btrfs: harden identification of the stale device

Message ID	166e39f69a8693e5fe10784cdbd950d68f98d4fb.1638953372.git.anand.jain@oracle.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-btrfs-owner@kernel.org> From: Anand Jain <anand.jain@oracle.com> To: linux-btrfs@vger.kernel.org Cc: Josef Bacik <josef@toxicpanda.com> Subject: [PATCH] btrfs: harden identification of the stale device Date: Wed, 8 Dec 2021 22:05:29 +0800 Message-Id: <166e39f69a8693e5fe10784cdbd950d68f98d4fb.1638953372.git.anand.jain@oracle.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Precedence: bulk
Series	btrfs: harden identification of the stale device \| expand btrfs: harden identification of the stale device

Message ID

166e39f69a8693e5fe10784cdbd950d68f98d4fb.1638953372.git.anand.jain@oracle.com (mailing list archive)

State

New, archived

Headers

From: Anand Jain <anand.jain@oracle.com>
To: linux-btrfs@vger.kernel.org
Cc: Josef Bacik <josef@toxicpanda.com>
Subject: [PATCH] btrfs: harden identification of the stale device
Date: Wed,  8 Dec 2021 22:05:29 +0800
Message-Id: 
 <166e39f69a8693e5fe10784cdbd950d68f98d4fb.1638953372.git.anand.jain@oracle.com>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 +vRocXfVHT91kl1CeGCaqdNEpdJJTDI+erBG9T9785NmxEcvs+Y6prXZwoo/FG1I759WJXlPDfBQJpD/Ifl0hTUEMseK+JND3Fxucj2XKqogVNWjkTRadTEt5LtixXo1SWLyAAV4kHbJBtJyUUrubomN97/1yPGAJikP4EKuOKnAEWi3tJIqPa8MS4U6DMpwBxccULtexnsOnHx2DjCNJW/ryE+mv86FdLK/UY8vUuuQ6fAXBA/mjRSgfdqcgHaUvL4sl9CoJQjoYHSe6TRfN9ZvXYJhtFDK2B+uq4FZRf/N5OC/YROMKFe40puYZjPWBky1j1yXtKYFDX+hziEJXMHKVGvv6bH4gCvbMRlhiBajSjp3VhU14IK7vDqV3GZsQ+65W/GbF33XKTSksczLuJpRNe/y1wKs7NfxkpN4BPlTCmAbAmGV8g/GCsOtTTIGa30swaqrp316SQIAschQbncxT8Zl95M/2b7ZCiy+Kq+XsAsYfJSVuuaPPcOqR8gIl6Npo6si45/lPDA9UebUOxiwZe4ZuojjtB1eW+ZjWApinpLas42/w+de4zYYMLMyInWglw12E3i0n0YFQ1dCTWbpHlye1jio4++heVEBNfYO3eloJq4TJkMwfyfc349TUYM5NOKsTxPsMFUsaxpqTvr7C4gyJOG/q4mhWYQqoQvKwLKAG4F93uh4Aw7h9AB1dFxvIIhGJJ+bqDO03jqHXmzP3d1iZxAvM/f4hmpau1GxzpIhFcUuNTWZX70iMHP0dQPXBuje7pF9Nuvb2XzO4leqAthscZC5jsEyyDAmowwVEmvQc2M8ZNc0cVObQWXH+LtUX+J5jmPuy7S1jSsDha62XQF2jz2VTqXDf+C1uzT439rVJz+IvvyRS30VUlI7rydWNyzwcPOnMVb+t0dfavdNXNRWHOllXneuVcnvghgK2690nXvcy/3GWsKJL/sXDnErf0RbV6hmUGvQDJXjX9HlZbQ0MeH48pV9ZnorDULRhvDib4htsK6sotVV/wxDyRpq9Dffp9SnBNY5CmWzcBeLJP/XFNW6I2QDSBNV+CqxEctbkYDjnnWv9OPnPdamHISK4eUZJya7aqqyz0AvjdI8i1zfOTKX4fWK2/3BPWhkVccYZBMhRmNnyF4Z2CD9Px8cPFq78vUfJgUTobo43Jh2WwgKx9E/dQxSp8+9eeNN4HkoMhZLdXaRE/19ydVxqlZEml7MbEMSaUJ2b6GjQmSqwO0u5kxxjY64qCj0IEvpmVykudFrkfou08wmX1xYLCmT1wgGFpmUluQJ1KFeS2AAMT5dK74g7bs5YPh5ThbdJMDrwlghKYQYpl2QhqirZnDEaSYBJSiTvCpxUbAPLsqg6uGbJUlP4DDUz7aKC7tGSLi0yJAymA02/8EGUUlu31Hsgt5th2Q8PltCCz4k7BdtWRIFGtxRBf5Rkou+pfivAp7aqs8uZDM1PU/L/CkNSFDeYpxRLhaXATNDuZAIJvNso9hnKrBXK7bt53/fZippQb0oyxLzMZeGGzaSKg6TMdUCraeuiybtLI5Vv2FwPmpY7mA70nSxmgHUe7ea3xI06VKnsfeFeaornIemiMuXJ9NZMtBiQyMch3tJQ5vl5O3/r4PppZIzRGOL1a+ySbE=
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 d18ad872-adc1-4d2b-f47f-08d9ba53d3a8
X-MS-Exchange-CrossTenant-AuthSource: MN2PR10MB4128.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Dec 2021 14:05:44.7471
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 rog2OFn4d352C4veWkjbtaHV7W4Yq2/AvGY+sKAx6KAo6PJbwe0cH5Q3giiMYEtFFKGgZ+fXei2+3pabOHQflA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR10MB4191
X-Proofpoint-Virus-Version: vendor=nai engine=6300 definitions=10191
 signatures=668683
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0
 suspectscore=0
 adultscore=0 mlxlogscore=999 bulkscore=0 malwarescore=0 mlxscore=0
 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2110150000 definitions=main-2112080089
X-Proofpoint-GUID: 4wpkLDOHqLLnoxeQmkv1INcbzwvQAmfR
X-Proofpoint-ORIG-GUID: 4wpkLDOHqLLnoxeQmkv1INcbzwvQAmfR
Precedence: bulk
List-ID: <linux-btrfs.vger.kernel.org>
X-Mailing-List: linux-btrfs@vger.kernel.org

