[dm-devel] [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[dm-devel] [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Most modern SCSI devices provide VPD page 83 with at least one highly
reliable device identifier, like NAA Registered Extended or EUI-64, or
the ata-id identifier. Other device identifier types have shown to be less
reliable and possibly ambiguous. Ambiguity in particular is a problem with
multipath-tools, which may group unrelated devices together in a multipath
map, causing possible data corruption.

The device identifiers are used in two independent ways by the udev rules:
a) to set ID_SERIAL for subsystems like multipath, and b) to create
/dev/disk/by-id/scsi-... symlinks. Our udev rules have traditionally created
symlinks for every device identifier obtained from either VPD 83 or 80. This
may cause issues, especially on large installments with storage devices that
exhibit the same identifier for many logical units. At the same time, these
symlinks are rarely used.

Avoid using unreliable identifiers for setting ID_SERIAL, and don't create
symlinks for these identifiers. Add a configuration method that allows
users to easily re-enable these methods and symlinks if they need to
(this might be the case on systems with legacy devices that are referenced
in /etc/crypttab, lvm.conf, or the like). This is done by introducing
environment variables .SCSI_ID_SERIAL_SRC and .SCSI_ID_SYMLINK_SRC, to
control use of device identifiers for determining ID_SERIAL and for creating
symlinks, respectively. Both variables can contain the letters "T", "L", "V",
and "S" to enable T10-vendor ID, NAA local ID, vendor-specific ID, and VPD 80
based ID, respectively.

Distributions can change the defaults for these environment variables
to provide backward compatibility for their users, while offering users
an easy way to change the settings.

I'm sending this as RFC, because I expect that not everyone will agree
which identifiers should be enabled by default.


Martin Wilck (3):
  55-scsi-sg3_id.rules: don't set unreliable device ID by default
  58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by
    default
  udev: add 00-scsi-sg3_config.rules for user configuration

 Makefile.am                       |  1 +
 scripts/00-scsi-sg3_config.rules  | 23 ++++++++++++++
 scripts/55-scsi-sg3_id.rules      | 53 ++++++++++++++++++++++++++++---
 scripts/58-scsi-sg3_symlink.rules | 46 +++++++++++++++++++++------
 4 files changed, 109 insertions(+), 14 deletions(-)
 create mode 100644 scripts/00-scsi-sg3_config.rules

-- 
2.39.2

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel

[RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Most modern SCSI devices provide VPD page 83 with at least one highly
reliable device identifier, like NAA Registered Extended or EUI-64, or
the ata-id identifier. Other device identifier types have shown to be less
reliable and possibly ambiguous. Ambiguity in particular is a problem with
multipath-tools, which may group unrelated devices together in a multipath
map, causing possible data corruption.

The device identifiers are used in two independent ways by the udev rules:
a) to set ID_SERIAL for subsystems like multipath, and b) to create
/dev/disk/by-id/scsi-... symlinks. Our udev rules have traditionally created
symlinks for every device identifier obtained from either VPD 83 or 80. This
may cause issues, especially on large installments with storage devices that
exhibit the same identifier for many logical units. At the same time, these
symlinks are rarely used.

Avoid using unreliable identifiers for setting ID_SERIAL, and don't create
symlinks for these identifiers. Add a configuration method that allows
users to easily re-enable these methods and symlinks if they need to
(this might be the case on systems with legacy devices that are referenced
in /etc/crypttab, lvm.conf, or the like). This is done by introducing
environment variables .SCSI_ID_SERIAL_SRC and .SCSI_ID_SYMLINK_SRC, to
control use of device identifiers for determining ID_SERIAL and for creating
symlinks, respectively. Both variables can contain the letters "T", "L", "V",
and "S" to enable T10-vendor ID, NAA local ID, vendor-specific ID, and VPD 80
based ID, respectively.

Distributions can change the defaults for these environment variables
to provide backward compatibility for their users, while offering users
an easy way to change the settings.

I'm sending this as RFC, because I expect that not everyone will agree
which identifiers should be enabled by default.


Martin Wilck (3):
  55-scsi-sg3_id.rules: don't set unreliable device ID by default
  58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by
    default
  udev: add 00-scsi-sg3_config.rules for user configuration

 Makefile.am                       |  1 +
 scripts/00-scsi-sg3_config.rules  | 23 ++++++++++++++
 scripts/55-scsi-sg3_id.rules      | 53 ++++++++++++++++++++++++++++---
 scripts/58-scsi-sg3_symlink.rules | 46 +++++++++++++++++++++------
 4 files changed, 109 insertions(+), 14 deletions(-)
 create mode 100644 scripts/00-scsi-sg3_config.rules

-- 
2.39.2

[dm-devel] [PATCH 1/3] 55-scsi-sg3_id.rules: don't set unreliable device ID by default

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Some of the methods to determine the SCSI device ID are known to be
unreliable and, and possibly cause dm-multipath to falsely detect
a multipath setup and cause data corruption. These methods will
only be used if the known reliable device IDs (like NAA registered)
are unavailable.

Don't apply these methods by default. Make the methods to use configurable
instead. Configuration is done by setting the udev property
".SCSI_ID_SERIAL_SRC" to any combination of the letters T, L, V, S:

  T: T10 vendor ID ("1...")
  L: NAA local ("33...")
  V: vendor-specific ("0...")
  S: vendor/model/serial number ("S...")

