audit: type=1800 audit(1676486027.135:5644): pid=27009 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=14658 res=0
9pnet: Insufficient options for proto=fd
======================================================
WARNING: possible circular locking dependency detected
4.19.211-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.3/27009 is trying to acquire lock:
00000000b8540181 (sb_writers#3){.+.+}, at: sb_start_write include/linux/fs.h:1579 [inline]
00000000b8540181 (sb_writers#3){.+.+}, at: mnt_want_write+0x3a/0xb0 fs/namespace.c:360

but task is already holding lock:
0000000061a6cfb6 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&iint->mutex){+.+.}:
       process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224
       ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
       do_last fs/namei.c:3425 [inline]
       path_openat+0x7e4/0x2df0 fs/namei.c:3537
       do_filp_open+0x18c/0x3f0 fs/namei.c:3567
       do_sys_open+0x3b3/0x520 fs/open.c:1085
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #0 (sb_writers#3){.+.+}:
       percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
       percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
       __sb_start_write+0x6e/0x2a0 fs/super.c:1366
       sb_start_write include/linux/fs.h:1579 [inline]
       mnt_want_write+0x3a/0xb0 fs/namespace.c:360
       ovl_maybe_copy_up+0x11f/0x190 fs/overlayfs/copy_up.c:888
       ovl_open+0xb4/0x260 fs/overlayfs/file.c:126
       do_dentry_open+0x4aa/0x1160 fs/open.c:796
       vfs_open fs/open.c:902 [inline]
       dentry_open+0x132/0x1d0 fs/open.c:918
       ima_calc_file_hash+0x628/0x8a0 security/integrity/ima/ima_crypto.c:435
       ima_collect_measurement+0x4c4/0x570 security/integrity/ima/ima_api.c:231
       process_measurement+0xddd/0x1440 security/integrity/ima/ima_main.c:284
       ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
       do_last fs/namei.c:3425 [inline]
       path_openat+0x7e4/0x2df0 fs/namei.c:3537
       do_filp_open+0x18c/0x3f0 fs/namei.c:3567
       do_sys_open+0x3b3/0x520 fs/open.c:1085
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&iint->mutex);
                               lock(sb_writers#3);
                               lock(&iint->mutex);
  lock(sb_writers#3);

 *** DEADLOCK ***

1 lock held by syz-executor.3/27009:
 #0: 0000000061a6cfb6 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224