Series

btrfs: harden identification of the stale device | expand

Commit Message

Anand Jain Dec. 8, 2021, 2:05 p.m. UTC

Identifying and removing the stale device from the fs_uuids list is done
by the function btrfs_free_stale_devices().
btrfs_free_stale_devices() in turn depends on the function
device_path_matched() to check if the device repeats in more than one
btrfs_device structure.

The matching of the device happens by its path, the device path. However,
when dm mapper is in use, the dm device paths are nothing but a link to
the actual block device, which leads to the device_path_matched() failing
to match.

Fix this by matching the dev_t as provided by lookup_bdev() instead of
plain strcmp() the device paths.

Reported-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Anand Jain <anand.jain@oracle.com>
---
This patch should go to Stable-5.4.y and up but, there is a conflict.
I will send a separate patch for the stable.

 fs/btrfs/volumes.c | 33 ++++++++++++++++++++++++++-------
 1 file changed, 26 insertions(+), 7 deletions(-)

Comments

Josef Bacik Dec. 8, 2021, 2:29 p.m. UTC | #1

On Wed, Dec 08, 2021 at 10:05:29PM +0800, Anand Jain wrote:
> Identifying and removing the stale device from the fs_uuids list is done
> by the function btrfs_free_stale_devices().
> btrfs_free_stale_devices() in turn depends on the function
> device_path_matched() to check if the device repeats in more than one
> btrfs_device structure.
> 
> The matching of the device happens by its path, the device path. However,
> when dm mapper is in use, the dm device paths are nothing but a link to
> the actual block device, which leads to the device_path_matched() failing
> to match.
> 
> Fix this by matching the dev_t as provided by lookup_bdev() instead of
> plain strcmp() the device paths.
> 
> Reported-by: Josef Bacik <josef@toxicpanda.com>
> Signed-off-by: Anand Jain <anand.jain@oracle.com>

We already have the bdev for the device in most of the callers here, the only
exception is btrfs_forget_devices.  Can we change this up to pass in the dev_t
of the device we're trying to remove, that way we don't have to do the lookup
over and over for the path of the device we're trying to forget?  Thanks,

Josef

kernel test robot Dec. 9, 2021, 3:59 a.m. UTC | #2

Hi Anand,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on kdave/for-next]
[also build test WARNING on v5.16-rc4 next-20211208]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Anand-Jain/btrfs-harden-identification-of-the-stale-device/20211208-220757
base:   https://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux.git for-next
config: i386-randconfig-s001-20211207 (https://download.01.org/0day-ci/archive/20211209/202112091123.ETjD5KQj-lkp@intel.com/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.4-dirty
        # https://github.com/0day-ci/linux/commit/03b597640967afb3d37dc37f0a685fed95594b83
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Anand-Jain/btrfs-harden-identification-of-the-stale-device/20211208-220757
        git checkout 03b597640967afb3d37dc37f0a685fed95594b83
        # save the config file to linux build tree
        mkdir build_dir
        make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 SHELL=/bin/bash

