status of bugzilla #99171 - mdraid broken for O_DIRECT

public inbox for linux-raid@vger.kernel.org
 help / color / mirror / Atom feed

From: Roland <devzero@web.de>
To: Hannes Reinecke <hare@suse.de>,
	Reindl Harald <h.reindl@thelounge.net>,
	linux-raid@vger.kernel.org
Subject: status of bugzilla #99171 - mdraid broken for O_DIRECT
Date: Tue, 14 Oct 2025 22:14:39 +0200	[thread overview]
Message-ID: <e686d669-c41f-42a7-be53-9538feb4721f@web.de> (raw)
In-Reply-To: <A4168F21-4CDF-4BAD-8754-30BAA1315C6F@web.de>

sorry, resend in text format as mail contained html and bounced from ML.

Am 14.10.25 um 08:31 schrieb Hannes Reinecke:
> Hmm. I still would argue that the testcase quoted is invalid.
>
> What you do is to issue writes of a given buffer, while at the
> same time modifying the contents of that buffer.
>
> As we're doing zerocopy with O_DIRECT the buffer passed to pwrite
> is _the same_ buffer used when issuing the write to disk. The
> block layer now assumes that the buffer will _not_ be modified
> when writing to disk (ie between issuing 'pwrite' and the resulting
> request being send to disk).
> But that's not the case here; it will be modified, and consequently
> all sorts of issues will pop up.
> We have had all sorts of fun some years back with this issue until
> we fixed up all filesystems to do this correctly; if interested
> dig up the threads regarding 'stable pages' on linux-fsdevel.
>
> I would think you will end up with a corrupted filesystem if you
> run this without mdraid by just using btrfs with data checksumming.
>
yes, it's correct. you also end up with corrupted btrfs with this tool, 
see https://bugzilla.kernel.org/show_bug.cgi?id=99171#c16

> So really I'm not sure how to go from here; I would declare this
> as invalid, but what do I know ...
>
> Cheers,
>
> Hannes 

anyhow, i don't see why this testcase is invalid, especially when zfs 
seems not to be affected.

please look at this issue from a security perspective.

if you can break or corrupt your raid mirror from userspace even from an 
insulated layer/environment, i would better consider this "testcase" to 
be "malicious code" , which is able to subvert the 
virtualization/block/fs layer stack.

how could we prevent, that non-trused users in a vm or container 
environment can execute this "invalid" code ?

how can we prevent, that they do harm on the underlying mirror in a 
hosting environment for example ?

not using it in a hosting environment is a little bit weird strategy for 
a linux basic technoligy which exists for years.

and let it up to the hoster to remember he needs to disable direct-io 
for the hypervisor - is dissatisfying and error-prone, too.

roland

next      parent reply	other threads:[~2025-10-14 20:14 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <A4168F21-4CDF-4BAD-8754-30BAA1315C6F@web.de>
2025-10-14 20:14 ` Roland [this message]
2025-10-15  6:56   ` status of bugzilla #99171 - mdraid broken for O_DIRECT Hannes Reinecke
2025-10-15 23:09     ` Roland
2025-10-16  6:02       ` Hannes Reinecke
2025-10-17 20:18         ` Roland
2025-10-20  6:44           ` Hannes Reinecke
2024-10-09 20:08 Roland
2024-10-09 21:38 ` Reindl Harald
2024-10-10  6:53   ` Hannes Reinecke
2024-10-10  7:29     ` Roland
2024-10-10  8:34       ` Hannes Reinecke
2025-10-11 19:25         ` Roland
2025-10-13  6:48           ` Hannes Reinecke
2025-10-13 19:06             ` Roland
     [not found]             ` <6fb3e2cb-8eeb-4e76-9364-16348d807784@web.de>
2025-10-14  6:31               ` Hannes Reinecke

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e686d669-c41f-42a7-be53-9538feb4721f@web.de \
    --to=devzero@web.de \
    --cc=h.reindl@thelounge.net \
    --cc=hare@suse.de \
    --cc=linux-raid@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox