From: Eryu Guan <guaneryu@gmail.com>
To: Anand Jain <anand.jain@oracle.com>
Cc: fstests@vger.kernel.org, linux-btrfs@vger.kernel.org
Subject: Re: [PATCH] fstests: btrfs verify hardening agaist duplicate fsid
Date: Sat, 6 Oct 2018 18:14:49 +0800 [thread overview]
Message-ID: <20181006101449.GJ17817@desktop> (raw)
In-Reply-To: <1538383475-2532-1-git-send-email-anand.jain@oracle.com>
On Mon, Oct 01, 2018 at 04:44:35PM +0800, Anand Jain wrote:
> We have a known bug in btrfs, that we let the device path be changed
> after the device has been mounted. So using this loop hole the new
> copied device would appears as if its mounted immediately after its
> been copied. So this test case reproduces this issue.
>
> For example:
>
> Initially.. /dev/mmcblk0p4 is mounted as /
>
> lsblk
> NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
> mmcblk0 179:0 0 29.2G 0 disk
> |-mmcblk0p4 179:4 0 4G 0 part /
> |-mmcblk0p2 179:2 0 500M 0 part /boot
> |-mmcblk0p3 179:3 0 256M 0 part [SWAP]
> `-mmcblk0p1 179:1 0 256M 0 part /boot/efi
>
> btrfs fi show
> Label: none uuid: 07892354-ddaa-4443-90ea-f76a06accaba
> Total devices 1 FS bytes used 1.40GiB
> devid 1 size 4.00GiB used 3.00GiB path /dev/mmcblk0p4
>
> Copy mmcblk0 to sda
> dd if=/dev/mmcblk0 of=/dev/sda
>
> And immediately after the copy completes the change in the device
> superblock is notified which the automount scans using
> btrfs device scan and the new device sda becomes the mounted root
> device.
>
> lsblk
> NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
> sda 8:0 1 14.9G 0 disk
> |-sda4 8:4 1 4G 0 part /
> |-sda2 8:2 1 500M 0 part
> |-sda3 8:3 1 256M 0 part
> `-sda1 8:1 1 256M 0 part
> mmcblk0 179:0 0 29.2G 0 disk
> |-mmcblk0p4 179:4 0 4G 0 part
> |-mmcblk0p2 179:2 0 500M 0 part /boot
> |-mmcblk0p3 179:3 0 256M 0 part [SWAP]
> `-mmcblk0p1 179:1 0 256M 0 part /boot/efi
> btrfs fi show /
> Label: none uuid: 07892354-ddaa-4443-90ea-f76a06accaba
> Total devices 1 FS bytes used 1.40GiB
> devid 1 size 4.00GiB used 3.00GiB path /dev/sda4
>
> The bug is quite nasty that you can't either unmount /dev/sda4 or
> /dev/mmcblk0p4. And the problem does not get solved until you take
> the sda out of the system on to another system to change its fsid using
> the 'btrfstune -u' command.
>
> Signed-off-by: Anand Jain <anand.jain@oracle.com>
Looks like that the test will break the whole test env as it leaves an
unmountable $SCRATCH_MNT. I'd wait for the fix to get in first before
merging the test, in case it breaks normal regression tests. (I noticed
that the test is not in 'auto' group, so it's not that dangerous.)
Also, it'd be great if test can be reviewed by btrfs folks too!
> ---
> tests/btrfs/173 | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++
> tests/btrfs/173.out | 5 ++++
> tests/btrfs/group | 1 +
> 3 files changed, 78 insertions(+)
> create mode 100755 tests/btrfs/173
> create mode 100644 tests/btrfs/173.out
>
> diff --git a/tests/btrfs/173 b/tests/btrfs/173
> new file mode 100755
> index 000000000000..f59a62e206c3
> --- /dev/null
> +++ b/tests/btrfs/173
> @@ -0,0 +1,72 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2018 Oracle. All Rights Reserved.
> +#
> +# FS QA Test 173
> +#
> +# Fuzzy test for FS image duplication.
> +# Could be fixed by
> +# [patch] btrfs: harden agaist duplicate fsid
> +#
> +seq=`basename $0`
> +seqres=$RESULT_DIR/$seq
> +echo "QA output created by $seq"
> +
> +here=`pwd`
> +tmp=/tmp/$$
> +status=1 # failure is the default!
