On Wed, Aug 28, 2024 at 09:27:53AM GMT, Darrick J. Wong wrote: > On Wed, Aug 28, 2024 at 11:48:58AM -0300, Guilherme G. Piccoli wrote: > > Commit ed5cc702d311 ("block: Add config option to not allow writing to mounted > > devices") added a Kconfig option along with a kernel command-line tuning to > > control writes to mounted block devices, as a means to deal with fuzzers like > > Syzkaller, that provokes kernel crashes by directly writing on block devices > > bypassing the filesystem (so the FS has no awareness and cannot cope with that). > > > > The patch just missed adding such kernel command-line option to the kernel > > documentation, so let's fix that. > > > > Cc: Bart Van Assche <bvanassche@xxxxxxx> > > Cc: Darrick J. Wong <djwong@xxxxxxxxxx> > > Cc: Jens Axboe <axboe@xxxxxxxxx> > > Reviewed-by: Jan Kara <jack@xxxxxxx> > > Signed-off-by: Guilherme G. Piccoli <gpiccoli@xxxxxxxxxx> > > Looks good to me now, > Reviewed-by: Darrick J. Wong <djwong@xxxxxxxxxx> > > Fun unrelated question: do we want to turn on bdev_allow_write_mounted > if lockdown is enabled? In that kind of environment, we don't want to > allow random people to scribble, given how many weird ext4 bugs we've > had to fix due to syzbot. I would say yes, we absolutely do.