The ordering of the letters in .SCSI_ID_SERIAL_SRC doesn't matter,
the precedence is always T, L, V, S.

Regardless of using these properties for ID_SERIAL, we can infer that
if any of these properties is set, it's correct to set ID_BUS="scsi".

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 scripts/55-scsi-sg3_id.rules | 53 +++++++++++++++++++++++++++++++++---
 1 file changed, 49 insertions(+), 4 deletions(-)

diff --git a/scripts/55-scsi-sg3_id.rules b/scripts/55-scsi-sg3_id.rules
index 453210b..33b2ad3 100644
--- a/scripts/55-scsi-sg3_id.rules
+++ b/scripts/55-scsi-sg3_id.rules
@@ -99,11 +99,56 @@ ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_REG}=="?*", ENV{ID_BUS}="scsi", ENV
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_EXT}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_EXT}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_EXT}"
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_EUI64}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="2$env{SCSI_IDENT_LUN_EUI64}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_EUI64}"
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="8$env{SCSI_IDENT_LUN_NAME}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAME}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="1$env{SCSI_IDENT_LUN_T10}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_T10}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_LOCAL}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_LOCAL}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_VENDOR}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_SERIAL}"
 
 # Compat ID_SCSI_SERIAL setting
 ENV{ID_SCSI_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_SCSI_SERIAL}="$env{SCSI_IDENT_SERIAL}"
+
+# Enable or disable possibly ambiguous SCSI device ID sources for setting ID_SERIAL
+#
+# .SCSI_ID_SERIAL_SRC can be any combination of the characters "TLVS":
+#   T: T10 vendor ID ("1...") from VPD 0x83
+#   L: NAA local ("33...") from VPD 0x83
+#   V: vendor-specific ("0...") from VPD 0x83
+#   S: vendor/model/serial number ("S...") from VPD 0x80
+# The ordering of the letters doesn't matter, the precedence is always T, L, V, S
+# NAA (except "local") and EUI-64 IDs (see below), as well as ATA IDs, always take precedence over
+# the sources configured here.
+#
+# This only needs to be changed if there are legacy SCSI devices that don't provide any reliable
+# device identifiers, and some subsystem like multipath requires that ID_SERIAL is set.
+# Be aware that multipath actually needs unique identifiers, though.
+# Using ambiguous identifiers for ID_SERIAL can cause data corruption with multipath.
+#
+# To configure this, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules) e.g. like this:
+# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_ID_SERIAL_SRC}="TLVS"
+#
+# By default, only T10 vendor ID is allowed.
+ENV{.SCSI_ID_SERIAL_SRC}!="?*", ENV{.SCSI_ID_SERIAL_SRC}="T"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*T*", \
+    ENV{ID_SERIAL}="1$env{SCSI_IDENT_LUN_T10}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_T10}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*L*", \
+    ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_LOCAL}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_LOCAL}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*V*", \
+    ENV{ID_SERIAL}="0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_VENDOR}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_SERIAL}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*S*", \
+    ENV{ID_SERIAL}="S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_SERIAL}"
+
 LABEL="sg3_utils_id_end"
+ENV{ID_SERIAL}!="?*", ENV{DEVTYPE}=="disk", \
+    PROGRAM="/bin/logger -t 55-scsi-sg3_id.rules -p daemon.warning \"WARNING: SCSI device %k has no device ID, consider changing .SCSI_ID_SERIAL_SRC in 00-scsi-sg3_config.rules\""
-- 
2.39.2

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel

[PATCH 1/3] 55-scsi-sg3_id.rules: don't set unreliable device ID by default

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Some of the methods to determine the SCSI device ID are known to be
unreliable and, and possibly cause dm-multipath to falsely detect
a multipath setup and cause data corruption. These methods will
only be used if the known reliable device IDs (like NAA registered)
are unavailable.

Don't apply these methods by default. Make the methods to use configurable
instead. Configuration is done by setting the udev property
".SCSI_ID_SERIAL_SRC" to any combination of the letters T, L, V, S:

  T: T10 vendor ID ("1...")
  L: NAA local ("33...")
  V: vendor-specific ("0...")
  S: vendor/model/serial number ("S...")

The ordering of the letters in .SCSI_ID_SERIAL_SRC doesn't matter,
the precedence is always T, L, V, S.

Regardless of using these properties for ID_SERIAL, we can infer that
if any of these properties is set, it's correct to set ID_BUS="scsi".

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 scripts/55-scsi-sg3_id.rules | 53 +++++++++++++++++++++++++++++++++---
 1 file changed, 49 insertions(+), 4 deletions(-)

diff --git a/scripts/55-scsi-sg3_id.rules b/scripts/55-scsi-sg3_id.rules
index 453210b..33b2ad3 100644
--- a/scripts/55-scsi-sg3_id.rules
+++ b/scripts/55-scsi-sg3_id.rules
@@ -99,11 +99,56 @@ ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_REG}=="?*", ENV{ID_BUS}="scsi", ENV
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_EXT}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_EXT}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_EXT}"
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_EUI64}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="2$env{SCSI_IDENT_LUN_EUI64}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_EUI64}"
 ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="8$env{SCSI_IDENT_LUN_NAME}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAME}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="1$env{SCSI_IDENT_LUN_T10}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_T10}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_LOCAL}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_LOCAL}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_VENDOR}"
-ENV{ID_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_BUS}="scsi", ENV{ID_SERIAL}="S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}", ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_SERIAL}"
 
