Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp5908806rwp; Mon, 17 Jul 2023 11:20:20 -0700 (PDT) X-Google-Smtp-Source: APBJJlGhIpSpgAvmRndZccRtPGni7kfC87fgRYwTFauuFqzxqfHEN8/eEhQmnenlhY/ULKAgB6hE X-Received: by 2002:a17:90a:bc8d:b0:262:ebb9:dd54 with SMTP id x13-20020a17090abc8d00b00262ebb9dd54mr10838911pjr.26.1689618019840; Mon, 17 Jul 2023 11:20:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689618019; cv=none; d=google.com; s=arc-20160816; b=kOsEwIt0/1I125FxtdYcGm/HrxJYrVCD7EnRcf6d/0HwQ18jm3ULPzqw2AcmDTMNlr RnkOQGEIGn5hGbwhFTLOz4C43HvMYjTyav4npkDhPaaidRwabsnMmgarW8fK3Jex1Sni ZwZCeQJr3o6ZVucn3Zf1baUtjsgRoWDeInBrU3JqKQqRK4c17u8+Z0GszATX2mFsl3Vw bToCqmyBXtBFg8jY0I9PNT1gki2IsyTjS9BiA8IbauwKf9//jxki5AFmAwVgXEu1NC3X Bk9V2x9pyydup1gndyEn1r79QnLYI9pDfpbFhUHmsXiIkK1GdsA/fz6P+jtmSQQ1GYAK 6V/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=EcUONx2QoC1Q38uHYLn+ll6oxMznhmLp6cVLoRPn580=; fh=Wop/i/wLAV0FNJXQAD2gBcLbhXzdxGFCn6xWob33xCQ=; b=yOZ7JJ8fFYFMWh+RqC9Z/70oLhLsvfOaflgMYcbXqLUEfb7V0QaifrkasIWqRXjQGM yDyqoR0RKNlDybglpNJboygnDKu0Uxx/G4fAf6ImQzQA1jfjV6OXv0naXESugsUHYTb+ qrRldsRhhRsw3ifFU9KCEg+4lpYQaZFmRsAq2TQ0aWGnPkAm9NxCZPYsFoFJ/mz1Ch0u u1sYZemHIiKn53yBGM2qwBYWnvWMOyisuxxDMeKKGSVLcKCqqpIA3NR+McB6ZDZGDtHg lKH9ri8lP8gg8Z5+/inqfrzpil2dKyjwf6o6KKK0QxFJiafinCHyy1hQ7zcA9/OQNG8/ sKbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@veeam.com header.s=mx4-2022 header.b=ScP3tPuh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=veeam.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p16-20020a634f50000000b00553d7157e8bsi130211pgl.794.2023.07.17.11.19.52; Mon, 17 Jul 2023 11:20:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@veeam.com header.s=mx4-2022 header.b=ScP3tPuh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=veeam.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230165AbjGQRkR (ORCPT + 99 others); Mon, 17 Jul 2023 13:40:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54832 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229637AbjGQRkP (ORCPT ); Mon, 17 Jul 2023 13:40:15 -0400 Received: from mx4.veeam.com (mx4.veeam.com [104.41.138.86]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BE50E3; Mon, 17 Jul 2023 10:40:14 -0700 (PDT) Received: from mail.veeam.com (prgmbx01.amust.local [172.24.128.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.veeam.com (Postfix) with ESMTPS id 6DBDE5EC32; Mon, 17 Jul 2023 20:40:11 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=veeam.com; s=mx4-2022; t=1689615611; bh=EcUONx2QoC1Q38uHYLn+ll6oxMznhmLp6cVLoRPn580=; h=Date:Subject:To:CC:References:From:In-Reply-To:From; b=ScP3tPuhjukSfnf4MGNVkVElBvt3QBFrjW7LMWC2K89vGmF83REc1fKPDggZtA4IG XfxZ6hKYPZiA6rs1FUfdp0F/tBniPNT3qWGJKjJNRwVYXuSP2LirBmMzT54bZG1rFl cXBVdYlDtvALZWH+HJ8oHFLj3t3YWjxeYj/eSMPOT0e1DZoUYc2Wi2SRQ64izSjVFt ejpDgSFr/fD9Pzk6IJpJOisOh7UgXAwznD+f99OO0or/v7IAvaP1RWGZO+Yyb8gn7s e/OuYqdNkHStKIrizOFyU87YoU6yC2xQ4QlFS2j5cpJDB79U4V4sNOqNhuPng8f/qM S6cqA94JoKibg== Received: from [172.24.10.107] (172.24.10.107) by prgmbx01.amust.local (172.24.128.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.16; Mon, 17 Jul 2023 19:40:05 +0200 Message-ID: Date: Mon, 17 Jul 2023 19:39:55 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH v5 02/11] block: Block Device Filtering Mechanism Content-Language: en-US To: Yu Kuai , , , , CC: , , , , , , , , , , , , Donald Buczek , "yukuai (C)" References: <20230612135228.10702-1-sergei.shtepa@veeam.com> <20230612135228.10702-3-sergei.shtepa@veeam.com> <2ab36e73-a612-76a8-9c20-f5e11c67bcc3@huaweicloud.com> From: Sergei Shtepa In-Reply-To: <2ab36e73-a612-76a8-9c20-f5e11c67bcc3@huaweicloud.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [172.24.10.107] X-ClientProxiedBy: colmbx01.amust.local (172.31.112.31) To prgmbx01.amust.local (172.24.128.102) X-EsetResult: clean, is OK X-EsetId: 37303A292403155B677467 X-Veeam-MMEX: True X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi. On 7/12/23 14:34, Yu Kuai wrote: > Subject: > Re: [PATCH v5 02/11] block: Block Device Filtering Mechanism > From: > Yu Kuai > Date: > 7/12/23, 14:34 > > To: > Yu Kuai , Sergei Shtepa , axboe@kernel.dk, hch@infradead.org, corbet@lwn.net, snitzer@kernel.org > CC: > viro@zeniv.linux.org.uk, brauner@kernel.org, dchinner@redhat.com, willy@infradead.org, dlemoal@kernel.org, linux@weissschuh.net, jack@suse.cz, ming.lei@redhat.com, linux-block@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Donald Buczek , "yukuai (C)" > > > Hi, > > 在 2023/07/12 18:04, Yu Kuai 写道: >> Hi, >> >> 在 2023/07/11 10:02, Yu Kuai 写道: >> >>>> +static bool submit_bio_filter(struct bio *bio) >>>> +{ >>>> +    if (bio_flagged(bio, BIO_FILTERED)) >>>> +        return false; >>>> + >>>> +    bio_set_flag(bio, BIO_FILTERED); >>>> +    return bio->bi_bdev->bd_filter->ops->submit_bio(bio); >>>> +} >>>> + >>>>   static void __submit_bio(struct bio *bio) >>>>   { >>>> +    /* >>>> +     * If there is a filter driver attached, check if the BIO needs to go to >>>> +     * the filter driver first, which can then pass on the bio or consume it. >>>> +     */ >>>> +    if (bio->bi_bdev->bd_filter && submit_bio_filter(bio)) >>>> +        return; >>>> + >>>>       if (unlikely(!blk_crypto_bio_prep(&bio))) >>>>           return; >> >> ... >> >>>> +static void __blkfilter_detach(struct block_device *bdev) >>>> +{ >>>> +    struct blkfilter *flt = bdev->bd_filter; >>>> +    const struct blkfilter_operations *ops = flt->ops; >>>> + >>>> +    bdev->bd_filter = NULL; >>>> +    ops->detach(flt); >>>> +    module_put(ops->owner); >>>> +} >>>> + >>>> +void blkfilter_detach(struct block_device *bdev) >>>> +{ >>>> +    if (bdev->bd_filter) { >>>> +        blk_mq_freeze_queue(bdev->bd_queue); >> >> And this is not sate as well, for bio-based device, q_usage_counter is >> not grabbed while submit_bio_filter() is called, hence there is a risk >> of uaf from submit_bio_filter(). > > And there is another question, can blkfilter_detach() from > del_gendisk/delete_partiton and ioctl concurrent? I think it's a > problem. > Yes, it looks like if two threads execute the blkfilter_detach() function, then a problem is possible. The blk_mq_freeze_queue() function does not block threads. But for this, it is necessary that the IOCTL for the block device and its removal are performed simultaneously. Is this possible? I suppose that using mutex bdev->bd_disk->open_mutex in blkfilter_ioctl_attach(), blkfilter_ioctl_detach() and blkfilter_ioctl_ctl() can fix the problem. What do you think? > Thanks, > Kuai >> >> Thanks, >> Kuai >> >> . >> >