* [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features
@ 2016-03-29 19:28 Eric Sandeen
2016-03-29 20:40 ` Bill O'Donnell
2016-03-30 0:16 ` Dave Chinner
0 siblings, 2 replies; 4+ messages in thread
From: Eric Sandeen @ 2016-03-29 19:28 UTC (permalink / raw)
To: xfs-oss
Today, a kernel which refuses to mount a filesystem read-write
due to unknown ro-compat features can still transition to read-write
via the remount path. The old kernel is most likely none the wiser,
because it's unaware of the new feature, and isn't using it. However,
writing to the filesystem may well corrupt metadata related to that
new feature, and moving to a newer kernel which understand the feature
will have problems.
Right now the only ro-compat feature we have is the free inode btree,
which showed up in v3.16. It would be good to push this back to
all the active stable kernels, I think, so that if anyone is using
newer mkfs (which enables the finobt feature) with older kernel
releases, they'll be protected.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: stable@vger.kernel.org
---
diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c
index d760934..ca058a1 100644
--- a/fs/xfs/xfs_super.c
+++ b/fs/xfs/xfs_super.c
@@ -1276,6 +1276,16 @@ xfs_fs_remount(
return -EINVAL;
}
+ if (XFS_SB_VERSION_NUM(sbp) == XFS_SB_VERSION_5 &&
+ xfs_sb_has_ro_compat_feature(sbp,
+ XFS_SB_FEAT_RO_COMPAT_UNKNOWN)) {
+ xfs_warn(mp,
+"ro->rw transition prohibited on unknown (0x%x) ro-compat filesystem",
+ (sbp->sb_features_ro_compat &
+ XFS_SB_FEAT_RO_COMPAT_UNKNOWN));
+ return -EINVAL;
+ }
+
mp->m_flags &= ~XFS_MOUNT_RDONLY;
/*
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features
2016-03-29 19:28 [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features Eric Sandeen
@ 2016-03-29 20:40 ` Bill O'Donnell
2016-03-30 0:16 ` Dave Chinner
1 sibling, 0 replies; 4+ messages in thread
From: Bill O'Donnell @ 2016-03-29 20:40 UTC (permalink / raw)
To: Eric Sandeen; +Cc: xfs-oss
On Tue, Mar 29, 2016 at 02:28:28PM -0500, Eric Sandeen wrote:
> Today, a kernel which refuses to mount a filesystem read-write
> due to unknown ro-compat features can still transition to read-write
> via the remount path. The old kernel is most likely none the wiser,
> because it's unaware of the new feature, and isn't using it. However,
> writing to the filesystem may well corrupt metadata related to that
> new feature, and moving to a newer kernel which understand the feature
> will have problems.
>
> Right now the only ro-compat feature we have is the free inode btree,
> which showed up in v3.16. It would be good to push this back to
> all the active stable kernels, I think, so that if anyone is using
> newer mkfs (which enables the finobt feature) with older kernel
> releases, they'll be protected.
>
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> Cc: stable@vger.kernel.org
> ---
Reviewed-by: Bill O'Donnell <billodo@redhat.com>
>
> diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c
> index d760934..ca058a1 100644
> --- a/fs/xfs/xfs_super.c
> +++ b/fs/xfs/xfs_super.c
> @@ -1276,6 +1276,16 @@ xfs_fs_remount(
> return -EINVAL;
> }
>
> + if (XFS_SB_VERSION_NUM(sbp) == XFS_SB_VERSION_5 &&
> + xfs_sb_has_ro_compat_feature(sbp,
> + XFS_SB_FEAT_RO_COMPAT_UNKNOWN)) {
> + xfs_warn(mp,
> +"ro->rw transition prohibited on unknown (0x%x) ro-compat filesystem",
> + (sbp->sb_features_ro_compat &
> + XFS_SB_FEAT_RO_COMPAT_UNKNOWN));
> + return -EINVAL;
> + }
> +
> mp->m_flags &= ~XFS_MOUNT_RDONLY;
>
> /*
>
> _______________________________________________
> xfs mailing list
> xfs@oss.sgi.com
> http://oss.sgi.com/mailman/listinfo/xfs
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features
2016-03-29 19:28 [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features Eric Sandeen
2016-03-29 20:40 ` Bill O'Donnell
@ 2016-03-30 0:16 ` Dave Chinner
2016-03-30 0:27 ` Eric Sandeen
1 sibling, 1 reply; 4+ messages in thread
From: Dave Chinner @ 2016-03-30 0:16 UTC (permalink / raw)
To: Eric Sandeen; +Cc: xfs-oss
On Tue, Mar 29, 2016 at 02:28:28PM -0500, Eric Sandeen wrote:
> Today, a kernel which refuses to mount a filesystem read-write
> due to unknown ro-compat features can still transition to read-write
> via the remount path. The old kernel is most likely none the wiser,
> because it's unaware of the new feature, and isn't using it. However,
> writing to the filesystem may well corrupt metadata related to that
> new feature, and moving to a newer kernel which understand the feature
> will have problems.
>
> Right now the only ro-compat feature we have is the free inode btree,
> which showed up in v3.16. It would be good to push this back to
> all the active stable kernels, I think, so that if anyone is using
> newer mkfs (which enables the finobt feature) with older kernel
> releases, they'll be protected.
Ok, so the bug was introduced with the original extended feature
masks in commit e721f50 ("xfs: implement extended feature masks"),
which was introduced in 3.10. So it will need to go back to stable
kernels all the way back to 3.10, right?
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features
2016-03-30 0:16 ` Dave Chinner
@ 2016-03-30 0:27 ` Eric Sandeen
0 siblings, 0 replies; 4+ messages in thread
From: Eric Sandeen @ 2016-03-30 0:27 UTC (permalink / raw)
To: Dave Chinner; +Cc: xfs-oss
On 3/29/16 7:16 PM, Dave Chinner wrote:
> On Tue, Mar 29, 2016 at 02:28:28PM -0500, Eric Sandeen wrote:
>> Today, a kernel which refuses to mount a filesystem read-write
>> due to unknown ro-compat features can still transition to read-write
>> via the remount path. The old kernel is most likely none the wiser,
>> because it's unaware of the new feature, and isn't using it. However,
>> writing to the filesystem may well corrupt metadata related to that
>> new feature, and moving to a newer kernel which understand the feature
>> will have problems.
>>
>> Right now the only ro-compat feature we have is the free inode btree,
>> which showed up in v3.16. It would be good to push this back to
>> all the active stable kernels, I think, so that if anyone is using
>> newer mkfs (which enables the finobt feature) with older kernel
>> releases, they'll be protected.
>
> Ok, so the bug was introduced with the original extended feature
> masks in commit e721f50 ("xfs: implement extended feature masks"),
> which was introduced in 3.10. So it will need to go back to stable
> kernels all the way back to 3.10, right?
>
> Cheers,
>
> Dave.
>
Yeah, that seems right; it's not when the first ro-compat feature
was introduced, it was when the handling was introduced, right?
If you need to massage the cc:stable line feel free, of course.
ie:
Cc: <stable@vger.kernel.org> # 3.10.x-
I think.
-Eric
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-03-30 0:27 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-29 19:28 [PATCH] xfs: disallow rw remount on fs with unknown ro-compat features Eric Sandeen
2016-03-29 20:40 ` Bill O'Donnell
2016-03-30 0:16 ` Dave Chinner
2016-03-30 0:27 ` Eric Sandeen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.