 # Compat ID_SCSI_SERIAL setting
 ENV{ID_SCSI_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_SCSI_SERIAL}="$env{SCSI_IDENT_SERIAL}"
+
+# Enable or disable possibly ambiguous SCSI device ID sources for setting ID_SERIAL
+#
+# .SCSI_ID_SERIAL_SRC can be any combination of the characters "TLVS":
+#   T: T10 vendor ID ("1...") from VPD 0x83
+#   L: NAA local ("33...") from VPD 0x83
+#   V: vendor-specific ("0...") from VPD 0x83
+#   S: vendor/model/serial number ("S...") from VPD 0x80
+# The ordering of the letters doesn't matter, the precedence is always T, L, V, S
+# NAA (except "local") and EUI-64 IDs (see below), as well as ATA IDs, always take precedence over
+# the sources configured here.
+#
+# This only needs to be changed if there are legacy SCSI devices that don't provide any reliable
+# device identifiers, and some subsystem like multipath requires that ID_SERIAL is set.
+# Be aware that multipath actually needs unique identifiers, though.
+# Using ambiguous identifiers for ID_SERIAL can cause data corruption with multipath.
+#
+# To configure this, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules) e.g. like this:
+# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_ID_SERIAL_SRC}="TLVS"
+#
+# By default, only T10 vendor ID is allowed.
+ENV{.SCSI_ID_SERIAL_SRC}!="?*", ENV{.SCSI_ID_SERIAL_SRC}="T"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*T*", \
+    ENV{ID_SERIAL}="1$env{SCSI_IDENT_LUN_T10}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_T10}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*L*", \
+    ENV{ID_SERIAL}="3$env{SCSI_IDENT_LUN_NAA_LOCAL}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_NAA_LOCAL}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*V*", \
+    ENV{ID_SERIAL}="0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_LUN_VENDOR}"
+
+ENV{ID_SERIAL}=="?*", GOTO="sg3_utils_id_end"
+ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_BUS}="scsi"
+ENV{SCSI_IDENT_SERIAL}=="?*", ENV{.SCSI_ID_SERIAL_SRC}=="*S*", \
+    ENV{ID_SERIAL}="S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}", \
+    ENV{ID_SERIAL_SHORT}="$env{SCSI_IDENT_SERIAL}"
+
 LABEL="sg3_utils_id_end"
+ENV{ID_SERIAL}!="?*", ENV{DEVTYPE}=="disk", \
+    PROGRAM="/bin/logger -t 55-scsi-sg3_id.rules -p daemon.warning \"WARNING: SCSI device %k has no device ID, consider changing .SCSI_ID_SERIAL_SRC in 00-scsi-sg3_config.rules\""
-- 
2.39.2

[dm-devel] [PATCH 2/3] 58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by default

[mwilck]

From: Martin Wilck <mwilck@suse.com>

The current code will set device symlinks for every identifier obtained
from VPD pages 0x83 and 0x80. This is seldom useful. Device IDs shouldn't
be used for identifying file systems or high-level objects such as LVs;
it is much more useful to identify these by their respective UUIDs.
Those subsystems that need device IDs, such as LVM, multipath, dm-crypt
etc, just need one identifier. For these use cases, a single symlink
is sufficient, and it should be the most reliable one as selected by
the ID_SERIAL logic in 55-scsi-sg3_id.rules.

On the other hand, especially on large configurations, unreliable and
ambiguous device identifiers can cause trouble when many devices claim
the same symlink. udev's attempts to determine the highest-priority
contender for a given symlink may be very resource-intensive and slow,
especially during boot, when lots of uevents for similar devices have
to be processed in parallel. This can cause udev workers to be killed,
and in the worst case, boot failure.

Avoid these issues by not creating possibly ambiguous /dev/disk/by-id
symlinks any more by default. Users can modify the configuration by
setting the types of symlinks to create in the environment variable
.SCSI_SYMLINK_SRC, which can be a combination of the letters T, L, V, S:

 T: T10 vendor ID ("1...") from VPD 0x83
 L: NAA local ("33...") from VPD 0x83
 V: vendor-specific ("0...") from VPD 0x83
 S: vendor/model/serial number ("S...") from VPD 0x80

In practice, modifying this should only be necessary if legacy devices
that don't provide any reliable identifiers are used as targets for
dm-crypt or LVM.

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 scripts/58-scsi-sg3_symlink.rules | 50 +++++++++++++++++++++++++------
 1 file changed, 41 insertions(+), 9 deletions(-)

diff --git a/scripts/58-scsi-sg3_symlink.rules b/scripts/58-scsi-sg3_symlink.rules
index fe6b000..99fdc23 100644
--- a/scripts/58-scsi-sg3_symlink.rules
+++ b/scripts/58-scsi-sg3_symlink.rules
@@ -5,10 +5,36 @@ ACTION=="remove", GOTO="sg3_utils_symlink_end"
 SUBSYSTEM!="block", GOTO="sg3_utils_symlink_end"
 ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="sg3_utils_symlink_end"
 
