Re: [RFC 1/1] shiftfs: uid/gid shifting bind mount

From: Serge Hallyn
Date: Mon May 16 2016 - 15:43:44 EST


Hey James,

I probably did something wrong - but i applied your patch onto 4.6,
compiled in shiftfs, did

mount -t shiftfs -o uidmap=0:100000:65536,gidmap=0:100000:65536 /home/ubuntu /mnt

and ls segfaults and gives me kernel syslog msgs like:


[ 1089.744726] ===============================
[ 1089.748851] [ INFO: suspicious RCU usage. ]
[ 1089.752901] 4.6.0-rc5+ #10 Not tainted
[ 1089.756315] -------------------------------
[ 1089.760021] include/linux/rcupdate.h:569 Illegal context switch in RCU read-side critical section!
[ 1089.767348]
other info that might help us debug this:

[ 1089.773401]
rcu_scheduler_active = 1, debug_locks = 0
[ 1089.778417] 1 lock held by ls/3053:
[ 1089.781112] #0: (rcu_read_lock){......}, at: [<ffffffff81270907>] path_init+0x667/0x770
[ 1089.787492]
stack backtrace:
[ 1089.790827] CPU: 0 PID: 3053 Comm: ls Not tainted 4.6.0-rc5+ #10
[ 1089.795304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1089.801376] 0000000000000286 000000005ed87b3e ffff88007a70bb10 ffffffff8145daa3
[ 1089.807098] ffff88007a688000 0000000000000001 ffff88007a70bb40 ffffffff810e7587
[ 1089.812793] 0000000000000000 ffffffff81ca8baf 0000000000000184 ffff88007d08f640
[ 1089.818320] Call Trace:
[ 1089.820205] [<ffffffff8145daa3>] dump_stack+0x85/0xc2
[ 1089.824046] [<ffffffff810e7587>] lockdep_rcu_suspicious+0xd7/0x110
[ 1089.828871] [<ffffffff810baf97>] ___might_sleep+0xa7/0x230
[ 1089.833024] [<ffffffff810bb169>] __might_sleep+0x49/0x80
[ 1089.837118] [<ffffffff81238109>] kmem_cache_alloc+0x1d9/0x2d0
[ 1089.841725] [<ffffffff810b667a>] prepare_creds+0x3a/0x130
[ 1089.845827] [<ffffffff813954a7>] shiftfs_new_creds+0x17/0x120
[ 1089.850170] [<ffffffff81395cb2>] shiftfs_permission+0x42/0xd0
[ 1089.854507] [<ffffffff8126d58b>] __inode_permission+0x6b/0xb0
[ 1089.858925] [<ffffffff8126d5e4>] inode_permission+0x14/0x50
[ 1089.863190] [<ffffffff812710cd>] link_path_walk+0x7d/0x510
[ 1089.867454] [<ffffffff812707cb>] ? path_init+0x52b/0x770
[ 1089.871570] [<ffffffff81270907>] ? path_init+0x667/0x770
[ 1089.875577] [<ffffffff8127165c>] path_lookupat+0x7c/0x110
[ 1089.879830] [<ffffffff812732c1>] filename_lookup+0xb1/0x180
[ 1089.883937] [<ffffffff81272ec6>] ? getname_flags+0x56/0x1f0
[ 1089.888042] [<ffffffff8110a25d>] ? rcu_read_lock_sched_held+0x6d/0x80
[ 1089.892841] [<ffffffff81238193>] ? kmem_cache_alloc+0x263/0x2d0
[ 1089.897282] [<ffffffff81272ee2>] ? getname_flags+0x72/0x1f0
[ 1089.901483] [<ffffffff81273466>] user_path_at_empty+0x36/0x40
[ 1089.905768] [<ffffffff81267166>] vfs_fstatat+0x66/0xc0
[ 1089.909596] [<ffffffff81267761>] SYSC_newlstat+0x31/0x60
[ 1089.913616] [<ffffffff81202d16>] ? __might_fault+0x96/0xa0
[ 1089.917684] [<ffffffff81202ccd>] ? __might_fault+0x4d/0xa0
[ 1089.922750] [<ffffffff810e9879>] ? trace_hardirqs_on_caller+0x129/0x1b0
[ 1089.928605] [<ffffffff8100301b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[ 1089.934347] [<ffffffff8126789e>] SyS_newlstat+0xe/0x10
[ 1089.939193] [<ffffffff81904000>] entry_SYSCALL_64_fastpath+0x23/0xc1
[ 1089.945045] BUG: sleeping function called from invalid context at mm/slab.h:388
[ 1089.951474] in_atomic(): 1, irqs_disabled(): 0, pid: 3053, name: ls
[ 1089.957214] INFO: lockdep is turned off.
[ 1089.961166] CPU: 0 PID: 3053 Comm: ls Not tainted 4.6.0-rc5+ #10
