From: Jens Axboe <jens.axboe@oracle.com>
To: Kay Sievers <kay.sievers@vrfy.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Herton Ronaldo Krzesinski <herton@mandriva.com.br>,
me@bobcopeland.com, stern@rowland.harvard.edu,
linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org,
bogdano@mandriva.com.br, lcapitulino@mandriva.com.br,
draconux@gmail.com, dlallement@mandriva.com,
pterjan@mandriva.com
Subject: Re: Partition check considered as error is breaking mounting in 2.6.27
Date: Mon, 13 Oct 2008 11:01:06 +0200 [thread overview]
Message-ID: <20081013090106.GF19428@kernel.dk> (raw)
In-Reply-To: <1223561068.4633.2.camel@lgn.site>
On Thu, Oct 09 2008, Kay Sievers wrote:
> On Wed, 2008-10-08 at 18:01 +0200, Kay Sievers wrote:
> > On Sat, Sep 13, 2008 at 1:36 AM, Andrew Morton
> > <akpm@linux-foundation.org> wrote:
> > > On Fri, 12 Sep 2008 18:07:27 -0300
> > > Herton Ronaldo Krzesinski <herton@mandriva.com.br> wrote:
> > >
> > >> Yes, here goes a new version:
> > >
> > > Well gee. Given a choice, I went and replied to the wrong thread.
> > > Here's what I think:
> > >
> > > From: Andrew Morton <akpm@linux-foundation.org>
> > >
> > > Herton Krzesinski reports that the error-checking changes in
> > > 04ebd4aee52b06a2c38127d9208546e5b96f3a19 ("block/ioctl.c and
> > > fs/partition/check.c: check value returned by add_partition") cause his
> > > buggy USB camera to no longer mount. "The camera is an Olympus X-840.
> > > The original issue comes from the camera itself: its format program
> > > creates a partition with an off by one error".
> > >
> > > Buggy devices happen. It is better for the kernel to warn and to proceed
> > > with the mount.
> > >
> > > Reported-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br>
> > > Cc: Abdel Benamrouche <draconux@gmail.com>
> > > Cc: Jens Axboe <jens.axboe@oracle.com>
> > > Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
> > > ---
> > >
> > > fs/partitions/check.c | 1 -
> > > 1 file changed, 1 deletion(-)
> > >
> > > diff -puN fs/partitions/check.c~rescan_partitions-make-device-capacity-errors-non-fatal fs/partitions/check.c
> > > --- a/fs/partitions/check.c~rescan_partitions-make-device-capacity-errors-non-fatal
> > > +++ a/fs/partitions/check.c
> > > @@ -540,7 +540,6 @@ int rescan_partitions(struct gendisk *di
> > > if (from + size > get_capacity(disk)) {
> > > printk(KERN_ERR " %s: p%d exceeds device capacity\n",
> > > disk->disk_name, p);
> > > - continue;
> > > }
> > > res = add_partition(disk, p, from, size, state->parts[p].flags);
> > > if (res) {
> >
> > I was happy to see the original fix, as if causes real problems for
> > userspace, that the kernel creates invalid block devices with a size
> > that exceeds the physical disk. So, if we can not make that partition
> > to skip, like original patch did, because of broken hardware we don't
> > want to break, can we make it at least do the obvious thing, and limit
> > the partition with the broken entry to the size of the underlying
> > hardware. So that the kernel does no longer pretend to have devices of
> > a size which the hardware does not have.
> >
> > It breaks all sort of userspace tools which read the "size" file in
> > sysfs, or do BLKGETSIZE and we get, if we are lucky, only:
> > attempt to access beyond end of device
> > sda: rw=0, want=1953535936, limit=976773168
> > in other cases it might cause corruption, or lead mkfs to create
> > devices which will fail when they get used.
>
>
> From: Kay Sievers <kay.sievers@vrfy.org>
> Subject: block: sanitize invalid partition table entries
>
> We currently follow blindly what the partition table lies about the
> disk, and let the kernel create block devices which can not be accessed.
