| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201021130753.GM20115@casper.infradead.org>
Date: Wed, 21 Oct 2020 14:07:53 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Sergei Shtepa <sergei.shtepa@...am.com>
Cc: Damien Le Moal <Damien.LeMoal@....com>,
"axboe@...nel.dk" <axboe@...nel.dk>,
"viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
"hch@...radead.org" <hch@...radead.org>,
"darrick.wong@...cle.com" <darrick.wong@...cle.com>,
"linux-xfs@...r.kernel.org" <linux-xfs@...r.kernel.org>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"rjw@...ysocki.net" <rjw@...ysocki.net>,
"len.brown@...el.com" <len.brown@...el.com>,
"pavel@....cz" <pavel@....cz>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
Johannes Thumshirn <Johannes.Thumshirn@....com>,
"ming.lei@...hat.com" <ming.lei@...hat.com>,
"jack@...e.cz" <jack@...e.cz>, "tj@...nel.org" <tj@...nel.org>,
"gustavo@...eddedor.com" <gustavo@...eddedor.com>,
"bvanassche@....org" <bvanassche@....org>,
"osandov@...com" <osandov@...com>,
"koct9i@...il.com" <koct9i@...il.com>,
"steve@....org" <steve@....org>,
"linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-pm@...r.kernel.org" <linux-pm@...r.kernel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>
Subject: Re: [PATCH 1/2] Block layer filter - second version
On Wed, Oct 21, 2020 at 03:55:55PM +0300, Sergei Shtepa wrote:
> The 10/21/2020 14:44, Matthew Wilcox wrote:
> > I don't understand why O_DIRECT gets to bypass the block filter. Nor do
> > I understand why anybody would place a block filter on the swap device.
> > But if somebody did place a filter on the swap device, why should swap
> > be able to bypass the filter?
>
> Yes, intercepting the swap partition is absurd. But we can't guarantee
> that the filter won't intercept swap.
>
> Swap operation is related to the memory allocation logic. If a swap on
> the block device are accessed during memory allocation from filter,
> a deadlock occurs. We can allow filters to occasionally shoot off their
> feet, especially under high load. But I think it's better not to do it.
We already have logic to prevent this in Linux. Filters need to
call memalloc_noio_save() while they might cause swap to happen and
memalloc_noio_restore() once it's safe for them to cause swap again.
> "directly access" - it is not O_DIRECT. This means (I think) direct
> reading from the device file, like "dd if=/dev/sda1".
> As for intercepting direct reading, I don't know how to do the right thing.
>
> The problem here is that in fs/block_dev.c in function __blkdev_direct_IO()
> uses the qc - value returned by the submit_bio() function.
> This value is used below when calling
> blk_poll(bdev_get_queue(dev), qc, true).
> The filter cannot return a meaningful value of the blk_qc_t type when
> intercepting a request, because at that time it does not know which queue
> the request will fall into.
>
> If function submit_bio() will always return BLK_QC_T_NONE - I think the
> algorithm of the __blk dev_direct_IO() will not work correctly.
> If we need to intercept direct access to a block device, we need to at
> least redo the __blkdev_direct_IO function, getting rid of blk_pool.
> I'm not sure it's necessary yet.
This isn't part of the block layer that I'm familiar with, so I can't
help solve this problem, but allowing O_DIRECT to bypass the block filter
is a hole that needs to be fixed before these patches can be considered.
Powered by blists - more mailing lists