-# Select which identifier to use per default
+# Enable or disable possibly ambiguous SCSI device symlinks under /dev/disk/by-id
+#
+# .SCSI_SYMLINK_SRC can be any combination of the letter "TLVS":
+#   T: T10 vendor ID ("1...") from VPD 0x83
+#   L: NAA local ("33...") from VPD 0x83
+#   V: vendor-specific ("0...") from VPD 0x83
+#   S: vendor/model/serial number ("S...") from VPD 0x80
+# Symlinks will be created for every letter included in .SCSI_SYMLINK_SRC.
+# Symlinks for NAA (except "local") and EUI-64 IDs (see below) are always created.
+#
+# NOTE: The default rules in 60-persistent-storage.rules create a symlink
+# "ENV{ID_BUS}-ENV{ID_SERIAL}" symlink anyway, where ID_BUS is "scsi", "ata", "usb", or "cciss".
+# ID_SERIAL is set in 55-scsi-sg3_id.rules from the least ambiguous device identifier.
+# The symlinks created by this file are created *in addition* to the default symlink.
+#
+# This only needs to be changed if some subsystem, like dm-crypt or LVM, depends on the
+# additional symlinks being present for device identification.
+#
+# To configure the behavior, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules)
+# like this:
+# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_SYMLINK_SRC}="TS"
+#
+# By default, no possibly ambiguous additional symlinks will be created.
+ENV{.SCSI_SYMLINK_SRC}!="?*", ENV{.SCSI_SYMLINK_SRC}=""
+
 # 0: vpd page 0x80 identifier
-ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}"
-ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}"
+ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}-part%n"
 # NAA identifier (prefix 3)
 # 1: IEEE Registered Extended first
 ENV{SCSI_IDENT_LUN_NAA_REGEXT}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_REGEXT}"
@@ -26,13 +52,19 @@ ENV{SCSI_IDENT_LUN_EUI64}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id
 ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-8$env{SCSI_IDENT_LUN_NAME}"
 ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-8$env{SCSI_IDENT_LUN_NAME}-part%n"
 # 6: T10 Vendor identifier (prefix 1)
-ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}"
-ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*T*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}"
+ENV{.SCSI_SYMLINK_SRC}=="*T*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}-part%n"
 # 7: IEEE Locally assigned
-ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}"
-ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*L*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}"
+ENV{.SCSI_SYMLINK_SRC}=="*L*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}-part%n"
 # 8: Vendor-specific identifier (prefix 0)
-ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}"
-ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*V*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}"
+ENV{.SCSI_SYMLINK_SRC}=="*V*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}-part%n"
 
 LABEL="sg3_utils_symlink_end"
-- 
2.39.2

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel

[PATCH 2/3] 58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by default

[mwilck]

From: Martin Wilck <mwilck@suse.com>

The current code will set device symlinks for every identifier obtained
from VPD pages 0x83 and 0x80. This is seldom useful. Device IDs shouldn't
be used for identifying file systems or high-level objects such as LVs;
it is much more useful to identify these by their respective UUIDs.
Those subsystems that need device IDs, such as LVM, multipath, dm-crypt
etc, just need one identifier. For these use cases, a single symlink
is sufficient, and it should be the most reliable one as selected by
the ID_SERIAL logic in 55-scsi-sg3_id.rules.

On the other hand, especially on large configurations, unreliable and
ambiguous device identifiers can cause trouble when many devices claim
the same symlink. udev's attempts to determine the highest-priority
contender for a given symlink may be very resource-intensive and slow,
especially during boot, when lots of uevents for similar devices have
to be processed in parallel. This can cause udev workers to be killed,
and in the worst case, boot failure.

Avoid these issues by not creating possibly ambiguous /dev/disk/by-id
symlinks any more by default. Users can modify the configuration by
setting the types of symlinks to create in the environment variable
.SCSI_SYMLINK_SRC, which can be a combination of the letters T, L, V, S:

 T: T10 vendor ID ("1...") from VPD 0x83
 L: NAA local ("33...") from VPD 0x83
 V: vendor-specific ("0...") from VPD 0x83
 S: vendor/model/serial number ("S...") from VPD 0x80

In practice, modifying this should only be necessary if legacy devices
that don't provide any reliable identifiers are used as targets for
dm-crypt or LVM.

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 scripts/58-scsi-sg3_symlink.rules | 50 +++++++++++++++++++++++++------
 1 file changed, 41 insertions(+), 9 deletions(-)

diff --git a/scripts/58-scsi-sg3_symlink.rules b/scripts/58-scsi-sg3_symlink.rules
index fe6b000..99fdc23 100644
--- a/scripts/58-scsi-sg3_symlink.rules
+++ b/scripts/58-scsi-sg3_symlink.rules
@@ -5,10 +5,36 @@ ACTION=="remove", GOTO="sg3_utils_symlink_end"
 SUBSYSTEM!="block", GOTO="sg3_utils_symlink_end"
 ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="sg3_utils_symlink_end"
 
