Re: [linux-lvm] LVM and RO device/partition(s)

From: lacsaP Patatetom <patatetom@gmail.com>
To: Zdenek Kabelac <zdenek.kabelac@gmail.com>
Cc: LVM general discussion and development <linux-lvm@redhat.com>
Subject: Re: [linux-lvm] LVM and RO device/partition(s)
Date: Mon, 20 Mar 2023 17:37:34 +0100	[thread overview]
Message-ID: <CAGhAaddCmjQeOrdqueHHpM6znVpvMK_vy8XfTxgsMgWPLwyndQ@mail.gmail.com> (raw)
In-Reply-To: <CAGhAade3Uzobn5amNYVB489NJ-OOj2MFW591eHVaK3ZoEKr15Q@mail.gmail.com>

[-- Attachment #1.1: Type: text/plain, Size: 2636 bytes --]

hi,

I come back to you with the memo mentioned :
https://github.com/patatetom/lvm-on-readonly-block-device
I hope that it will allow you to better understand this problem of
alteration of the disk.

as I mentioned, LVM should normally/theoretically not touch the disk as
long as it is read-only, but what bothers me the most is the fact that I
can't "catch up" by correcting the new 6.1.15 kernel as I did before.

regards, lacsaP.

Le lun. 20 mars 2023 à 15:15, lacsaP Patatetom <patatetom@gmail.com> a
écrit :

> thank you for this first feedback.
>
> I am writing a memo on github and will communicate the url soon.
>
> my question is in the context of digital investigation which does not
> admit the alteration of the medium.
> of course, there are combinations (/etc/lvm.conf + snap@nbd for example)
> which allow in fine not to alter the media but I don't understand why a
> media set in read-only mode - eg. chmod 444 + blockdev --setro set before
> LVM process - is not protected against LVM modifications...
>
> regards, lacsaP.
>
> Le lun. 20 mars 2023 à 15:00, Zdenek Kabelac <zdenek.kabelac@gmail.com> a
> écrit :
>
>> Dne 19. 03. 23 v 11:27 Pascal napsal(a):
>> > hi,
>> >
>> > the bio_check_ro function of the blk-core.c source file of the Linux
>> kernel
>> > refers to LVM :
>> >
>> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/block/blk-core.c?h=v6.2.7#n500
>> <
>> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/block/blk-core.c?h=v6.2.7#n500
>> >
>> >
>> > how does LVM currently behave when faced with a device marked as
>> readonly ?
>> > does it automatically switch itself in readonly mode?
>> >
>> > according to some tests carried out in a virtual machine, it seems that
>> it
>> > doesn't and that LVM modifies the disk/partition(s) even though they
>> are all
>> > readonly (chmod 444 && blockdev --setro).
>>
>>
>> Hi
>>
>> There is no extra logic around RO devices in lvm2.  When lvm2 succeeds
>> opening
>> device in write mode, it'll use it for writing.
>>
>> Also note - when you 'activate' a LV in read-write mode - someone opens
>> such
>> LV/device and you later on 'lvchange' such active LV to read-only mode -
>> all
>> writers will keep writing to such device.
>>
>> It's not quite clear which kind of problem you are actually hitting - so
>> maybe
>> adding some more descriptive  environment +  logs  might give more info
>> about
>> your individual case.
>>
>> Note: root admin typically can overwrite any 'mild' protections...
>>
>> Regards
>>
>> Zdenek
>>
>>

[-- Attachment #1.2: Type: text/html, Size: 3821 bytes --]

[-- Attachment #2: Type: text/plain, Size: 202 bytes --]

_______________________________________________
linux-lvm mailing list
linux-lvm@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-lvm
read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/