From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by mail19.linbit.com (LINBIT Mail Daemon) with ESMTP id 6AFD64201C8 for ; Mon, 28 Aug 2023 16:27:46 +0200 (CEST) Date: Mon, 28 Aug 2023 07:27:36 -0700 From: Christoph Hellwig To: Al Viro Message-ID: References: <20230810171429.31759-1-jack@suse.cz> <20230825015843.GB95084@ZenIV> <20230825134756.o3wpq6bogndukn53@quack3> <20230826022852.GO3390869@ZenIV> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230826022852.GO3390869@ZenIV> Cc: Dave Kleikamp , jfs-discussion@lists.sourceforge.net, Jan Kara , "Darrick J. Wong" , linux-nvme@lists.infradead.org, Joseph Qi , dm-devel@redhat.com, target-devel@vger.kernel.org, linux-mtd@lists.infradead.org, Jack Wang , Alasdair Kergon , drbd-dev@lists.linbit.com, linux-s390@vger.kernel.org, linux-nilfs@vger.kernel.org, linux-scsi@vger.kernel.org, Sergey Senozhatsky , Christoph Hellwig , xen-devel@lists.xenproject.org, Gao Xiang , Christian Borntraeger , Kent Overstreet , Sven Schnelle , linux-pm@vger.kernel.org, Mike Snitzer , Chao Yu , Joern Engel , reiserfs-devel@vger.kernel.org, linux-block@vger.kernel.org, linux-bcache@vger.kernel.org, Christian Brauner , David Sterba , Jaegeuk Kim , Trond Myklebust , Jens Axboe , linux-raid@vger.kernel.org, linux-nfs@vger.kernel.org, linux-ext4@vger.kernel.org, Ted Tso , linux-mm@kvack.org, Song Liu , linux-f2fs-devel@lists.sourceforge.net, linux-xfs@vger.kernel.org, Minchan Kim , ocfs2-devel@oss.oracle.com, Anna Schumaker , linux-fsdevel@vger.kernel.org, "Md. Haris Iqbal" , Andrew Morton , linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org Subject: Re: [Drbd-dev] [PATCH v2 0/29] block: Make blkdev_get_by_*() return handle List-Id: "*Coordination* of development, patches, contributions -- *Questions* \(even to developers\) go to drbd-user, please." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Sat, Aug 26, 2023 at 03:28:52AM +0100, Al Viro wrote: > I mean, look at claim_swapfile() for example: > p->bdev = blkdev_get_by_dev(inode->i_rdev, > FMODE_READ | FMODE_WRITE | FMODE_EXCL, p); > if (IS_ERR(p->bdev)) { > error = PTR_ERR(p->bdev); > p->bdev = NULL; > return error; > } > p->old_block_size = block_size(p->bdev); > error = set_blocksize(p->bdev, PAGE_SIZE); > if (error < 0) > return error; > we already have the file opened, and we keep it opened all the way until > the swapoff(2); here we have noticed that it's a block device and we > * open the fucker again (by device number), this time claiming > it with our swap_info_struct as holder, to be closed at swapoff(2) time > (just before we close the file) Note that some drivers look at FMODE_EXCL/BLK_OPEN_EXCL in ->open. These are probably bogus and maybe we want to kill them, but that will need an audit first. > BTW, what happens if two threads call ioctl(fd, BLKBSZSET, &n) > for the same descriptor that happens to have been opened O_EXCL? > Without O_EXCL they would've been unable to claim the sucker at the same > time - the holder we are using is the address of a function argument, > i.e. something that points to kernel stack of the caller. Those would > conflict and we either get set_blocksize() calls fully serialized, or > one of the callers would eat -EBUSY. Not so in "opened with O_EXCL" > case - they can very well overlap and IIRC set_blocksize() does *not* > expect that kind of crap... It's all under CAP_SYS_ADMIN, so it's not > as if it was a meaningful security hole anyway, but it does look fishy. The user get to keep the pieces.. BLKBSZSET is kinda bogus anyway as the soft blocksize only matters for buffer_head-like I/O, and there only for file systems. Not idea why anyone would set it manually.