linux/init
Eric W. Biederman f7cfd871ae exec: Transform exec_update_mutex into a rw_semaphore
Recently syzbot reported[0] that there is a deadlock amongst the users
of exec_update_mutex.  The problematic lock ordering found by lockdep
was:

   perf_event_open  (exec_update_mutex -> ovl_i_mutex)
   chown            (ovl_i_mutex       -> sb_writes)
   sendfile         (sb_writes         -> p->lock)
     by reading from a proc file and writing to overlayfs
   proc_pid_syscall (p->lock           -> exec_update_mutex)

While looking at possible solutions it occured to me that all of the
users and possible users involved only wanted to state of the given
process to remain the same.  They are all readers.  The only writer is
exec.

There is no reason for readers to block on each other.  So fix
this deadlock by transforming exec_update_mutex into a rw_semaphore
named exec_update_lock that only exec takes for writing.

Cc: Jann Horn <jannh@google.com>
Cc: Vasiliy Kulikov <segoon@openwall.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Bernd Edlinger <bernd.edlinger@hotmail.de>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Christopher Yeoh <cyeoh@au1.ibm.com>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: Sargun Dhillon <sargun@sargun.me>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Fixes: eea9673250 ("exec: Add exec_update_mutex to replace cred_guard_mutex")
[0] https://lkml.kernel.org/r/00000000000063640c05ade8e3de@google.com
Reported-by: syzbot+db9cdf3dd1f64252c6ef@syzkaller.appspotmail.com
Link: https://lkml.kernel.org/r/87ft4mbqen.fsf@x220.int.ebiederm.org
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
2020-12-10 13:13:32 -06:00
..
calibrate.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
do_mounts_initrd.c Merge branch 'hch.init_path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2020-08-07 09:40:34 -07:00
do_mounts_rd.c init: add an init_unlink helper 2020-07-31 08:17:52 +02:00
do_mounts.c init: add an init_chroot helper 2020-07-31 08:17:52 +02:00
do_mounts.h init: add an init_mknod helper 2020-07-31 08:17:54 +02:00
init_task.c exec: Transform exec_update_mutex into a rw_semaphore 2020-12-10 13:13:32 -06:00
initramfs.c init: fix error check in clean_path() 2020-09-04 09:16:58 -07:00
Kconfig init/Kconfig: Fix CPU number in LOG_CPU_MAX_BUF_SHIFT description 2020-11-03 09:34:40 +01:00
main.c bootconfig: Load size and checksum in the footer as le32 2020-11-30 23:22:11 -05:00
Makefile md: move the early init autodetect code to drivers/md/ 2020-07-16 15:34:47 +02:00
noinitramfs.c init: add an init_mknod helper 2020-07-31 08:17:54 +02:00
version.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00