-# Select which identifier to use per default
+# Enable or disable possibly ambiguous SCSI device symlinks under /dev/disk/by-id
+#
+# .SCSI_SYMLINK_SRC can be any combination of the letter "TLVS":
+#   T: T10 vendor ID ("1...") from VPD 0x83
+#   L: NAA local ("33...") from VPD 0x83
+#   V: vendor-specific ("0...") from VPD 0x83
+#   S: vendor/model/serial number ("S...") from VPD 0x80
+# Symlinks will be created for every letter included in .SCSI_SYMLINK_SRC.
+# Symlinks for NAA (except "local") and EUI-64 IDs (see below) are always created.
+#
+# NOTE: The default rules in 60-persistent-storage.rules create a symlink
+# "ENV{ID_BUS}-ENV{ID_SERIAL}" symlink anyway, where ID_BUS is "scsi", "ata", "usb", or "cciss".
+# ID_SERIAL is set in 55-scsi-sg3_id.rules from the least ambiguous device identifier.
+# The symlinks created by this file are created *in addition* to the default symlink.
+#
+# This only needs to be changed if some subsystem, like dm-crypt or LVM, depends on the
+# additional symlinks being present for device identification.
+#
+# To configure the behavior, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules)
+# like this:
+# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_SYMLINK_SRC}="TS"
+#
+# By default, no possibly ambiguous additional symlinks will be created.
+ENV{.SCSI_SYMLINK_SRC}!="?*", ENV{.SCSI_SYMLINK_SRC}=""
+
 # 0: vpd page 0x80 identifier
-ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}"
-ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}"
+ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-S$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_SERIAL}-part%n"
 # NAA identifier (prefix 3)
 # 1: IEEE Registered Extended first
 ENV{SCSI_IDENT_LUN_NAA_REGEXT}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_REGEXT}"
@@ -26,13 +52,19 @@ ENV{SCSI_IDENT_LUN_EUI64}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id
 ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-8$env{SCSI_IDENT_LUN_NAME}"
 ENV{SCSI_IDENT_LUN_NAME}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-8$env{SCSI_IDENT_LUN_NAME}-part%n"
 # 6: T10 Vendor identifier (prefix 1)
-ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}"
-ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*T*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}"
+ENV{.SCSI_SYMLINK_SRC}=="*T*", ENV{SCSI_IDENT_LUN_T10}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-1$env{SCSI_IDENT_LUN_T10}-part%n"
 # 7: IEEE Locally assigned
-ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}"
-ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*L*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}"
+ENV{.SCSI_SYMLINK_SRC}=="*L*", ENV{SCSI_IDENT_LUN_NAA_LOCAL}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-3$env{SCSI_IDENT_LUN_NAA_LOCAL}-part%n"
 # 8: Vendor-specific identifier (prefix 0)
-ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}"
-ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}-part%n"
+ENV{.SCSI_SYMLINK_SRC}=="*V*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="disk", \
+    SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}"
+ENV{.SCSI_SYMLINK_SRC}=="*V*", ENV{SCSI_IDENT_LUN_VENDOR}=="?*", ENV{DEVTYPE}=="partition", \
+    SYMLINK+="disk/by-id/scsi-0$env{SCSI_VENDOR}_$env{SCSI_MODEL}_$env{SCSI_IDENT_LUN_VENDOR}-part%n"
 
 LABEL="sg3_utils_symlink_end"
-- 
2.39.2

[dm-devel] [PATCH 3/3] udev: add 00-scsi-sg3_config.rules for user configuration

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Add a dedicated early rules file to simplify configuring the behavior
of the SCSI udev rules shipped with sg3_utils.

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 Makefile.am                       |  1 +
 scripts/00-scsi-sg3_config.rules  | 23 +++++++++++++++++++++++
 scripts/55-scsi-sg3_id.rules      |  6 ++----
 scripts/58-scsi-sg3_symlink.rules |  6 +-----
 4 files changed, 27 insertions(+), 9 deletions(-)
 create mode 100644 scripts/00-scsi-sg3_config.rules

diff --git a/Makefile.am b/Makefile.am
index 240acbe..ce7ee71 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -123,6 +123,7 @@ EXTRA_DIST += \
 	inhex/z_act_query.hex
 