stack backtrace:
CPU: 0 PID: 27009 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1222
 check_prev_add kernel/locking/lockdep.c:1866 [inline]
 check_prevs_add kernel/locking/lockdep.c:1979 [inline]
 validate_chain kernel/locking/lockdep.c:2420 [inline]
 __lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3416
 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908
 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
 percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
 __sb_start_write+0x6e/0x2a0 fs/super.c:1366
 sb_start_write include/linux/fs.h:1579 [inline]
 mnt_want_write+0x3a/0xb0 fs/namespace.c:360
 ovl_maybe_copy_up+0x11f/0x190 fs/overlayfs/copy_up.c:888
 ovl_open+0xb4/0x260 fs/overlayfs/file.c:126
 do_dentry_open+0x4aa/0x1160 fs/open.c:796
 vfs_open fs/open.c:902 [inline]
 dentry_open+0x132/0x1d0 fs/open.c:918
 ima_calc_file_hash+0x628/0x8a0 security/integrity/ima/ima_crypto.c:435
 ima_collect_measurement+0x4c4/0x570 security/integrity/ima/ima_api.c:231
 process_measurement+0xddd/0x1440 security/integrity/ima/ima_main.c:284
 ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
 do_last fs/namei.c:3425 [inline]
 path_openat+0x7e4/0x2df0 fs/namei.c:3537
 do_filp_open+0x18c/0x3f0 fs/namei.c:3567
 do_sys_open+0x3b3/0x520 fs/open.c:1085
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f9854b9b0f9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f985310d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007f9854cbaf80 RCX: 00007f9854b9b0f9
RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000020000000
RBP: 00007f9854bf6ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffda3991a7f R14: 00007f985310d300 R15: 0000000000022000
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
audit: type=1804 audit(1676486028.045:5645): pid=27082 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2867019669/syzkaller.1MUT1o/1498/bus" dev="sda1" ino=14083 res=1
overlayfs: failed to resolve './file1': -2
audit: type=1800 audit(1676486028.085:5646): pid=27093 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=14212 res=0
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
audit: type=1800 audit(1676486028.095:5647): pid=27082 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=14083 res=0
audit: type=1804 audit(1676486028.225:5648): pid=27108 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2867019669/syzkaller.1MUT1o/1499/bus" dev="sda1" ino=14147 res=1
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
audit: type=1800 audit(1676486028.235:5649): pid=27108 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=14147 res=0
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000000f09f1fa [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=00000000b82b105c
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=00000000f228d838 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=00000000caacd3aa
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
audit: type=1804 audit(1676486029.075:5650): pid=27160 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2867019669/syzkaller.1MUT1o/1500/bus" dev="sda1" ino=14035 res=1
audit: type=1800 audit(1676486029.105:5651): pid=27160 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=14035 res=0
audit: type=1804 audit(1676486029.105:5652): pid=27159 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2867019669/syzkaller.1MUT1o/1500/bus" dev="sda1" ino=14035 res=1
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000005ab9ed31 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=0000000053dcc124
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=00000000a91663ec [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=00000000d47ef0f7
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000000474da52 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=0000000058e55ff2
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=0000000021e0d201 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=00000000937e6df0
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000000474da52 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=0000000058e55ff2
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=000000000aab9376 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=000000004e30c712
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000000474da52 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=0000000058e55ff2
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=000000003a45191b [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=00000000daa1e48e
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=00000000e117d10c [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=000000002d1649a1
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=00000000bb55693f [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=0000000034c19e98
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=00000000e117d10c [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=000000002d1649a1
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=00000000f3ba86b6 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=00000000f9f0c195
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=000000001d65e7e0 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=00000000cc55edce
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=0000000099ae6deb [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=000000000d551cb0
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
kauditd_printk_skb: 43 callbacks suppressed
audit: type=1804 audit(1676486031.235:5696): pid=27297 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3157658362/syzkaller.z3YL5h/498/bus" dev="sda1" ino=13908 res=1
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
audit: type=1804 audit(1676486031.315:5697): pid=27302 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1560/bus" dev="sda1" ino=14531 res=1
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=00000000ad722643 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=000000007192f81d
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=0000000022a081f7 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=000000009a37291f
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
audit: type=1804 audit(1676486031.315:5698): pid=27305 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir3157658362/syzkaller.z3YL5h/498/bus" dev="sda1" ino=13908 res=1
audit: type=1804 audit(1676486031.365:5699): pid=27314 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1560/bus" dev="sda1" ino=14531 res=1
audit: type=1804 audit(1676486031.515:5700): pid=27321 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1561/bus" dev="sda1" ino=14579 res=1
audit: type=1804 audit(1676486031.545:5701): pid=27318 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3157658362/syzkaller.z3YL5h/499/bus" dev="sda1" ino=14835 res=1
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=00000000ad722643 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=000000007192f81d
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
audit: type=1804 audit(1676486031.565:5702): pid=27327 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1561/bus" dev="sda1" ino=14579 res=1
FS-Cache: N-cookie c=00000000a1138866 [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=000000007708ce0d
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
audit: type=1804 audit(1676486031.615:5703): pid=27322 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir3157658362/syzkaller.z3YL5h/499/bus" dev="sda1" ino=14835 res=1
audit: type=1804 audit(1676486031.665:5704): pid=27330 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1562/bus" dev="sda1" ino=14420 res=1
audit: type=1804 audit(1676486031.765:5705): pid=27336 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1288545137/syzkaller.QuB0xK/1562/bus" dev="sda1" ino=14420 res=1
tmpfs: Bad value 'local:00:96' for mount option 'mpol'
FS-Cache: Duplicate cookie detected
FS-Cache: O-cookie c=00000000854a1b92 [p=0000000038ad4ad0 fl=222 nc=0 na=1]
FS-Cache: O-cookie d=00000000638682f4 n=00000000cd04439c
FS-Cache: O-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'
FS-Cache: N-cookie c=00000000d13f8dec [p=0000000038ad4ad0 fl=2 nc=0 na=1]
FS-Cache: N-cookie d=00000000638682f4 n=000000009d67ba49
FS-Cache: N-key=[30] '98985c9d8901c514ed84eb9404de2875b06ba0518c58c9b6895cb934c008'