[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <aac18497-f420-a04a-16ab-c3e2149904b5@linux.com>
Date: Fri, 17 Dec 2021 09:44:10 +0300
From: Denis Efremov <efremov@...ux.com>
To: "Dae R. Jeong" <threeearcat@...il.com>, axboe@...nel.dk,
linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: yjkwon@...st.ac.kr
Subject: Re: WARNING in schedule_bh
Hi,
>
> So, for me, concurrent execution of floppy_shutdown() and
> fd_locked_ioctl() is suspicious. Could you please check the above
> scenario is reasonable?
>
Thank you for the analysis. You are right and concurrent execution
of floppy_shutdown() and fd_locked_ioctl() looks suspicious. I know about
this warning more than 2 years already since I wrote syzkaller descriptions
for the floppy. I can only wonder why did it take so long for the syzbot
to find it.
However, this bug is not reproducible on real hardware. I would prefer not
to touch the code significantly unless there is a security reason for it.
The pros here are that bugs should be fixed. The cons here are that changing
the code more-or-less significantly is hard to test on real hardware
(there was a regression in UAPI of floppy not so long ago, it took almost
half of a year before it was reported and it took another couple of months
before distros released kernels with a fix); floppy driver contains
undocumented/poorly-documented hacks (e.g. O_ACCMODE
https://github.com/google/syzkaller/commit/3ea5a3451b2bfa90a3b73397273560f17d587efc#diff-07b38a9cc5b8b1eed725414265f033c41abffbbe537567799ed678dfe9c49d7a);
/dev/fd0 is accessible only by root/disk user on most of the distros nowadays;
races are highly likely not reproducible on real hardware because floppy
devices are slow; from the functional point of view the driver worked with
this bug almost 10 years (maybe more) and I doubt it's possible to
face this bug during normal workflow (without direct intention to trigger it);
I think that usage of floppies inside VMs is limited to some specific
workflows and I doubt it's really broad.
If you see an easy way to fix this issue, please send a patch.
Thanks,
Denis
Powered by blists - more mailing lists