 Ec2AMI: ami-529fb82a Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-west-2b Ec2InstanceType: x1e.xlarge Ec2Kernel: unavailable Ec2Ramdisk: unavailable SourcePackage: linux-aws UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1786729 Title: execveat03 in ubuntu_ltp_syscalls failed on X/B Status in ubuntu-kernel-tests: In Progress Status in linux package in Ubuntu: Fix Released Status in linux-aws package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux-aws source package in Xenial: New Status in linux source package in Bionic: In Progress Status in linux-aws source package in Bionic: New Bug description: == Justification == The code in cap_inode_getsecurity(), introduced by commit 8db6c34f1dbc ("Introduce v3 namespaced file capabilities"), should use d_find_any_alias() instead of d_find_alias() do handle unhashed dentry correctly. This is needed, for example, if execveat() is called with an open but unlinked overlayfs file, because overlayfs unhashes dentry on unlink. This is a regression of real life application, first reported at https://www.spinics.net/lists/linux-unionfs/msg05363.html With the execveat03 test in the LTP test suite on an affected kernel, it will fail with: <<<test_start>>> tag=execveat03 stime=1534135632 cmdline="execveat03" contacts="" analysis=exit <<<test_output>>> incrementing stop tst_test.c:1017: INFO: Timeout per run is 0h 05m 00s execveat03.c:70: FAIL: execveat() returned unexpected errno: EINVAL Summary: passed 0 failed 1 skipped 0 warnings 0 == Fix == 355139a8 (cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()) It can be cherry-picked for Bionic, but it needs to be backported to Xenial along with the logic when we backport 8db6c34f1dbc (bug 1778286). The test kernel for Xenial / Bionic could be found here: http://people.canonical.com/~phlin/kernel/lp-1786729-execveat03/ This patch has already been cherry-picked into Cosmic and Unstable. == Regression Potential == Low, this patch just uses a correct function to handle unhashed dentry, and it's been applied in both upstream and our newer kernel. == Test Case == Run the reproducer in the commit message, or, run the execveat03 test in ubuntu_ltp_syscalls test suite. And it will pass with the patched kernel. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-1064-aws 4.4.0-1064.74 ProcVersionSignature: User Name 4.4.0-1064.74-aws 4.4.140 Uname: Linux 4.4.0-1064-aws x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Mon Aug 13 04:51:09 2018 Ec2AMI: ami-529fb82a Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-west-2b Ec2InstanceType: x1e.xlarge Ec2Kernel: unavailable Ec2Ramdisk: unavailable SourcePackage: linux-aws UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1786729/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp