From: Christoph Hellwig <hch@lst.de>
To: Jens Axboe <axboe@kernel.dk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com, linux-block@vger.kernel.org
Subject: [PATCH 3/3] block: fail writes to read-only devices
Date: Thu, 1 Jun 2023 09:28:29 +0200 [thread overview]
Message-ID: <20230601072829.1258286-4-hch@lst.de> (raw)
In-Reply-To: <20230601072829.1258286-1-hch@lst.de>
Currently callers can happily submit writes to block devices that are
marked read-only, including to drivers that don't even support writes
and will crash when fed such bios.
While bio submitter should check for read-only devices, that's not a
very robust way of dealing with this.
Note that the last attempt to do this got reverted by Linus in commit
a32e236eb93e ("Partially revert "block: fail op_is_write() requests to
read-only partitions") because device mapper relyied on not enforcing
the read-only state when used together with older lvm-tools.
The lvm side got fixed in:
https://sourceware.org/git/?p=lvm2.git;a=commit;h=a6fdb9d9d70f51c49ad11a87ab4243344e6701a3
but if people still have older lvm2 tools in use we probably need
to find a workaround for this in device mapper rather than lacking
the core block layer checks.
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
block/blk-core.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index 4ba243968e41eb..ef41816bd0eade 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -492,16 +492,6 @@ static int __init fail_make_request_debugfs(void)
late_initcall(fail_make_request_debugfs);
#endif /* CONFIG_FAIL_MAKE_REQUEST */
-static inline void bio_check_ro(struct bio *bio)
-{
- if (op_is_write(bio_op(bio)) && bio_sectors(bio) &&
- bdev_read_only(bio->bi_bdev)) {
- pr_warn("Trying to write to read-only block-device %pg\n",
- bio->bi_bdev);
- /* Older lvm-tools actually trigger this */
- }
-}
-
static noinline int should_fail_bio(struct bio *bio)
{
if (should_fail_request(bdev_whole(bio->bi_bdev), bio->bi_iter.bi_size))
@@ -735,7 +725,14 @@ void submit_bio_noacct(struct bio *bio)
if (should_fail_bio(bio))
goto end_io;
- bio_check_ro(bio);
+
+ if (op_is_write(bio_op(bio)) && bio_sectors(bio) &&
+ bdev_read_only(bdev)) {
+ pr_warn("Trying to write to read-only block-device %pg\n",
+ bdev);
+ goto end_io;
+ }
+
if (!bio_flagged(bio, BIO_REMAPPED)) {
if (unlikely(bio_check_eod(bio)))
goto end_io;
--
2.39.2
WARNING: multiple messages have this Message-ID (diff)
From: Christoph Hellwig <hch@lst.de>
To: Jens Axboe <axboe@kernel.dk>
Cc: linux-block@vger.kernel.org, Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [dm-devel] [PATCH 3/3] block: fail writes to read-only devices
Date: Thu, 1 Jun 2023 09:28:29 +0200 [thread overview]
Message-ID: <20230601072829.1258286-4-hch@lst.de> (raw)
In-Reply-To: <20230601072829.1258286-1-hch@lst.de>
Currently callers can happily submit writes to block devices that are
marked read-only, including to drivers that don't even support writes
and will crash when fed such bios.
While bio submitter should check for read-only devices, that's not a
very robust way of dealing with this.
Note that the last attempt to do this got reverted by Linus in commit
a32e236eb93e ("Partially revert "block: fail op_is_write() requests to
read-only partitions") because device mapper relyied on not enforcing
the read-only state when used together with older lvm-tools.
The lvm side got fixed in:
https://sourceware.org/git/?p=lvm2.git;a=commit;h=a6fdb9d9d70f51c49ad11a87ab4243344e6701a3
but if people still have older lvm2 tools in use we probably need
to find a workaround for this in device mapper rather than lacking
the core block layer checks.
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
block/blk-core.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index 4ba243968e41eb..ef41816bd0eade 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -492,16 +492,6 @@ static int __init fail_make_request_debugfs(void)
late_initcall(fail_make_request_debugfs);
#endif /* CONFIG_FAIL_MAKE_REQUEST */
-static inline void bio_check_ro(struct bio *bio)
-{
- if (op_is_write(bio_op(bio)) && bio_sectors(bio) &&
- bdev_read_only(bio->bi_bdev)) {
- pr_warn("Trying to write to read-only block-device %pg\n",
- bio->bi_bdev);
- /* Older lvm-tools actually trigger this */
- }
-}
-
static noinline int should_fail_bio(struct bio *bio)
{
if (should_fail_request(bdev_whole(bio->bi_bdev), bio->bi_iter.bi_size))
@@ -735,7 +725,14 @@ void submit_bio_noacct(struct bio *bio)
if (should_fail_bio(bio))
goto end_io;
- bio_check_ro(bio);
+
+ if (op_is_write(bio_op(bio)) && bio_sectors(bio) &&
+ bdev_read_only(bdev)) {
+ pr_warn("Trying to write to read-only block-device %pg\n",
+ bdev);
+ goto end_io;
+ }
+
if (!bio_flagged(bio, BIO_REMAPPED)) {
if (unlikely(bio_check_eod(bio)))
goto end_io;
--
2.39.2
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2023-06-01 7:28 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-01 7:28 enforce read-only state at the block layer Christoph Hellwig
2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig
2023-06-01 7:28 ` [PATCH 1/3] block: remove a duplicate bdev_read_only declaration Christoph Hellwig
2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig
2023-06-01 7:28 ` [PATCH 2/3] block: simplify the check for flushes in bio_check_ro Christoph Hellwig
2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig
2023-06-01 7:28 ` Christoph Hellwig [this message]
2023-06-01 7:28 ` [dm-devel] [PATCH 3/3] block: fail writes to read-only devices Christoph Hellwig
2023-06-02 1:02 ` Linus Torvalds
2023-06-02 1:02 ` [dm-devel] " Linus Torvalds
2023-06-02 15:41 ` Christoph Hellwig
2023-06-02 15:41 ` [dm-devel] " Christoph Hellwig
2023-06-02 15:56 ` Linus Torvalds
2023-06-02 15:56 ` [dm-devel] " Linus Torvalds
2023-06-06 16:13 ` Mike Snitzer
2023-06-06 16:13 ` Mike Snitzer
2023-06-06 16:11 ` [dm-devel] enforce read-only state at the block layer Mike Snitzer
2023-06-06 16:11 ` Mike Snitzer
2023-06-07 5:33 ` Christoph Hellwig
2023-06-07 5:33 ` [dm-devel] " Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230601072829.1258286-4-hch@lst.de \
--to=hch@lst.de \
--cc=axboe@kernel.dk \
--cc=dm-devel@redhat.com \
--cc=linux-block@vger.kernel.org \
--cc=snitzer@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.