* [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro()
@ 2017-11-09 18:44 Ilya Dryomov
2017-11-09 18:45 ` [PATCH 1/2] block: fail op_is_write() requests to read-only partitions Ilya Dryomov
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Ilya Dryomov @ 2017-11-09 18:44 UTC (permalink / raw)
To: linux-block; +Cc: Christoph Hellwig, Jens Axboe, Tejun Heo, David Disseldorp
Hello,
I was doing some cleanup work on rbd BLKROSET handler and discovered
that we ignore partition rw/ro setting (hd_struct->policy) for pretty
much everything but straight writes.
David (CCed) has blktests patches standing by.
(Another aspect of this is that we don't enforce open(2) mode. Tejun
took a stab at this a few years ago, but his patch had to be reverted:
75f1dc0d076d ("block: check bdev_read_only() from blkdev_get()")
e51900f7d38c ("block: revert block_dev read-only check")
It is a separate issue and refusing writes to read-only devices is
obviously more important, but perhaps it's time to revisit that as
well?)
Thanks,
Ilya
Ilya Dryomov (2):
block: fail op_is_write() requests to read-only partitions
block: add bdev_read_only() checks to common helpers
block/blk-core.c | 23 ++++++++++++++++++++++-
block/blk-lib.c | 12 ++++++++++++
2 files changed, 34 insertions(+), 1 deletion(-)
--
2.4.3
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/2] block: fail op_is_write() requests to read-only partitions
2017-11-09 18:44 [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
@ 2017-11-09 18:45 ` Ilya Dryomov
2017-11-28 9:07 ` Sagi Grimberg
2017-11-09 18:45 ` [PATCH 2/2] block: add bdev_read_only() checks to common helpers Ilya Dryomov
2017-11-16 9:02 ` [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2 siblings, 1 reply; 6+ messages in thread
From: Ilya Dryomov @ 2017-11-09 18:45 UTC (permalink / raw)
To: linux-block; +Cc: Christoph Hellwig, Jens Axboe, Tejun Heo, David Disseldorp
Regular block device writes go through blkdev_write_iter(), which does
bdev_read_only(), while zeroout/discard/etc requests are never checked,
both userspace- and kernel-triggered. Add a generic catch-all check to
generic_make_request_checks() to actually enforce ioctl(BLKROSET) and
set_disk_ro(), which is used by quite a few drivers for things like
snapshots, read-only backing files/images, etc.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---
block/blk-core.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index b8d1aa2d1008..139ff47caf4a 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -2022,6 +2022,20 @@ static inline int bio_check_eod(struct bio *bio, unsigned int nr_sectors)
return 0;
}
+static inline bool bio_check_ro(struct bio *bio)
+{
+ struct hd_struct *p;
+ int ret = false;
+
+ rcu_read_lock();
+ p = __disk_get_part(bio->bi_disk, bio->bi_partno);
+ if (!p || (p->policy && op_is_write(bio_op(bio))))
+ ret = true;
+ rcu_read_unlock();
+
+ return ret;
+}
+
static noinline_for_stack bool
generic_make_request_checks(struct bio *bio)
{
@@ -2044,11 +2058,18 @@ generic_make_request_checks(struct bio *bio)
goto end_io;
}
+ if (bio_check_ro(bio)) {
+ printk(KERN_ERR
+ "generic_make_request: Trying to write "
+ "to read-only block-device %s (partno %d)\n",
+ bio_devname(bio, b), bio->bi_partno);
+ goto end_io;
+ }
+
/*
* For a REQ_NOWAIT based request, return -EOPNOTSUPP
* if queue is not a request based queue.
*/
-
if ((bio->bi_opf & REQ_NOWAIT) && !queue_is_rq_based(q))
goto not_supported;
--
2.4.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] block: add bdev_read_only() checks to common helpers
2017-11-09 18:44 [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2017-11-09 18:45 ` [PATCH 1/2] block: fail op_is_write() requests to read-only partitions Ilya Dryomov
@ 2017-11-09 18:45 ` Ilya Dryomov
2017-11-16 9:02 ` [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2 siblings, 0 replies; 6+ messages in thread
From: Ilya Dryomov @ 2017-11-09 18:45 UTC (permalink / raw)
To: linux-block; +Cc: Christoph Hellwig, Jens Axboe, Tejun Heo, David Disseldorp
Similar to blkdev_write_iter(), return -EPERM if the partition is
read-only. This covers ioctl(), fallocate() and most in-kernel users
but isn't meant to be exhaustive -- everything else will be caught in
generic_make_request_checks(), fail with -EIO and can be fixed later.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---
block/blk-lib.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/block/blk-lib.c b/block/blk-lib.c
index f625fda5f095..64fe863ae43a 100644
--- a/block/blk-lib.c
+++ b/block/blk-lib.c
@@ -36,6 +36,9 @@ int __blkdev_issue_discard(struct block_device *bdev, sector_t sector,
if (!q)
return -ENXIO;
+ if (bdev_read_only(bdev))
+ return -EPERM;
+
if (flags & BLKDEV_DISCARD_SECURE) {
if (!blk_queue_secure_erase(q))
return -EOPNOTSUPP;
@@ -155,6 +158,9 @@ static int __blkdev_issue_write_same(struct block_device *bdev, sector_t sector,
if (!q)
return -ENXIO;
+ if (bdev_read_only(bdev))
+ return -EPERM;
+
bs_mask = (bdev_logical_block_size(bdev) >> 9) - 1;
if ((sector | nr_sects) & bs_mask)
return -EINVAL;
@@ -232,6 +238,9 @@ static int __blkdev_issue_write_zeroes(struct block_device *bdev,
if (!q)
return -ENXIO;
+ if (bdev_read_only(bdev))
+ return -EPERM;
+
/* Ensure that max_write_zeroes_sectors doesn't overflow bi_size */
max_write_zeroes_sectors = bdev_write_zeroes_sectors(bdev);
@@ -286,6 +295,9 @@ static int __blkdev_issue_zero_pages(struct block_device *bdev,
if (!q)
return -ENXIO;
+ if (bdev_read_only(bdev))
+ return -EPERM;
+
while (nr_sects != 0) {
bio = next_bio(bio, __blkdev_sectors_to_bio_pages(nr_sects),
gfp_mask);
--
2.4.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro()
2017-11-09 18:44 [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2017-11-09 18:45 ` [PATCH 1/2] block: fail op_is_write() requests to read-only partitions Ilya Dryomov
2017-11-09 18:45 ` [PATCH 2/2] block: add bdev_read_only() checks to common helpers Ilya Dryomov
@ 2017-11-16 9:02 ` Ilya Dryomov
2017-11-27 9:19 ` Ilya Dryomov
2 siblings, 1 reply; 6+ messages in thread
From: Ilya Dryomov @ 2017-11-16 9:02 UTC (permalink / raw)
To: Christoph Hellwig, Jens Axboe; +Cc: linux-block, Tejun Heo, David Disseldorp
On Thu, Nov 9, 2017 at 7:44 PM, Ilya Dryomov <idryomov@gmail.com> wrote:
> Hello,
>
> I was doing some cleanup work on rbd BLKROSET handler and discovered
> that we ignore partition rw/ro setting (hd_struct->policy) for pretty
> much everything but straight writes.
>
> David (CCed) has blktests patches standing by.
>
> (Another aspect of this is that we don't enforce open(2) mode. Tejun
> took a stab at this a few years ago, but his patch had to be reverted:
>
> 75f1dc0d076d ("block: check bdev_read_only() from blkdev_get()")
> e51900f7d38c ("block: revert block_dev read-only check")
>
> It is a separate issue and refusing writes to read-only devices is
> obviously more important, but perhaps it's time to revisit that as
> well?)
>
> Thanks,
>
> Ilya
>
>
> Ilya Dryomov (2):
> block: fail op_is_write() requests to read-only partitions
> block: add bdev_read_only() checks to common helpers
>
> block/blk-core.c | 23 ++++++++++++++++++++++-
> block/blk-lib.c | 12 ++++++++++++
> 2 files changed, 34 insertions(+), 1 deletion(-)
Ping... Christoph, Jens, could one of you please take a look?
Thanks,
Ilya
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro()
2017-11-16 9:02 ` [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
@ 2017-11-27 9:19 ` Ilya Dryomov
0 siblings, 0 replies; 6+ messages in thread
From: Ilya Dryomov @ 2017-11-27 9:19 UTC (permalink / raw)
To: Christoph Hellwig, Jens Axboe; +Cc: linux-block, Tejun Heo, David Disseldorp
On Thu, Nov 16, 2017 at 10:02 AM, Ilya Dryomov <idryomov@gmail.com> wrote:
> On Thu, Nov 9, 2017 at 7:44 PM, Ilya Dryomov <idryomov@gmail.com> wrote:
>> Hello,
>>
>> I was doing some cleanup work on rbd BLKROSET handler and discovered
>> that we ignore partition rw/ro setting (hd_struct->policy) for pretty
>> much everything but straight writes.
>>
>> David (CCed) has blktests patches standing by.
>>
>> (Another aspect of this is that we don't enforce open(2) mode. Tejun
>> took a stab at this a few years ago, but his patch had to be reverted:
>>
>> 75f1dc0d076d ("block: check bdev_read_only() from blkdev_get()")
>> e51900f7d38c ("block: revert block_dev read-only check")
>>
>> It is a separate issue and refusing writes to read-only devices is
>> obviously more important, but perhaps it's time to revisit that as
>> well?)
>>
>> Thanks,
>>
>> Ilya
>>
>>
>> Ilya Dryomov (2):
>> block: fail op_is_write() requests to read-only partitions
>> block: add bdev_read_only() checks to common helpers
>>
>> block/blk-core.c | 23 ++++++++++++++++++++++-
>> block/blk-lib.c | 12 ++++++++++++
>> 2 files changed, 34 insertions(+), 1 deletion(-)
>
> Ping... Christoph, Jens, could one of you please take a look?
Ping?
Thanks,
Ilya
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] block: fail op_is_write() requests to read-only partitions
2017-11-09 18:45 ` [PATCH 1/2] block: fail op_is_write() requests to read-only partitions Ilya Dryomov
@ 2017-11-28 9:07 ` Sagi Grimberg
0 siblings, 0 replies; 6+ messages in thread
From: Sagi Grimberg @ 2017-11-28 9:07 UTC (permalink / raw)
To: Ilya Dryomov, linux-block
Cc: Christoph Hellwig, Jens Axboe, Tejun Heo, David Disseldorp
> + if (bio_check_ro(bio)) {
I'd place unlikely statement here, but other than that, looks good to me
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
> + printk(KERN_ERR
> + "generic_make_request: Trying to write "
> + "to read-only block-device %s (partno %d)\n",
> + bio_devname(bio, b), bio->bi_partno);
> + goto end_io;
> + }
> +
> /*
> * For a REQ_NOWAIT based request, return -EOPNOTSUPP
> * if queue is not a request based queue.
> */
> -
> if ((bio->bi_opf & REQ_NOWAIT) && !queue_is_rq_based(q))
> goto not_supported;
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-11-28 9:07 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-09 18:44 [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2017-11-09 18:45 ` [PATCH 1/2] block: fail op_is_write() requests to read-only partitions Ilya Dryomov
2017-11-28 9:07 ` Sagi Grimberg
2017-11-09 18:45 ` [PATCH 2/2] block: add bdev_read_only() checks to common helpers Ilya Dryomov
2017-11-16 9:02 ` [PATCH 0/2] block: enforce ioctl(BLKROSET) and set_disk_ro() Ilya Dryomov
2017-11-27 9:19 ` Ilya Dryomov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).