From: Christoph Hellwig <hch@lst.de> To: Jens Axboe <axboe@kernel.dk> Cc: Linus Torvalds <torvalds@linux-foundation.org>, Mike Snitzer <snitzer@kernel.org>, dm-devel@redhat.com, linux-block@vger.kernel.org Subject: [PATCH 3/3] block: fail writes to read-only devices Date: Thu, 1 Jun 2023 09:28:29 +0200 [thread overview] Message-ID: <20230601072829.1258286-4-hch@lst.de> (raw) In-Reply-To: <20230601072829.1258286-1-hch@lst.de> Currently callers can happily submit writes to block devices that are marked read-only, including to drivers that don't even support writes and will crash when fed such bios. While bio submitter should check for read-only devices, that's not a very robust way of dealing with this. Note that the last attempt to do this got reverted by Linus in commit a32e236eb93e ("Partially revert "block: fail op_is_write() requests to read-only partitions") because device mapper relyied on not enforcing the read-only state when used together with older lvm-tools. The lvm side got fixed in: https://sourceware.org/git/?p=lvm2.git;a=commit;h=a6fdb9d9d70f51c49ad11a87ab4243344e6701a3 but if people still have older lvm2 tools in use we probably need to find a workaround for this in device mapper rather than lacking the core block layer checks. Signed-off-by: Christoph Hellwig <hch@lst.de> --- block/blk-core.c | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 4ba243968e41eb..ef41816bd0eade 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -492,16 +492,6 @@ static int __init fail_make_request_debugfs(void) late_initcall(fail_make_request_debugfs); #endif /* CONFIG_FAIL_MAKE_REQUEST */ -static inline void bio_check_ro(struct bio *bio) -{ - if (op_is_write(bio_op(bio)) && bio_sectors(bio) && - bdev_read_only(bio->bi_bdev)) { - pr_warn("Trying to write to read-only block-device %pg\n", - bio->bi_bdev); - /* Older lvm-tools actually trigger this */ - } -} - static noinline int should_fail_bio(struct bio *bio) { if (should_fail_request(bdev_whole(bio->bi_bdev), bio->bi_iter.bi_size)) @@ -735,7 +725,14 @@ void submit_bio_noacct(struct bio *bio) if (should_fail_bio(bio)) goto end_io; - bio_check_ro(bio); + + if (op_is_write(bio_op(bio)) && bio_sectors(bio) && + bdev_read_only(bdev)) { + pr_warn("Trying to write to read-only block-device %pg\n", + bdev); + goto end_io; + } + if (!bio_flagged(bio, BIO_REMAPPED)) { if (unlikely(bio_check_eod(bio))) goto end_io; -- 2.39.2
WARNING: multiple messages have this Message-ID (diff)
From: Christoph Hellwig <hch@lst.de> To: Jens Axboe <axboe@kernel.dk> Cc: linux-block@vger.kernel.org, Mike Snitzer <snitzer@kernel.org>, dm-devel@redhat.com, Linus Torvalds <torvalds@linux-foundation.org> Subject: [dm-devel] [PATCH 3/3] block: fail writes to read-only devices Date: Thu, 1 Jun 2023 09:28:29 +0200 [thread overview] Message-ID: <20230601072829.1258286-4-hch@lst.de> (raw) In-Reply-To: <20230601072829.1258286-1-hch@lst.de> Currently callers can happily submit writes to block devices that are marked read-only, including to drivers that don't even support writes and will crash when fed such bios. While bio submitter should check for read-only devices, that's not a very robust way of dealing with this. Note that the last attempt to do this got reverted by Linus in commit a32e236eb93e ("Partially revert "block: fail op_is_write() requests to read-only partitions") because device mapper relyied on not enforcing the read-only state when used together with older lvm-tools. The lvm side got fixed in: https://sourceware.org/git/?p=lvm2.git;a=commit;h=a6fdb9d9d70f51c49ad11a87ab4243344e6701a3 but if people still have older lvm2 tools in use we probably need to find a workaround for this in device mapper rather than lacking the core block layer checks. Signed-off-by: Christoph Hellwig <hch@lst.de> --- block/blk-core.c | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 4ba243968e41eb..ef41816bd0eade 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -492,16 +492,6 @@ static int __init fail_make_request_debugfs(void) late_initcall(fail_make_request_debugfs); #endif /* CONFIG_FAIL_MAKE_REQUEST */ -static inline void bio_check_ro(struct bio *bio) -{ - if (op_is_write(bio_op(bio)) && bio_sectors(bio) && - bdev_read_only(bio->bi_bdev)) { - pr_warn("Trying to write to read-only block-device %pg\n", - bio->bi_bdev); - /* Older lvm-tools actually trigger this */ - } -} - static noinline int should_fail_bio(struct bio *bio) { if (should_fail_request(bdev_whole(bio->bi_bdev), bio->bi_iter.bi_size)) @@ -735,7 +725,14 @@ void submit_bio_noacct(struct bio *bio) if (should_fail_bio(bio)) goto end_io; - bio_check_ro(bio); + + if (op_is_write(bio_op(bio)) && bio_sectors(bio) && + bdev_read_only(bdev)) { + pr_warn("Trying to write to read-only block-device %pg\n", + bdev); + goto end_io; + } + if (!bio_flagged(bio, BIO_REMAPPED)) { if (unlikely(bio_check_eod(bio))) goto end_io; -- 2.39.2 -- dm-devel mailing list dm-devel@redhat.com https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2023-06-01 7:28 UTC|newest] Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-06-01 7:28 enforce read-only state at the block layer Christoph Hellwig 2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig 2023-06-01 7:28 ` [PATCH 1/3] block: remove a duplicate bdev_read_only declaration Christoph Hellwig 2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig 2023-06-01 7:28 ` [PATCH 2/3] block: simplify the check for flushes in bio_check_ro Christoph Hellwig 2023-06-01 7:28 ` [dm-devel] " Christoph Hellwig 2023-06-01 7:28 ` Christoph Hellwig [this message] 2023-06-01 7:28 ` [dm-devel] [PATCH 3/3] block: fail writes to read-only devices Christoph Hellwig 2023-06-02 1:02 ` Linus Torvalds 2023-06-02 1:02 ` [dm-devel] " Linus Torvalds 2023-06-02 15:41 ` Christoph Hellwig 2023-06-02 15:41 ` [dm-devel] " Christoph Hellwig 2023-06-02 15:56 ` Linus Torvalds 2023-06-02 15:56 ` [dm-devel] " Linus Torvalds 2023-06-06 16:13 ` Mike Snitzer 2023-06-06 16:13 ` Mike Snitzer 2023-06-06 16:11 ` [dm-devel] enforce read-only state at the block layer Mike Snitzer 2023-06-06 16:11 ` Mike Snitzer 2023-06-07 5:33 ` Christoph Hellwig 2023-06-07 5:33 ` [dm-devel] " Christoph Hellwig
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20230601072829.1258286-4-hch@lst.de \ --to=hch@lst.de \ --cc=axboe@kernel.dk \ --cc=dm-devel@redhat.com \ --cc=linux-block@vger.kernel.org \ --cc=snitzer@kernel.org \ --cc=torvalds@linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.