linux-hardened/fs/ext2
Carsten Otte 0e4a9b5928 ext2/xip: refuse to change xip flag during remount with busy inodes
For a reason that I was unable to understand in three months of debugging,
mount ext2 -o remount stopped working properly when remounting from
regular operation to xip, or the other way around.  According to a git
bisect search, the problem was introduced with the VM_MIXEDMAP/PTE_SPECIAL
rework in the vm:

commit 70688e4dd1
Author: Nick Piggin <npiggin@suse.de>
Date:   Mon Apr 28 02:13:02 2008 -0700

    xip: support non-struct page backed memory

In the failing scenario, the filesystem is mounted read only via root=
kernel parameter on s390x.  During remount (in rc.sysinit), the inodes of
the bash binary and its libraries are busy and cannot be invalidated (the
bash which is running rc.sysinit resides on subject filesystem).
Afterwards, another bash process (running ifup-eth) recurses into a
subshell, runs dup_mm (via fork).  Some of the mappings in this bash
process were created from inodes that could not be invalidated during
remount.

Both parent and child process crash some time later due to inconsistencies
in their address spaces.  The issue seems to be timing sensitive, various
attempts to recreate it have failed.

This patch refuses to change the xip flag during remount in case some
inodes cannot be invalidated.  This patch keeps users from running into
that issue.

[akpm@linux-foundation.org: cleanup]
Signed-off-by: Carsten Otte <cotte@de.ibm.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Jared Hulbert <jaredeh@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-02-11 14:25:36 -08:00
..
acl.c [PATCH] sanitize ->permission() prototype 2008-07-26 20:53:14 -04:00
acl.h [PATCH] sanitize ->permission() prototype 2008-07-26 20:53:14 -04:00
balloc.c CRED: Wrap task credential accesses in the Ext2 filesystem 2008-11-14 10:38:50 +11:00
dir.c ext2: also update the inode on disk when dir is IS_DIRSYNC 2009-01-15 16:39:42 -08:00
ext2.h [PATCH] get rid of on-stack dentry in ext2_get_parent() 2008-10-23 05:13:09 -04:00
file.c generic block based fiemap implementation 2008-10-03 17:32:43 -04:00
fsync.c header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
ialloc.c ext2: tighten restrictions on inode flags 2009-01-08 08:31:00 -08:00
inode.c ext2: fix ext2_splice_branch() comments 2009-01-08 08:31:00 -08:00
ioctl.c ext2: tighten restrictions on inode flags 2009-01-08 08:31:00 -08:00
Kconfig fs/Kconfig: move ext2, ext3, ext4, JBD, JBD2 out 2008-10-20 11:43:59 -07:00
Makefile [PATCH] Make EXT2_DEBUG work again 2006-06-25 10:01:12 -07:00
namei.c nfsd race fixes: ext2 2008-12-31 18:07:43 -05:00
super.c ext2/xip: refuse to change xip flag during remount with busy inodes 2009-02-11 14:25:36 -08:00
symlink.c [PATCH] mark struct inode_operations const 1 2007-02-12 09:48:46 -08:00
xattr.c ext2: use ext2_group_first_block_no() 2008-04-28 08:58:43 -07:00
xattr.h Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
xattr_security.c ext2: remove double definitions of xattr macros 2008-07-25 10:53:31 -07:00
xattr_trusted.c ext2: remove double definitions of xattr macros 2008-07-25 10:53:31 -07:00
xattr_user.c ext2: remove double definitions of xattr macros 2008-07-25 10:53:31 -07:00
xip.c [PATCH] move block_device_operations to blkdev.h 2008-10-21 07:47:20 -04:00
xip.h xip: support non-struct page backed memory 2008-04-28 08:58:23 -07:00