kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #140567
[Bug 1507463] [NEW] OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
Public bug reported:
I am running Ubuntu Trusty (3.13.0-65-generic #106-Ubuntu SMP Fri Oct 2
22:08:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux).
There are two issues in OverlayFS as follows:
1. /proc/<pid>/fdinfo/<fd> reports wrong mnt_id (non-existent in
/proc/<pid>/mountinfo)
2. /proc/<pid>/fd/<fd> shows incorrect path for the symlink target
These issues were previously reported and patched for the Ubuntu Vivid
kernel (3.19) in bug #1479468, but the patch was not applied to the 3.13
kernel, possibly because it contains an older version of overlayfs.
These issues are now adversely affecting some versions of lxc when used
in conjunction with the 3.13 kernel, because lxc has recently been
patched to pass /proc/<pid>/fd/<fd> to the mount syscall. This change
to lxc was made in response to cve-2015-1335; see bug #1476662.
The kernel issues cause some overlayfs-backed containers to fail to
start, with error message,
strace: mount("/home/ubuntu/test.txt", "/proc/self/fd/16",
0x7ffd4c3f7fdb, MS_BIND, NULL) = -1 EACCES (Permission denied)
The mount fails because /proc/self/fd/16, which should point to a file
in overlayfs, has an invalid value.
The following versions of lxc are affected:
repository lxc version impact
--------------------------------------------------------------------------------------------------------------------------------------------------
trusty 1.0.7-0ubuntu0.7 not affectd
ppa:ubuntu-lxc/lxc-git-stable-1.0 1.0.7+stable~20151014-2143-0ubuntu1~trusty affected
ppa:ubuntu-lxc/lxc-git-stable-1.1 1.1.3+stable~20151007-2301-0ubuntu1~trusty affected
ppa:ubuntu-lxc/lxc-git-master 1.1.3+master~20151012-0541-0ubuntu1~trusty affected
To reproduce the lxc failure-to-start issue:
# Install the 3.13 kernel and also an affected version of lxc.
lxc-create -t download -n trusty -- -d ubuntu -r trusty -a amd64;
touch $HOME/test.txt;
echo "lxc.mount.entry = $HOME/test.txt home/ubuntu/test.txt none bind,create=file 0 0" >> $HOME/.local/share/lxc/trusty/config;
lxc-clone -s -B overlayfs trusty trusty_overlay;
lxc-start -n trusty_overlay; # fails to start
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Tags: bot-stop-nagging overlayfs
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1507463
Title:
OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
Status in linux package in Ubuntu:
New
Status in lxc package in Ubuntu:
New
Bug description:
I am running Ubuntu Trusty (3.13.0-65-generic #106-Ubuntu SMP Fri Oct
2 22:08:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux).
There are two issues in OverlayFS as follows:
1. /proc/<pid>/fdinfo/<fd> reports wrong mnt_id (non-existent in
/proc/<pid>/mountinfo)
2. /proc/<pid>/fd/<fd> shows incorrect path for the symlink target
These issues were previously reported and patched for the Ubuntu Vivid
kernel (3.19) in bug #1479468, but the patch was not applied to the
3.13 kernel, possibly because it contains an older version of
overlayfs.
These issues are now adversely affecting some versions of lxc when
used in conjunction with the 3.13 kernel, because lxc has recently
been patched to pass /proc/<pid>/fd/<fd> to the mount syscall. This
change to lxc was made in response to cve-2015-1335; see bug #1476662.
The kernel issues cause some overlayfs-backed containers to fail to
start, with error message,
strace: mount("/home/ubuntu/test.txt", "/proc/self/fd/16",
0x7ffd4c3f7fdb, MS_BIND, NULL) = -1 EACCES (Permission denied)
The mount fails because /proc/self/fd/16, which should point to a file
in overlayfs, has an invalid value.
The following versions of lxc are affected:
repository lxc version impact
--------------------------------------------------------------------------------------------------------------------------------------------------
trusty 1.0.7-0ubuntu0.7 not affectd
ppa:ubuntu-lxc/lxc-git-stable-1.0 1.0.7+stable~20151014-2143-0ubuntu1~trusty affected
ppa:ubuntu-lxc/lxc-git-stable-1.1 1.1.3+stable~20151007-2301-0ubuntu1~trusty affected
ppa:ubuntu-lxc/lxc-git-master 1.1.3+master~20151012-0541-0ubuntu1~trusty affected
To reproduce the lxc failure-to-start issue:
# Install the 3.13 kernel and also an affected version of lxc.
lxc-create -t download -n trusty -- -d ubuntu -r trusty -a amd64;
touch $HOME/test.txt;
echo "lxc.mount.entry = $HOME/test.txt home/ubuntu/test.txt none bind,create=file 0 0" >> $HOME/.local/share/lxc/trusty/config;
lxc-clone -s -B overlayfs trusty trusty_overlay;
lxc-start -n trusty_overlay; # fails to start
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1507463/+subscriptions
Follow ups
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-11-10
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-11-10
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: Stéphane Graber, 2015-11-09
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-28
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-23
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-22
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-22
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-22
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: Joseph Salisbury, 2015-10-21
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-21
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: Chris J Arges, 2015-10-19
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: Chris J Arges, 2015-10-19
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-19
-
[Bug 1507463] lxcsyslog.txt
From: oleg, 2015-10-19
-
[Bug 1507463] lxc.default.txt
From: oleg, 2015-10-19
-
[Bug 1507463] lxc-net.default.txt
From: oleg, 2015-10-19
-
[Bug 1507463] WifiSyslog.txt
From: oleg, 2015-10-19
-
[Bug 1507463] UdevLog.txt
From: oleg, 2015-10-19
-
[Bug 1507463] UdevDb.txt
From: oleg, 2015-10-19
-
[Bug 1507463] RelatedPackageVersions.txt
From: oleg, 2015-10-19
-
[Bug 1507463] ProcModules.txt
From: oleg, 2015-10-19
-
[Bug 1507463] ProcInterrupts.txt
From: oleg, 2015-10-19
-
[Bug 1507463] ProcCpuinfo.txt
From: oleg, 2015-10-19
-
[Bug 1507463] Lspci.txt
From: oleg, 2015-10-19
-
[Bug 1507463] KernLog.txt
From: oleg, 2015-10-19
-
[Bug 1507463] Dependencies.txt
From: oleg, 2015-10-19
-
[Bug 1507463] CurrentDmesg.txt
From: oleg, 2015-10-19
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-19
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-19
-
[Bug 1507463] Missing required logs.
From: Brad Figg, 2015-10-19
-
[Bug 1507463] Re: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13
From: oleg, 2015-10-19