> Trying to identify the device leads to kernel logs full of:
> sdb: rw=0, want=73392, limit=28800
> attempt to access beyond end of device
>
> Here is an example of a broken partition table, where sda2 starts
> behind the end of the disk, and sdb3 is larger than the entire disk:
> Disk /dev/sdb: 14 MB, 14745600 bytes
> 1 heads, 29 sectors/track, 993 cylinders, total 28800 sectors
> Device Boot Start End Blocks Id System
> /dev/sdb1 29 7800 3886 83 Linux
> /dev/sdb2 37801 45601 3900+ 83 Linux
> /dev/sdb3 15602 73402 28900+ 83 Linux
> /dev/sdb4 23403 28796 2697 83 Linux
>
> The kernel creates these completely invalid devices, which can not be
> accessed, or may lead to other unpredictable failures:
> grep . /sys/class/block/sdb*/{start,size}
> /sys/class/block/sdb/size:28800
> /sys/class/block/sdb1/start:29
> /sys/class/block/sdb1/size:7772
> /sys/class/block/sdb2/start:37801
> /sys/class/block/sdb2/size:7801
> /sys/class/block/sdb3/start:15602
> /sys/class/block/sdb3/size:57801
> /sys/class/block/sdb4/start:23403
> /sys/class/block/sdb4/size:5394
>
> With this patch, we ignore partitions which start behind the end of the disk,
> and limit partitions to the end of the disk if they pretend to be larger:
> grep . /sys/class/block/sdb*/{start,size}
> /sys/class/block/sdb/size:28800
> /sys/class/block/sdb1/start:29
> /sys/class/block/sdb1/size:7772
> /sys/class/block/sdb3/start:15602
> /sys/class/block/sdb3/size:13198
> /sys/class/block/sdb4/start:23403
> /sys/class/block/sdb4/size:5394
>
> These warnings are printed to the kernel log:
> sdb: p2 ignored, start 37801 is behind the end of the disk
> sdb: p3 size 57801 limited to end of disk
>
> Signed-off-by: Kay Sievers <kay.sievers@vrfy.org>
> ---
>
> check.c | 17 +++++++++++++++--
> 1 file changed, 15 insertions(+), 2 deletions(-)
>
>
> diff --git a/fs/partitions/check.c b/fs/partitions/check.c
> index ecc3330..9545d8c 100644
> --- a/fs/partitions/check.c
> +++ b/fs/partitions/check.c
> @@ -498,10 +498,23 @@ int rescan_partitions(struct gendisk *disk, struct block_device *bdev)
> sector_t from = state->parts[p].from;
> if (!size)
> continue;
> + if (from >= get_capacity(disk)) {
> + printk(KERN_WARNING
> + "%s: p%d ignored, start %llu is behind the end of the disk\n",
> + disk->disk_name, p, (unsigned long long) from);
> + continue;
> + }
> if (from + size > get_capacity(disk)) {
> + /*
> + * we can not ignore partitions of broken tables
> + * created by for example camera firmware, but we
> + * limit them to the end of the disk to avoid
> + * creating invalid block devices
> + */
> printk(KERN_WARNING
> - "%s: p%d exceeds device capacity\n",
> - disk->disk_name, p);
> + "%s: p%d size %llu limited to end of disk\n",
> + disk->disk_name, p, (unsigned long long) size);
> + size = get_capacity(disk) - from;
> }
> res = add_partition(disk, p, from, size, state->parts[p].flags);
> if (res) {
>
>
Kay, I added this variant.
--
Jens Axboe
next prev parent reply other threads:[~2008-10-13 9:01 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-12 17:01 Partition check considered as error is breaking mounting in 2.6.27 Herton Ronaldo Krzesinski
2008-09-12 17:36 ` Alan Stern
2008-09-12 17:59 ` Bob Copeland
2008-09-12 18:21 ` Alan Stern
2008-09-12 18:02 ` Herton Ronaldo Krzesinski
2008-09-12 18:40 ` Alan Stern
2008-09-12 20:14 ` Herton Ronaldo Krzesinski
2008-09-12 20:17 ` Herton Ronaldo Krzesinski
2008-09-12 20:27 ` Bob Copeland
2008-09-12 21:07 ` Herton Ronaldo Krzesinski
2008-09-12 23:36 ` Andrew Morton
2008-09-12 23:46 ` David Brownell
2008-09-12 23:52 ` Andrew Morton
2008-09-12 23:59 ` David Brownell
2008-09-13 0:13 ` Andrew Morton
2008-09-13 2:22 ` Alan Stern
2008-10-08 16:01 ` Kay Sievers
2008-10-09 14:04 ` Kay Sievers
2008-10-13 9:01 ` Jens Axboe [this message]
[not found] <bblSy-60j-19@gated-at.bofh.it>
[not found] ` <bbnhC-7Vd-5@gated-at.bofh.it>
2008-09-13 9:24 ` Bodo Eggert
2008-09-13 23:25 ` Herton Ronaldo Krzesinski
2008-09-14 12:36 ` Bodo Eggert
2008-09-15 17:01 ` Bill Davidsen
-- strict thread matches above, loose matches on Subject: below --
2008-09-12 17:32 Toralf Förster
2008-09-12 16:56 Herton Ronaldo Krzesinski
2008-09-12 23:34 ` Andrew Morton
2008-09-13 15:54 ` Bill Davidsen
2008-09-13 22:56 ` Herton Ronaldo Krzesinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081013090106.GF19428@kernel.dk \
--to=jens.axboe@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=bogdano@mandriva.com.br \
--cc=dlallement@mandriva.com \
--cc=draconux@gmail.com \
--cc=herton@mandriva.com.br \
--cc=kay.sievers@vrfy.org \
--cc=lcapitulino@mandriva.com.br \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=me@bobcopeland.com \
--cc=pterjan@mandriva.com \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.