[ 1089.966739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1089.973975] 0000000000000286 000000005ed87b3e ffff88007a70bb40 ffffffff8145daa3
[ 1089.980644] ffff88007a688000 ffffffff81ca8baf ffff88007a70bb68 ffffffff810bb069
[ 1089.987297] ffffffff81ca8baf 0000000000000184 0000000000000000 ffff88007a70bb90
[ 1089.994180] Call Trace:
[ 1089.997097] [<ffffffff8145daa3>] dump_stack+0x85/0xc2
[ 1090.002051] [<ffffffff810bb069>] ___might_sleep+0x179/0x230
[ 1090.007255] [<ffffffff810bb169>] __might_sleep+0x49/0x80
[ 1090.012290] [<ffffffff81238109>] kmem_cache_alloc+0x1d9/0x2d0
[ 1090.017679] [<ffffffff810b667a>] prepare_creds+0x3a/0x130
[ 1090.022736] [<ffffffff813954a7>] shiftfs_new_creds+0x17/0x120
[ 1090.028090] [<ffffffff81395cb2>] shiftfs_permission+0x42/0xd0
[ 1090.033454] [<ffffffff8126d58b>] __inode_permission+0x6b/0xb0
[ 1090.039006] [<ffffffff8126d5e4>] inode_permission+0x14/0x50
[ 1090.044304] [<ffffffff812710cd>] link_path_walk+0x7d/0x510
[ 1090.049593] [<ffffffff812707cb>] ? path_init+0x52b/0x770
[ 1090.054795] [<ffffffff81270907>] ? path_init+0x667/0x770
[ 1090.059950] [<ffffffff8127165c>] path_lookupat+0x7c/0x110
[ 1090.065218] [<ffffffff812732c1>] filename_lookup+0xb1/0x180
[ 1090.070629] [<ffffffff81272ec6>] ? getname_flags+0x56/0x1f0
[ 1090.076265] [<ffffffff8110a25d>] ? rcu_read_lock_sched_held+0x6d/0x80
[ 1090.082559] [<ffffffff81238193>] ? kmem_cache_alloc+0x263/0x2d0
[ 1090.088153] [<ffffffff81272ee2>] ? getname_flags+0x72/0x1f0
[ 1090.093478] [<ffffffff81273466>] user_path_at_empty+0x36/0x40
[ 1090.099164] [<ffffffff81267166>] vfs_fstatat+0x66/0xc0
[ 1090.104236] [<ffffffff81267761>] SYSC_newlstat+0x31/0x60
[ 1090.109449] [<ffffffff81202d16>] ? __might_fault+0x96/0xa0
[ 1090.115506] [<ffffffff81202ccd>] ? __might_fault+0x4d/0xa0
[ 1090.120418] [<ffffffff810e9879>] ? trace_hardirqs_on_caller+0x129/0x1b0
[ 1090.126325] [<ffffffff8100301b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[ 1090.133230] [<ffffffff8126789e>] SyS_newlstat+0xe/0x10
[ 1090.138320] [<ffffffff81904000>] entry_SYSCALL_64_fastpath+0x23/0xc1
[ 1090.146513] ------------[ cut here ]------------
[ 1090.151061] kernel BUG at include/linux/fs.h:2574!
[ 1090.155883] invalid opcode: 0000 [#1] SMP
[ 1090.160131] Modules linked in: binfmt_misc veth ip6t_MASQUERADE nf_nat_masquerade_ipv6 ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6_tables xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter ip_tables x_tables ppdev kvm_intel kvm irqbypass joydev input_leds serio_raw nls_utf8 isofs i2c_piix4 mac_hid parport_pc parport 8250_fintek pvpanic ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr configfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear cirrus ttm drm_kms_helper syscopyarea sysfillrect sysimgblt psmouse
[ 1090.223228] fb_sys_fops drm pata_acpi floppy
[ 1090.226948] CPU: 0 PID: 3053 Comm: ls Not tainted 4.6.0-rc5+ #10
[ 1090.232806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1090.240377] task: ffff88007a688000 ti: ffff88007a708000 task.ti: ffff88007a708000
[ 1090.247359] RIP: 0010:[<ffffffff81263ef5>] [<ffffffff81263ef5>] __fput+0x235/0x240
[ 1090.254759] RSP: 0018:ffff88007a70be70 EFLAGS: 00010246
[ 1090.260430] RAX: 0000000000000000 RBX: ffff880035739a00 RCX: 000000000007937c
[ 1090.267476] RDX: 0000000000000001 RSI: ffff88007fddada0 RDI: 0000000000000000
[ 1090.274538] RBP: ffff88007a70bea8 R08: 0000000000000000 R09: ffff8800367ff270
[ 1090.281637] R10: ffff880079d66c10 R11: ffff880035739a10 R12: 0000000040000010
[ 1090.288731] R13: ffff880079d66c10 R14: ffff88007a1b63a0 R15: ffff880050e6b000
[ 1090.295648] FS: 00007fec3f20c800(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000
[ 1090.303194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1090.308945] CR2: 00007f7fe394c000 CR3: 000000007a72e000 CR4: 00000000000006f0
[ 1090.315954] Stack:
[ 1090.318947] ffff880079d66c10 ffff880035739a10 ffffffff822ebab0 ffff88007a688710
[ 1090.326268] ffff88007a688000 0000000000000000 ffff88007a688000 ffff88007a70beb8
[ 1090.333392] ffffffff81263f3e ffff88007a70bee8 ffffffff810b2153 0000000000000002
[ 1090.340618] Call Trace:
[ 1090.343863] [<ffffffff81263f3e>] ____fput+0xe/0x10
[ 1090.349178] [<ffffffff810b2153>] task_work_run+0x73/0xa0
[ 1090.354941] [<ffffffff810032bc>] exit_to_usermode_loop+0xcc/0xd0
[ 1090.361297] [<ffffffff81003f0c>] syscall_return_slowpath+0xcc/0xe0
[ 1090.367735] [<ffffffff8190409c>] entry_SYSCALL_64_fastpath+0xbf/0xc1
[ 1090.374412] Code: 00 e9 be fe ff ff 48 8b 43 28 48 8b 80 80 00 00 00 48 85 c0 0f 84 bf fe ff ff 31 d2 48 89 de bf ff ff ff ff ff d0 e9 ae fe ff ff <0f> 0b 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 ff 48 87 3d
[ 1090.394163] RIP [<ffffffff81263ef5>] __fput+0x235/0x240
[ 1090.399624] RSP <ffff88007a70be70>
[ 1090.406515] ---[ end trace 909301922855c45e ]---
[ 1121.390946] audit: type=1400 audit(1463427449.647:19): apparmor="STATUS" operation="profile_load" name="lxd-x1_</var/lib/lxd>" pid=3076 comm="apparmor_parser"
[ 1121.427553] lxdbr0: port 1(vethBUS8OC) entered blocking state
[ 1121.432842] lxdbr0: port 1(vethBUS8OC) entered disabled state
[ 1121.439138] device vethBUS8OC entered promiscuous mode
[ 1121.449963] IPv6: ADDRCONF(NETDEV_UP): vethBUS8OC: link is not ready
[ 1121.494963] eth0: renamed from vethVNDWLE
[ 1121.502817] IPv6: ADDRCONF(NETDEV_CHANGE): vethBUS8OC: link becomes ready
[ 1121.512573] lxdbr0: port 1(vethBUS8OC) entered blocking state
[ 1121.518224] lxdbr0: port 1(vethBUS8OC) entered forwarding state
[ 1125.274210] BUG: sleeping function called from invalid context at mm/slab.h:388
[ 1125.280904] in_atomic(): 1, irqs_disabled(): 0, pid: 3760, name: ls
[ 1125.286508] INFO: lockdep is turned off.
[ 1125.290856] CPU: 0 PID: 3760 Comm: ls Tainted: G D 4.6.0-rc5+ #10
[ 1125.298026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1125.305921] 0000000000000286 00000000323611df ffff88003099bb20 ffffffff8145daa3
[ 1125.313356] ffff88002f1fe500 ffffffff81ca8baf ffff88003099bb48 ffffffff810bb069
[ 1125.320806] ffffffff81ca8baf 0000000000000184 0000000000000000 ffff88003099bb70
[ 1125.328228] Call Trace:
[ 1125.331545] [<ffffffff8145daa3>] dump_stack+0x85/0xc2
[ 1125.336984] [<ffffffff810bb069>] ___might_sleep+0x179/0x230
[ 1125.342816] [<ffffffff810bb169>] __might_sleep+0x49/0x80
[ 1125.348595] [<ffffffff81238109>] kmem_cache_alloc+0x1d9/0x2d0
[ 1125.354678] [<ffffffff810b667a>] prepare_creds+0x3a/0x130
[ 1125.360259] [<ffffffff813954a7>] shiftfs_new_creds+0x17/0x120
[ 1125.366258] [<ffffffff81395cb2>] shiftfs_permission+0x42/0xd0
[ 1125.372281] [<ffffffff8126d58b>] __inode_permission+0x6b/0xb0
[ 1125.378283] [<ffffffff8126d5e4>] inode_permission+0x14/0x50
[ 1125.384105] [<ffffffff812710cd>] link_path_walk+0x7d/0x510
[ 1125.389733] [<ffffffff812707cb>] ? path_init+0x52b/0x770
[ 1125.395147] [<ffffffff81270907>] ? path_init+0x667/0x770
