On Wed 05-07-23 13:27:03, Mike Fleetwood wrote: > On Tue, 4 Jul 2023 at 13:57, Jan Kara <jack@xxxxxxx> wrote: > > > > Hello! > > > > This is second version of the patches to add config option to not allow writing > > to mounted block devices. For motivation why this is interesting see patch 1/6. > > I've been testing the patches more extensively this time and I've found couple > > of things that get broken by disallowing writes to mounted block devices: > > 1) Bind mounts get broken because get_tree_bdev() / mount_bdev() first try to > > claim the bdev before searching whether it is already mounted. Patch 6 > > reworks the mount code to avoid this problem. > > 2) btrfs mounting is likely having the same problem as 1). It should be fixable > > AFAICS but for now I've left it alone until we settle on the rest of the > > series. > > 3) "mount -o loop" gets broken because util-linux keeps the loop device open > > read-write when attempting to mount it. Hopefully fixable within util-linux. > > 4) resize2fs online resizing gets broken because it tries to open the block > > device read-write only to call resizing ioctl. Trivial to fix within > > e2fsprogs. > > > > Likely there will be other breakage I didn't find yet but overall the breakage > > looks minor enough that the option might be useful. Definitely good enough > > for syzbot fuzzing and likely good enough for hardening of systems with > > more tightened security. > > 5) Online e2label will break because it directly writes to the ext2/3/4 > superblock while the FS is mounted to set the new label. Ext4 driver > will have to implement the SETFSLABEL ioctl() and e2label will have > to use it, matching what happens for online labelling of btrfs and > xfs. Thanks, added to the description. Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR
