Hi Martin, On Mon, Mar 08, 2021 at 07:35:19PM +0000, Martin Kelly wrote: > On Sun, Mar 7, 2021 at 4:34 PM Benjamin Kaduk <mailto:ka...@mit.edu> wrote: > > > I don't use Crowdstrike so haven't seen it, but can you post the > > > backtrace? > > > Based on what I've heard from Mr. Proulx at MIT (and from others off-list), > > I have put in a ticket with Crowdstrike asking if I can share the kernel > > backtrace. I honestly feel like it should be OK but I don't want to risk > > my job over it. > > Hi, > > I’m an engineer at CrowdStrike. There is a known issue in which OpenAFS can > cause the CrowdStrike LSM to crash because current->fs can be set to NULL in > a certain code path in which it should not be NULL because we’re in process > context. I double-checked this on the upstream LSM mailing list after looking > at a stack trace. I had thought that a bug report had gotten back to OpenAFS > but it seems like that didn’t happen; sorry about that! > > Below is the LKML LSM thread regarding this. Please let me know if you have > any other questions: > > https://www.spinics.net/lists/linux-security-module/msg39081.html > https://www.spinics.net/lists/linux-security-module/msg39083.html
Thanks for spotting this thread and the quick follow-up. I suspect that the changes at https://gerrit.openafs.org/#/c/13751/ are going to be relevant in this space, but without seeing the stack trace of the crash in question it's hard to be sure. Can you speak to whether this is touching the "right" part of the code with respect to the crashes you were investigating? Thanks, Ben _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
