[PATCHES v2][RFC] set_blocksize() rework

[Al Viro <viro@zeniv.linux.org.uk>]

On Sat, Apr 27, 2024 at 10:09:20PM +0100, Al Viro wrote:
> 	Any buffer-cache based filesystem is going to be FUBAR
> if somebody manages to change block size of device under it,
> since primitives (sb_bread(), sb_getblk(), etc.) operate in
> terms of block numbers.  If block size suddenly doubles, so
> will the offsets from the beginning of device.  Results are
> not pretty, obviously.
> 
> 	The thing that (mostly) prevents that kind of mess
> is that most of the mechanisms that lead to block size
> change require the device being opened exclusive.  However,
> there are several exceptions that allow to do that without
> an exclusive open.  Fortunately, all of them require
> CAP_SYS_ADMIN, so it's not a security problem - anyone
> who already has that level of access can screw the system
> into the ground in any number of ways.  However, security
> problems or not, that crap should be fixed.
> 
> 	The series below eliminates these calls of set_blocksize()
> and changes calling conventsion of set_blocksize() so that it
> uses struct file * instead of struct block_device * to tell
> which device to act upon.  Unlike struct block_device, struct
> file has enough information to tell an exclusive open from
> non-exclusive one, so we can reject the operation in non-exclusive
> case.
> 
> 	The branch is available at
> git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #work.set_blocksize
> Individual patches in followups.
> 
> Review (and testing, obviously) would be very welcome.

Branch updated and force-pushed (same place).  Individual patches in
followups.

Changes:
* zram elimination of double-open added.
* hopefully better description of btrfs side of things.
* final commit split into switch of set_blocksize() to struct file
  and adding a check for exclusive open.
* chunk in Documentation/filesystems/porting.rst added.

Shortlog:
Al Viro (9):
      bcache_register(): don't bother with set_blocksize()
      pktcdvd: sort set_blocksize() calls out
      swapon(2)/swapoff(2): don't bother with block size
      swapon(2): open swap with O_EXCL
      zram: don't bother with reopening - just use O_EXCL for open
      swsusp: don't bother with setting block size
      btrfs_get_bdev_and_sb(): call set_blocksize() only for exclusive opens
      set_blocksize(): switch to passing struct file *
      make set_blocksize() fail unless block device is opened exclusive

Diffstat:
 Documentation/filesystems/porting.rst |  7 +++++++
 block/bdev.c                          | 14 ++++++++++----
 block/ioctl.c                         | 21 ++++++++++++---------
 drivers/block/pktcdvd.c               |  7 +------
 drivers/block/zram/zram_drv.c         | 29 +++++++----------------------
 drivers/block/zram/zram_drv.h         |  2 +-
 drivers/md/bcache/super.c             |  4 ----
 fs/btrfs/dev-replace.c                |  2 +-
 fs/btrfs/volumes.c                    | 13 ++++++++-----
 fs/ext4/super.c                       |  2 +-
 fs/reiserfs/journal.c                 |  5 ++---
 fs/xfs/xfs_buf.c                      |  2 +-
 include/linux/blkdev.h                |  2 +-
 include/linux/swap.h                  |  2 --
 kernel/power/swap.c                   |  7 +------
 mm/swapfile.c                         | 29 ++---------------------------
 16 files changed, 55 insertions(+), 93 deletions(-)