 EXTRA_DIST += \
+	scripts/00-scsi-sg3_config.rules \
 	scripts/40-usb-blacklist.rules \
 	scripts/54-before-scsi-sg3_id.rules \
 	scripts/55-scsi-sg3_id.rules \
diff --git a/scripts/00-scsi-sg3_config.rules b/scripts/00-scsi-sg3_config.rules
new file mode 100644
index 0000000..43d6f16
--- /dev/null
+++ b/scripts/00-scsi-sg3_config.rules
@@ -0,0 +1,23 @@
+# Configuration for SCSI device identification
+
+# To apply changes, copy this file to /etc/udev/rules.d and edit to suit your needs.
+# DO NOT EDIT THIS FILE IN PLACE!
+
+ACTION!="add|change", GOTO="scsi_identify_end"
+SUBSYSTEMS=="scsi", GOTO="scsi_identify"
+GOTO="scsi_identify_end"
+LABEL="scsi_identify"
+
+# Set ID_SCSI_INQUIRY to 0 to force running "sg_inq" for obtaining device IDs
+# from SCSI VPDs, rather than looking them up in sysfs (not recommended).
+ENV{ID_SCSI_INQUIRY}=""
+
+# Set enabled unreliable sources for setting the ID_SERIAL property.
+# See 55-scsi-sg3_id.rules for detailed documentation.
+ENV{.SCSI_ID_SERIAL_SRC}="T"
+
+# Set enabled unreliable sources for creating additional /dev/disk/by-id/scsi* symlinks.
+# See 58-scsi-sg3_symlink.rules for detailed documentation.
+ENV{.SCSI_SYMLINK_SRC}=""
+
+LABEL="scsi_identify_end"
diff --git a/scripts/55-scsi-sg3_id.rules b/scripts/55-scsi-sg3_id.rules
index 33b2ad3..5e9732d 100644
--- a/scripts/55-scsi-sg3_id.rules
+++ b/scripts/55-scsi-sg3_id.rules
@@ -36,7 +36,7 @@ KERNEL!="sd*[!0-9]|sr*", GOTO="sg3_utils_id_end"
 # have scanned for VPD pages, so if the vpd page attribute is not
 # present it is not supported (or deemed unsafe to access).
 # Hence we can skip the call to sg_inq and avoid I/O altogether.
-# Set 'ID_SCSI_INQUIRY=0' in an earlier udev rule if the kernel
+# Set ENV{ID_SCSI_INQUIRY}="0" in 00-scsi-sg3_config.rules if the kernel
 # fails to scan VPD pages correctly; the rules will then fall
 # back to calling sg_vpd directly.
 LABEL="scsi_inquiry"
@@ -119,9 +119,7 @@ ENV{ID_SCSI_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_SCSI_SERIAL}="$e
 # Be aware that multipath actually needs unique identifiers, though.
 # Using ambiguous identifiers for ID_SERIAL can cause data corruption with multipath.
 #
-# To configure this, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules) e.g. like this:
-# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_ID_SERIAL_SRC}="TLVS"
-#
+# To configure the behavior, set ENV{.SCSI_ID_SERIAL_SRC} in 00-scsi-sg3_config.rules.
 # By default, only T10 vendor ID is allowed.
 ENV{.SCSI_ID_SERIAL_SRC}!="?*", ENV{.SCSI_ID_SERIAL_SRC}="T"
 
diff --git a/scripts/58-scsi-sg3_symlink.rules b/scripts/58-scsi-sg3_symlink.rules
index 99fdc23..dfe8f77 100644
--- a/scripts/58-scsi-sg3_symlink.rules
+++ b/scripts/58-scsi-sg3_symlink.rules
@@ -23,12 +23,8 @@ ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="sg3_utils_symlink_en
 # This only needs to be changed if some subsystem, like dm-crypt or LVM, depends on the
 # additional symlinks being present for device identification.
 #
-# To configure the behavior, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules)
-# like this:
-# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_SYMLINK_SRC}="TS"
-#
+# To configure the behavior, set ENV{.SCSI_SYMLINK_SRC} in 00-scsi-sg3_config.rules.
 # By default, no possibly ambiguous additional symlinks will be created.
-ENV{.SCSI_SYMLINK_SRC}!="?*", ENV{.SCSI_SYMLINK_SRC}=""
 
 # 0: vpd page 0x80 identifier
 ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", \
-- 
2.39.2

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel

[PATCH 3/3] udev: add 00-scsi-sg3_config.rules for user configuration

[mwilck]

From: Martin Wilck <mwilck@suse.com>

Add a dedicated early rules file to simplify configuring the behavior
of the SCSI udev rules shipped with sg3_utils.

Signed-off-by: Martin Wilck <mwilck@suse.com>
---
 Makefile.am                       |  1 +
 scripts/00-scsi-sg3_config.rules  | 23 +++++++++++++++++++++++
 scripts/55-scsi-sg3_id.rules      |  6 ++----
 scripts/58-scsi-sg3_symlink.rules |  6 +-----
 4 files changed, 27 insertions(+), 9 deletions(-)
 create mode 100644 scripts/00-scsi-sg3_config.rules

diff --git a/Makefile.am b/Makefile.am
index 240acbe..ce7ee71 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -123,6 +123,7 @@ EXTRA_DIST += \
 	inhex/z_act_query.hex
 
