lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <43aab70c-8521-4dfa-847a-1175d31a55d1@oracle.com>
Date: Wed, 3 Jul 2024 13:20:26 +0100
From: John Garry <john.g.garry@...cle.com>
To: Christoph Hellwig <hch@...radead.org>
Cc: Keith Busch <kbusch@...nel.org>, Jens Axboe <axboe@...nel.dk>,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: blk_validate_limits validation of block size (was Re: [PATCH v2]
 null_blk: fix validation of block size)

(trim list)

On 29/06/2024 06:07, Christoph Hellwig wrote:
> On Fri, Jun 28, 2024 at 03:30:00PM +0100, John Garry wrote:
>> On 04/06/2024 05:46, Christoph Hellwig wrote:
>>>> It also looks like a good idea if this check was just done in
>>>> blk_validate_limits() so that each driver doesn't have to do their own
>>>> checks. That block function is kind of recent though.
>>> Yes.  We already discussed this in another thread a few days ago.
>> Has anyone taken this work? I was going to unless someone else wants to. 4
>> or 5 drivers directly reference blk_validate_block_size() now.
> 
> I haven't look at it yet, so from my point of view feel free to tackle
> it.

I spent a bit of time on this, and the driver changes are pretty 
straightforward, apart from nbd.

For nbd, we cannot only change to just stop calling 
blk_validate_limits(). This is because the LBS is possibly updated in a
2-stage process:
a. update block size in the driver and validate
b. update queue limits

like:

static int __nbd_set_size(struct nbd_device *nbd, loff_t bytesize,
		loff_t blksize)
{
	...

	if (blk_validate_block_size(blksize))
		return -EINVAL;

	nbd->config->bytesize = bytesize;
	nbd->config->blksize_bits = __ffs(blksize);

	if (!nbd->pid)
		return 0;

	lim = queue_limits_start_update(nbd->disk->queue);
	...
	error = queue_limits_commit_update(nbd->disk->queue, &lim);

So if we stop validating the limits in a., there is a user-visible 
change in behaviour (as we stop rejecting invalid limits from the 
NBD_SET_BLKSIZE ioctl).

We could add a "dryrun" option to queue_limits_commit_update() (and call 
that instead of blk_validate_block_size(), which is effectively the same 
as calling blk_validate_block_size()). Or we can keep
nbd as the only blk_validate_limits() user (outside the block layer).

Any better ideas?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