[ 1125.400481] [<ffffffff8127165c>] path_lookupat+0x7c/0x110
[ 1125.405974] [<ffffffff812732c1>] filename_lookup+0xb1/0x180
[ 1125.411831] [<ffffffff81238126>] ? kmem_cache_alloc+0x1f6/0x2d0
[ 1125.417833] [<ffffffff81273466>] user_path_at_empty+0x36/0x40
[ 1125.423601] [<ffffffff81267166>] vfs_fstatat+0x66/0xc0
[ 1125.428933] [<ffffffff81267761>] SYSC_newlstat+0x31/0x60
[ 1125.434390] [<ffffffff81003a68>] ? syscall_trace_enter_phase1+0xc8/0x140
[ 1125.441067] [<ffffffff8126789e>] SyS_newlstat+0xe/0x10
[ 1125.446541] [<ffffffff81003f89>] do_syscall_64+0x69/0x160
[ 1125.452315] [<ffffffff819040c3>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1125.791437] ------------[ cut here ]------------
[ 1125.795754] kernel BUG at include/linux/fs.h:2574!
[ 1125.800529] invalid opcode: 0000 [#2] SMP
[ 1125.804923] Modules linked in: binfmt_misc veth ip6t_MASQUERADE nf_nat_masquerade_ipv6 ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6_tables xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter ip_tables x_tables ppdev kvm_intel kvm irqbypass joydev input_leds serio_raw nls_utf8 isofs i2c_piix4 mac_hid parport_pc parport 8250_fintek pvpanic ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr configfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear cirrus ttm drm_kms_helper syscopyarea sysfillrect sysimgblt psmouse
[ 1125.871862] fb_sys_fops drm pata_acpi floppy
[ 1125.875745] CPU: 0 PID: 3760 Comm: ls Tainted: G D 4.6.0-rc5+ #10
[ 1125.882927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1125.890945] task: ffff88002f1fe500 ti: ffff880030998000 task.ti: ffff880030998000
[ 1125.898617] RIP: 0010:[<ffffffff81263ef5>] [<ffffffff81263ef5>] __fput+0x235/0x240
[ 1125.906342] RSP: 0018:ffff88003099be70 EFLAGS: 00010246
[ 1125.912078] RAX: 0000000000000000 RBX: ffff880030846600 RCX: 0000000000085f05
[ 1125.919331] RDX: 0000000000000001 RSI: ffff88007fddada0 RDI: 0000000000000000
[ 1125.926545] RBP: ffff88003099bea8 R08: 0000000000000000 R09: ffff8800770bc2a8
[ 1125.933706] R10: 000000000010000f R11: ffff880030846601 R12: 0000000040000010
[ 1125.940782] R13: ffff880079d66c10 R14: ffff88007990cc60 R15: ffff880050e6b000
[ 1125.947844] FS: 00007f8297abc800(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000
[ 1125.955772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1125.961908] CR2: 000055918a8d9018 CR3: 00000000309a4000 CR4: 00000000000006f0
[ 1125.969232] Stack:
[ 1125.972341] ffff880079d66c10 ffff880030846610 ffffffff822ebab0 ffff88002f1fec10
[ 1125.979890] ffff88002f1fe500 0000000000000000 ffff88002f1fe500 ffff88003099beb8
[ 1125.987279] ffffffff81263f3e ffff88003099bee8 ffffffff810b2153 0000000000000102
[ 1125.994850] Call Trace:
[ 1125.998345] [<ffffffff81263f3e>] ____fput+0xe/0x10
[ 1126.003695] [<ffffffff810b2153>] task_work_run+0x73/0xa0
[ 1126.009377] [<ffffffff810032bc>] exit_to_usermode_loop+0xcc/0xd0
[ 1126.015880] [<ffffffff81004000>] do_syscall_64+0xe0/0x160
[ 1126.021848] [<ffffffff819040c3>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1126.028612] Code: 00 e9 be fe ff ff 48 8b 43 28 48 8b 80 80 00 00 00 48 85 c0 0f 84 bf fe ff ff 31 d2 48 89 de bf ff ff ff ff ff d0 e9 ae fe ff ff <0f> 0b 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 ff 48 87 3d
[ 1126.049139] RIP [<ffffffff81263ef5>] __fput+0x235/0x240
[ 1126.055150] RSP <ffff88003099be70>
[ 1126.059746] ---[ end trace 909301922855c45f ]---
root@shiftfs:~#