 EXTRA_DIST += \
+	scripts/00-scsi-sg3_config.rules \
 	scripts/40-usb-blacklist.rules \
 	scripts/54-before-scsi-sg3_id.rules \
 	scripts/55-scsi-sg3_id.rules \
diff --git a/scripts/00-scsi-sg3_config.rules b/scripts/00-scsi-sg3_config.rules
new file mode 100644
index 0000000..43d6f16
--- /dev/null
+++ b/scripts/00-scsi-sg3_config.rules
@@ -0,0 +1,23 @@
+# Configuration for SCSI device identification
+
+# To apply changes, copy this file to /etc/udev/rules.d and edit to suit your needs.
+# DO NOT EDIT THIS FILE IN PLACE!
+
+ACTION!="add|change", GOTO="scsi_identify_end"
+SUBSYSTEMS=="scsi", GOTO="scsi_identify"
+GOTO="scsi_identify_end"
+LABEL="scsi_identify"
+
+# Set ID_SCSI_INQUIRY to 0 to force running "sg_inq" for obtaining device IDs
+# from SCSI VPDs, rather than looking them up in sysfs (not recommended).
+ENV{ID_SCSI_INQUIRY}=""
+
+# Set enabled unreliable sources for setting the ID_SERIAL property.
+# See 55-scsi-sg3_id.rules for detailed documentation.
+ENV{.SCSI_ID_SERIAL_SRC}="T"
+
+# Set enabled unreliable sources for creating additional /dev/disk/by-id/scsi* symlinks.
+# See 58-scsi-sg3_symlink.rules for detailed documentation.
+ENV{.SCSI_SYMLINK_SRC}=""
+
+LABEL="scsi_identify_end"
diff --git a/scripts/55-scsi-sg3_id.rules b/scripts/55-scsi-sg3_id.rules
index 33b2ad3..5e9732d 100644
--- a/scripts/55-scsi-sg3_id.rules
+++ b/scripts/55-scsi-sg3_id.rules
@@ -36,7 +36,7 @@ KERNEL!="sd*[!0-9]|sr*", GOTO="sg3_utils_id_end"
 # have scanned for VPD pages, so if the vpd page attribute is not
 # present it is not supported (or deemed unsafe to access).
 # Hence we can skip the call to sg_inq and avoid I/O altogether.
-# Set 'ID_SCSI_INQUIRY=0' in an earlier udev rule if the kernel
+# Set ENV{ID_SCSI_INQUIRY}="0" in 00-scsi-sg3_config.rules if the kernel
 # fails to scan VPD pages correctly; the rules will then fall
 # back to calling sg_vpd directly.
 LABEL="scsi_inquiry"
@@ -119,9 +119,7 @@ ENV{ID_SCSI_SERIAL}!="?*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{ID_SCSI_SERIAL}="$e
 # Be aware that multipath actually needs unique identifiers, though.
 # Using ambiguous identifiers for ID_SERIAL can cause data corruption with multipath.
 #
-# To configure this, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules) e.g. like this:
-# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_ID_SERIAL_SRC}="TLVS"
-#
+# To configure the behavior, set ENV{.SCSI_ID_SERIAL_SRC} in 00-scsi-sg3_config.rules.
 # By default, only T10 vendor ID is allowed.
 ENV{.SCSI_ID_SERIAL_SRC}!="?*", ENV{.SCSI_ID_SERIAL_SRC}="T"
 
diff --git a/scripts/58-scsi-sg3_symlink.rules b/scripts/58-scsi-sg3_symlink.rules
index 99fdc23..dfe8f77 100644
--- a/scripts/58-scsi-sg3_symlink.rules
+++ b/scripts/58-scsi-sg3_symlink.rules
@@ -23,12 +23,8 @@ ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="sg3_utils_symlink_en
 # This only needs to be changed if some subsystem, like dm-crypt or LVM, depends on the
 # additional symlinks being present for device identification.
 #
-# To configure the behavior, add an early rule (e.g. /etc/udev/rules.d/00-scsi-serial.rules)
-# like this:
-# ACTION!="remove", KERNEL=="sd*|sr*|st*|nst*|cciss*", ENV{.SCSI_SYMLINK_SRC}="TS"
-#
+# To configure the behavior, set ENV{.SCSI_SYMLINK_SRC} in 00-scsi-sg3_config.rules.
 # By default, no possibly ambiguous additional symlinks will be created.
-ENV{.SCSI_SYMLINK_SRC}!="?*", ENV{.SCSI_SYMLINK_SRC}=""
 
 # 0: vpd page 0x80 identifier
 ENV{.SCSI_SYMLINK_SRC}=="*S*", ENV{SCSI_IDENT_SERIAL}=="?*", ENV{DEVTYPE}=="disk", \
-- 
2.39.2

Re: [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[Douglas Gilbert]

On 2023-03-27 09:24, mwilck@suse.com wrote:
> From: Martin Wilck <mwilck@suse.com>
> 
> Most modern SCSI devices provide VPD page 83 with at least one highly
> reliable device identifier, like NAA Registered Extended or EUI-64, or
> the ata-id identifier. Other device identifier types have shown to be less
> reliable and possibly ambiguous. Ambiguity in particular is a problem with
> multipath-tools, which may group unrelated devices together in a multipath
> map, causing possible data corruption.
> 
> The device identifiers are used in two independent ways by the udev rules:
> a) to set ID_SERIAL for subsystems like multipath, and b) to create
> /dev/disk/by-id/scsi-... symlinks. Our udev rules have traditionally created
> symlinks for every device identifier obtained from either VPD 83 or 80. This
> may cause issues, especially on large installments with storage devices that
> exhibit the same identifier for many logical units. At the same time, these
> symlinks are rarely used.
> 
> Avoid using unreliable identifiers for setting ID_SERIAL, and don't create
> symlinks for these identifiers. Add a configuration method that allows
> users to easily re-enable these methods and symlinks if they need to
> (this might be the case on systems with legacy devices that are referenced
> in /etc/crypttab, lvm.conf, or the like). This is done by introducing
> environment variables .SCSI_ID_SERIAL_SRC and .SCSI_ID_SYMLINK_SRC, to
> control use of device identifiers for determining ID_SERIAL and for creating
> symlinks, respectively. Both variables can contain the letters "T", "L", "V",
> and "S" to enable T10-vendor ID, NAA local ID, vendor-specific ID, and VPD 80
> based ID, respectively.
> 
> Distributions can change the defaults for these environment variables
> to provide backward compatibility for their users, while offering users
> an easy way to change the settings.
> 
> I'm sending this as RFC, because I expect that not everyone will agree
> which identifiers should be enabled by default.

Lets see if anything happens. Applied as sg3_utils revision 1019 and
pushed to https://github.com/doug-gilbert/sg3_utils .

