On Mon, Jun 12, 2023 at 10:39:51AM -0700, Bart Van Assche wrote: > > > Writing to mounted devices is dangerous and can lead to filesystem > > > corruption as well as crashes. Furthermore syzbot comes with more and > > > more involved examples how to corrupt block device under a mounted > > > filesystem leading to kernel crashes and reports we can do nothing > > > about. Add config option to disallow writing to mounted (exclusively > > > open) block devices. Syzbot can use this option to avoid uninteresting > > > crashes. Also users whose userspace setup does not need writing to > > > mounted block devices can set this config option for hardening. > > Have alternatives been configured to making this functionality > configurable at build time only? How about a kernel command line > parameter instead of a config option? I could imagine wanting a config option which changes the default, as well as a way of setting the parameter on the command line so that users of distro kernel can change the parameter value. That's especially since it might be useful for more than just reining in syzbot reports. - Ted
