[trusty 1/1] aufs: bugfix, stop calling security_mmap_file() again

Andy Whitcroft apw at canonical.com
Tue Sep 23 08:56:02 UTC 2014 

From: "J. R. Okajima" <hooanon05g at gmail.com>

Actually this commit is a revival of
	a1d9363 2012-06-08 aufs: for 3.5-rcN, security_mmap_file()
That commit was reverted after a discussion. For details, see these.
	6608a07 2012-07-29 aufs: aufs_mmap() calls security_mmap_file() directly
	66ecc70 2012-07-24 Revert "aufs: cosmetics for aufs_mmap()"
	7573c5b 2012-07-24 Revert "aufs: for 3.5-rcN, new au_security_file_mmap() 1/2"
	c3a3e02 2012-07-24 Revert "aufs: for 3.5-rcN, call au_security_file_mmap() 2/2"
	ad02614 2012-06-13 aufs: for 3.5-rcN, call au_security_file_mmap() 2/2
	aa29a06 2012-06-13 aufs: for 3.5-rcN, new au_security_file_mmap() 1/2
	b028c62 2012-06-08 aufs: cosmetics for aufs_mmap()

The real problem is reported and I decided to stop calling
security_mmap_file() for the branch-fs file from aufs_mmap() again.

See: http://www.mail-archive.com/aufs-users@lists.sourceforge.net/msg04609.html
Reported-by: Matthew Riley <mdriley at gmail.com>
Signed-off-by: J. R. Okajima <hooanon05g at gmail.com>
BugLink: http://bugs.launchpad.net/bugs/1371316
Signed-off-by: Andy Whitcroft <apw at canonical.com>
---
 ubuntu/aufs/f_op.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/ubuntu/aufs/f_op.c b/ubuntu/aufs/f_op.c
index d281cac..ac0681d 100644
--- a/ubuntu/aufs/f_op.c
+++ b/ubuntu/aufs/f_op.c
@@ -440,6 +440,7 @@ out:
  * The similar scenario is applied to aufs_readlink() too.
  */
 
+#if 0 /* stop calling security_file_mmap() */
 /* cf. linux/include/linux/mman.h: calc_vm_prot_bits() */
 #define AuConv_VM_PROT(f, b)	_calc_vm_trans(f, VM_##b, PROT_##b)
 
@@ -473,6 +474,7 @@ static unsigned long au_flag_conv(unsigned long flags)
 		| AuConv_VM_MAP(flags, DENYWRITE)
 		| AuConv_VM_MAP(flags, LOCKED);
 }
+#endif
 
 static int aufs_mmap(struct file *file, struct vm_area_struct *vma)
 {
@@ -516,8 +518,13 @@ static int aufs_mmap(struct file *file, struct vm_area_struct *vma)
 	lockdep_on();
 
 	au_vm_file_reset(vma, h_file);
-	err = security_mmap_file(h_file, au_prot_conv(vma->vm_flags),
-				 au_flag_conv(vma->vm_flags));
+	/*
+	 * we cannot call security_mmap_file() here since it may acquire
+	 * mmap_sem or i_mutex.
+	 *
+	 * err = security_mmap_file(h_file, au_prot_conv(vma->vm_flags),
+	 *			 au_flag_conv(vma->vm_flags));
+	 */
 	if (!err)
 		err = h_file->f_op->mmap(h_file, vma);
 	if (unlikely(err))
-- 
1.9.1

More information about the kernel-team mailing list