Didn't see any effect on an Ubuntu 22.10 when sg3_utils deb package
built and installed. No sign of 00-scsi-sg3_config.rules being placed
anywhere by Ubuntu. Does Suse install those rules?

Doug Gilbert

> Martin Wilck (3):
>    55-scsi-sg3_id.rules: don't set unreliable device ID by default
>    58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by
>      default
>    udev: add 00-scsi-sg3_config.rules for user configuration
> 
>   Makefile.am                       |  1 +
>   scripts/00-scsi-sg3_config.rules  | 23 ++++++++++++++
>   scripts/55-scsi-sg3_id.rules      | 53 ++++++++++++++++++++++++++++---
>   scripts/58-scsi-sg3_symlink.rules | 46 +++++++++++++++++++++------
>   4 files changed, 109 insertions(+), 14 deletions(-)
>   create mode 100644 scripts/00-scsi-sg3_config.rules
> 

Re: [dm-devel] [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[Douglas Gilbert]

On 2023-03-27 09:24, mwilck@suse.com wrote:
> From: Martin Wilck <mwilck@suse.com>
> 
> Most modern SCSI devices provide VPD page 83 with at least one highly
> reliable device identifier, like NAA Registered Extended or EUI-64, or
> the ata-id identifier. Other device identifier types have shown to be less
> reliable and possibly ambiguous. Ambiguity in particular is a problem with
> multipath-tools, which may group unrelated devices together in a multipath
> map, causing possible data corruption.
> 
> The device identifiers are used in two independent ways by the udev rules:
> a) to set ID_SERIAL for subsystems like multipath, and b) to create
> /dev/disk/by-id/scsi-... symlinks. Our udev rules have traditionally created
> symlinks for every device identifier obtained from either VPD 83 or 80. This
> may cause issues, especially on large installments with storage devices that
> exhibit the same identifier for many logical units. At the same time, these
> symlinks are rarely used.
> 
> Avoid using unreliable identifiers for setting ID_SERIAL, and don't create
> symlinks for these identifiers. Add a configuration method that allows
> users to easily re-enable these methods and symlinks if they need to
> (this might be the case on systems with legacy devices that are referenced
> in /etc/crypttab, lvm.conf, or the like). This is done by introducing
> environment variables .SCSI_ID_SERIAL_SRC and .SCSI_ID_SYMLINK_SRC, to
> control use of device identifiers for determining ID_SERIAL and for creating
> symlinks, respectively. Both variables can contain the letters "T", "L", "V",
> and "S" to enable T10-vendor ID, NAA local ID, vendor-specific ID, and VPD 80
> based ID, respectively.
> 
> Distributions can change the defaults for these environment variables
> to provide backward compatibility for their users, while offering users
> an easy way to change the settings.
> 
> I'm sending this as RFC, because I expect that not everyone will agree
> which identifiers should be enabled by default.

Lets see if anything happens. Applied as sg3_utils revision 1019 and
pushed to https://github.com/doug-gilbert/sg3_utils .

Didn't see any effect on an Ubuntu 22.10 when sg3_utils deb package
built and installed. No sign of 00-scsi-sg3_config.rules being placed
anywhere by Ubuntu. Does Suse install those rules?

Doug Gilbert

> Martin Wilck (3):
>    55-scsi-sg3_id.rules: don't set unreliable device ID by default
>    58-scsi-sg3_symlink.rules: don't create extra by-id symlinks by
>      default
>    udev: add 00-scsi-sg3_config.rules for user configuration
> 
>   Makefile.am                       |  1 +
>   scripts/00-scsi-sg3_config.rules  | 23 ++++++++++++++
>   scripts/55-scsi-sg3_id.rules      | 53 ++++++++++++++++++++++++++++---
>   scripts/58-scsi-sg3_symlink.rules | 46 +++++++++++++++++++++------
>   4 files changed, 109 insertions(+), 14 deletions(-)
>   create mode 100644 scripts/00-scsi-sg3_config.rules
> 

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel

Re: [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[Martin Wilck]

On Mon, 2023-03-27 at 19:58 -0400, Douglas Gilbert wrote:
> 
> Lets see if anything happens. Applied as sg3_utils revision 1019 and
> pushed to https://github.com/doug-gilbert/sg3_utils .
> 
> Didn't see any effect on an Ubuntu 22.10 when sg3_utils deb package
> built and installed. No sign of 00-scsi-sg3_config.rules being placed
> anywhere by Ubuntu. Does Suse install those rules?

No, not yet. That's why I sent these patches, I intend to get rid of
the legacy symlinks on openSUSE with upstream's blessing.

Regards,
Martin

Re: [dm-devel] [RFC PATCH 0/3] sg3_utils: udev rules: restrict use of ambiguous device IDs

[Martin Wilck]

On Mon, 2023-03-27 at 19:58 -0400, Douglas Gilbert wrote:
> 
> Lets see if anything happens. Applied as sg3_utils revision 1019 and
> pushed to https://github.com/doug-gilbert/sg3_utils .
> 
> Didn't see any effect on an Ubuntu 22.10 when sg3_utils deb package
> built and installed. No sign of 00-scsi-sg3_config.rules being placed
> anywhere by Ubuntu. Does Suse install those rules?

No, not yet. That's why I sent these patches, I intend to get rid of
the legacy symlinks on openSUSE with upstream's blessing.

Regards,
Martin


--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel