Skip to content

Commit 721c7fc

Browse files
idryomovaxboe
idryomov
authored and
axboe
committed
block: fail op_is_write() requests to read-only partitions
Regular block device writes go through blkdev_write_iter(), which does bdev_read_only(), while zeroout/discard/etc requests are never checked, both userspace- and kernel-triggered. Add a generic catch-all check to generic_make_request_checks() to actually enforce ioctl(BLKROSET) and set_disk_ro(), which is used by quite a few drivers for things like snapshots, read-only backing files/images, etc. Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Jens Axboe <axboe@kernel.dk>
1 parent 17534c6 commit 721c7fc

File tree

1 file changed

+38
-18
lines changed

1 file changed

+38
-18
lines changed

block/blk-core.c

Lines changed: 38 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -2062,6 +2062,21 @@ static inline bool should_fail_request(struct hd_struct *part,
20622062

20632063
#endif /* CONFIG_FAIL_MAKE_REQUEST */
20642064

2065+
static inline bool bio_check_ro(struct bio *bio, struct hd_struct *part)
2066+
{
2067+
if (part->policy && op_is_write(bio_op(bio))) {
2068+
char b[BDEVNAME_SIZE];
2069+
2070+
printk(KERN_ERR
2071+
"generic_make_request: Trying to write "
2072+
"to read-only block-device %s (partno %d)\n",
2073+
bio_devname(bio, b), part->partno);
2074+
return true;
2075+
}
2076+
2077+
return false;
2078+
}
2079+
20652080
/*
20662081
* Remap block n of partition p to block n+start(p) of the disk.
20672082
*/
@@ -2070,27 +2085,28 @@ static inline int blk_partition_remap(struct bio *bio)
20702085
struct hd_struct *p;
20712086
int ret = 0;
20722087

2088+
rcu_read_lock();
2089+
p = __disk_get_part(bio->bi_disk, bio->bi_partno);
2090+
if (unlikely(!p || should_fail_request(p, bio->bi_iter.bi_size) ||
2091+
bio_check_ro(bio, p))) {
2092+
ret = -EIO;
2093+
goto out;
2094+
}
2095+
20732096
/*
20742097
* Zone reset does not include bi_size so bio_sectors() is always 0.
20752098
* Include a test for the reset op code and perform the remap if needed.
20762099
*/
2077-
if (!bio->bi_partno ||
2078-
(!bio_sectors(bio) && bio_op(bio) != REQ_OP_ZONE_RESET))
2079-
return 0;
2100+
if (!bio_sectors(bio) && bio_op(bio) != REQ_OP_ZONE_RESET)
2101+
goto out;
20802102

2081-
rcu_read_lock();
2082-
p = __disk_get_part(bio->bi_disk, bio->bi_partno);
2083-
if (likely(p && !should_fail_request(p, bio->bi_iter.bi_size))) {
2084-
bio->bi_iter.bi_sector += p->start_sect;
2085-
bio->bi_partno = 0;
2086-
trace_block_bio_remap(bio->bi_disk->queue, bio, part_devt(p),
2087-
bio->bi_iter.bi_sector - p->start_sect);
2088-
} else {
2089-
printk("%s: fail for partition %d\n", __func__, bio->bi_partno);
2090-
ret = -EIO;
2091-
}
2092-
rcu_read_unlock();
2103+
bio->bi_iter.bi_sector += p->start_sect;
2104+
bio->bi_partno = 0;
2105+
trace_block_bio_remap(bio->bi_disk->queue, bio, part_devt(p),
2106+
bio->bi_iter.bi_sector - p->start_sect);
20932107

2108+
out:
2109+
rcu_read_unlock();
20942110
return ret;
20952111
}
20962112

@@ -2149,15 +2165,19 @@ generic_make_request_checks(struct bio *bio)
21492165
* For a REQ_NOWAIT based request, return -EOPNOTSUPP
21502166
* if queue is not a request based queue.
21512167
*/
2152-
21532168
if ((bio->bi_opf & REQ_NOWAIT) && !queue_is_rq_based(q))
21542169
goto not_supported;
21552170

21562171
if (should_fail_request(&bio->bi_disk->part0, bio->bi_iter.bi_size))
21572172
goto end_io;
21582173

2159-
if (blk_partition_remap(bio))
2160-
goto end_io;
2174+
if (!bio->bi_partno) {
2175+
if (unlikely(bio_check_ro(bio, &bio->bi_disk->part0)))
2176+
goto end_io;
2177+
} else {
2178+
if (blk_partition_remap(bio))
2179+
goto end_io;
2180+
}
21612181

21622182
if (bio_check_eod(bio, nr_sectors))
21632183
goto end_io;

0 commit comments

Comments
 (0)