From: Kees Cook <keescook@chromium.org>
To: Christoph Hellwig <hch@infradead.org>
Cc: Jens Axboe <axboe@kernel.dk>,
syzbot+21cfe1f803e0e158acf1@syzkaller.appspotmail.com,
linux-block@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] block: Replace bio_check_ro()'s WARN_ON()
Date: Fri, 22 Nov 2019 11:34:11 -0800 [thread overview]
Message-ID: <201911221131.A34DFAA49@keescook> (raw)
In-Reply-To: <20191122191434.GA10150@infradead.org>
On Fri, Nov 22, 2019 at 11:14:34AM -0800, Christoph Hellwig wrote:
> On Fri, Nov 22, 2019 at 12:09:14PM -0700, Jens Axboe wrote:
> > On 11/22/19 12:07 PM, Christoph Hellwig wrote:
> > > On Fri, Nov 22, 2019 at 10:53:22AM -0800, Kees Cook wrote:
> > >> Friendly ping! I keep tripping over this. Can this please get applied so
> > >> we can silence syzbot and avoid needless WARNs? :)
> > >
> > > What call stack reaches this? Upper layers should never submit a write
> > > bio on a read-only queue, and we need to fix that in the upper layer.
> >
> > It's an fsync, the trace is here:
> >
> > https://syzkaller.appspot.com/x/log.txt?x=159503d2e00000
>
> Oh. I think this is a bug in the block layer, we should not treat
> a sync as write for the purposes of is read-only checks, as it never
> writes data to the device. At the request layer we alread use
> the proper REQ_OP_FLUSH, but at the bio layer we are still abusing
> empty writes apparently. I'll try to cook up something over the
> weekend.
Cool; thanks! Note that syzbot has a reproducer for it:
https://syzkaller.appspot.com/text?tag=ReproC&x=117ccc8c400000
If that doesn't work for your own testing, you can ask syzbot to test
patches itself:
https://goo.gl/tpsmEJ#testing-patches
--
Kees Cook
next prev parent reply other threads:[~2019-11-22 19:34 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-24 21:15 [PATCH] block: Replace bio_check_ro()'s WARN_ON() Kees Cook
2019-11-22 18:53 ` Kees Cook
2019-11-22 18:55 ` Jens Axboe
2019-11-22 18:57 ` Kees Cook
2019-11-22 19:07 ` Christoph Hellwig
2019-11-22 19:09 ` Jens Axboe
2019-11-22 19:14 ` Christoph Hellwig
2019-11-22 19:34 ` Kees Cook [this message]
2019-11-25 17:40 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201911221131.A34DFAA49@keescook \
--to=keescook@chromium.org \
--cc=axboe@kernel.dk \
--cc=hch@infradead.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=syzbot+21cfe1f803e0e158acf1@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.