> +trap "_cleanup; exit \$status" 0 1 2 3 15
> +
> +_cleanup()
> +{
> + cd /
> + rm -f $tmp.*
> +}
> +
> +# get standard environment, filters and checks
> +. ./common/rc
> +. ./common/filter
> +
> +# remove previous $seqres.full before test
> +rm -f $seqres.full
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs btrfs
> +_supported_os Linux
> +_require_scratch_dev_pool 2
> +_scratch_dev_pool_get 2
> +
> +dev_foo=$(echo $SCRATCH_DEV_POOL | awk '{print $1}' | rev | cut -d"/" -f1 | rev)
> +dev_bar=$(echo $SCRATCH_DEV_POOL | awk '{print $2}' | rev | cut -d"/" -f1 | rev)
This doesn't work if the devices in SCRATCH_DEV_POOL are symlinks, e.g.
lvm devices: /dev/mapper/testvg-testlv1, dev_foo is "testvg-testlv1" in
this case.
> +
> +_mkfs_dev /dev/$dev_foo
But /dev/testvg-testlv1 isn't existed.
_short_dev and/or _real_dev is useful in this case. e.g.
dev_foo=$(echo $SCRATCH_DEV_POOL | awk '{print $1}')
# dev_foo is like "dm-1"
dev_foo=$(_short_dev $dev_foo)
# dev_foo is like "/dev/dm-1"
dev_foo=$(_real_dev $dev_foo)
> +_mount /dev/$dev_foo $SCRATCH_MNT
It'd better to mount non-SCRATCH_DEV to other mount point, e.g.
$TEST_DIR/$seq.mnt
Thanks,
Eryu
> +
> +echo mount before btrfs image clone | tee -a $seqres.full
> +findmnt /dev/$dev_foo | grep -v TARGET | awk '{print $1" "$2}' | \
> + sed -e "s/$dev_foo/dev_foo/g" | _filter_scratch | tee -a $seqres.full
> +findmnt /dev/$dev_bar | grep -v TARGET | awk '{print $1" "$2}' | \
> + sed -e "s/$dev_bar/dev_bar/g" | _filter_scratch | tee -a $seqres.full
> +
> +for sb_bytenr in 65536 67108864
> +do
> + echo -n "dd status=none if=/dev/$dev_foo of=/dev/$dev_bar bs=1 "\
> + "seek=$sb_bytenr skip=$sb_bytenr count=4096" >> $seqres.full
> + dd status=none if=/dev/$dev_foo of=/dev/$dev_bar bs=1 seek=$sb_bytenr \
> + skip=$sb_bytenr count=4096 >> $seqres.full 2>&1
> + echo ..:$? >> $seqres.full
> +done
> +
> +echo mount after btrfs image clone | tee -a $seqres.full
> +findmnt /dev/$dev_foo | grep -v TARGET | awk '{print $1" "$2}' | \
> + sed -e "s/$dev_foo/dev_foo/g" | _filter_scratch | tee -a $seqres.full
> +findmnt /dev/$dev_bar | grep -v TARGET | awk '{print $1" "$2}' | \
> + sed -e "s/$dev_bar/dev_bar/g" | _filter_scratch | tee -a $seqres.full
> +
> +_scratch_dev_pool_put
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/btrfs/173.out b/tests/btrfs/173.out
> new file mode 100644
> index 000000000000..a2ef7a26f4b9
> --- /dev/null
> +++ b/tests/btrfs/173.out
> @@ -0,0 +1,5 @@
> +QA output created by 173
> +mount before btrfs image clone
> +SCRATCH_MNT /dev/dev_foo
> +mount after btrfs image clone
> +SCRATCH_MNT /dev/dev_foo
> diff --git a/tests/btrfs/group b/tests/btrfs/group
> index 45782565c3b7..b2f1393f3e97 100644
> --- a/tests/btrfs/group
> +++ b/tests/btrfs/group
> @@ -175,3 +175,4 @@
> 170 auto quick snapshot
> 171 auto quick qgroup
> 172 auto quick punch
> +173 volume
> --
> 1.8.3.1
>
next prev parent reply other threads:[~2018-10-06 10:14 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-01 8:44 [PATCH] fstests: btrfs verify hardening agaist duplicate fsid Anand Jain
2018-10-06 10:14 ` Eryu Guan [this message]
2018-10-08 18:28 ` Anand Jain
2018-10-08 18:14 ` [PATCH v2] " Anand Jain
2018-10-08 18:28 ` [PATCH v2 rev log added] " Anand Jain
2018-10-21 10:25 ` Eryu Guan
2018-10-26 15:02 ` Nikolay Borisov
2018-10-26 15:34 ` Anand Jain
2018-10-26 15:52 ` Nikolay Borisov
2018-10-26 15:57 ` Anand Jain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181006101449.GJ17817@desktop \
--to=guaneryu@gmail.com \
--cc=anand.jain@oracle.com \
--cc=fstests@vger.kernel.org \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).