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>


sparse warnings: (new ones prefixed by >>)
   fs/btrfs/volumes.c:402:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected struct rcu_string *str @@     got struct rcu_string [noderef] __rcu *name @@
   fs/btrfs/volumes.c:402:31: sparse:     expected struct rcu_string *str
   fs/btrfs/volumes.c:402:31: sparse:     got struct rcu_string [noderef] __rcu *name
>> fs/btrfs/volumes.c:549:35: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *pathname @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:549:35: sparse:     expected char const *pathname
   fs/btrfs/volumes.c:549:35: sparse:     got char [noderef] __rcu *
   fs/btrfs/volumes.c:643:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:643:43: sparse:     expected char const *device_path
   fs/btrfs/volumes.c:643:43: sparse:     got char [noderef] __rcu *
   fs/btrfs/volumes.c:904:50: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *cs @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:904:50: sparse:     expected char const *cs
   fs/btrfs/volumes.c:904:50: sparse:     got char [noderef] __rcu *
   fs/btrfs/volumes.c:984:39: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected struct rcu_string *str @@     got struct rcu_string [noderef] __rcu *name @@
   fs/btrfs/volumes.c:984:39: sparse:     expected struct rcu_string *str
   fs/btrfs/volumes.c:984:39: sparse:     got struct rcu_string [noderef] __rcu *name
   fs/btrfs/volumes.c:1040:58: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *src @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:1040:58: sparse:     expected char const *src
   fs/btrfs/volumes.c:1040:58: sparse:     got char [noderef] __rcu *
   fs/btrfs/volumes.c:2235:49: sparse: sparse: incorrect type in argument 3 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:2235:49: sparse:     expected char const *device_path
   fs/btrfs/volumes.c:2235:49: sparse:     got char [noderef] __rcu *
   fs/btrfs/volumes.c:2350:41: sparse: sparse: incorrect type in argument 3 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
   fs/btrfs/volumes.c:2350:41: sparse:     expected char const *device_path
   fs/btrfs/volumes.c:2350:41: sparse:     got char [noderef] __rcu *

vim +549 fs/btrfs/volumes.c

   532	
   533	/*
   534	 * Check if the device in the 'path' matches with the device in the given
   535	 * struct btrfs_device '*device'.
   536	 * Returns:
   537	 *	0	If it is the same device.
   538	 *	1	If it is not the same device.
   539	 *	-errno	For error.
   540	 */
   541	static int device_matched(struct btrfs_device *device, const char *path)
   542	{
   543		dev_t dev_old;
   544		dev_t dev_new;
   545		int error;
   546	
   547		lockdep_assert_held(&device->fs_devices->device_list_mutex);
   548		/* rcu is not required as we are inside the device_list_mutex */
 > 549		error = lookup_bdev(device->name->str, &dev_old);
   550		if (error)
   551			return error;
   552	
   553		error = lookup_bdev(path, &dev_new);
   554		if (error)
   555			return error;
   556	
   557		if (dev_old == dev_new)
   558			return 0;
   559	
   560		return 1;
   561	}
   562	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Anand Jain Dec. 9, 2021, 6:28 a.m. UTC | #3

> sparse warnings: (new ones prefixed by >>)

  The new Warning that this patch created is the same as the other 7 old 
Warnings. It is all about how we have used the device:name.

  I will fix the new Warning. Looks like we need to fix the older 
Warning as well.

Thanks, Anand


>     fs/btrfs/volumes.c:402:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected struct rcu_string *str @@     got struct rcu_string [noderef] __rcu *name @@
>     fs/btrfs/volumes.c:402:31: sparse:     expected struct rcu_string *str
>     fs/btrfs/volumes.c:402:31: sparse:     got struct rcu_string [noderef] __rcu *name

         rcu_string_free(device->name);


>>> fs/btrfs/volumes.c:549:35: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *pathname @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:549:35: sparse:     expected char const *pathname
>     fs/btrfs/volumes.c:549:35: sparse:     got char [noderef] __rcu *


         error = lookup_bdev(device->name->str, &dev_old);


>     fs/btrfs/volumes.c:643:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:643:43: sparse:     expected char const *device_path
>     fs/btrfs/volumes.c:643:43: sparse:     got char [noderef] __rcu *

         ret = btrfs_get_bdev_and_sb(device->name->str, flags, holder, 1,
                                     &bdev, &disk_super);


>     fs/btrfs/volumes.c:904:50: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *cs @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:904:50: sparse:     expected char const *cs
>     fs/btrfs/volumes.c:904:50: sparse:     got char [noderef] __rcu *

         } else if (!device->name || strcmp(device->name->str, path)) {


>     fs/btrfs/volumes.c:984:39: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected struct rcu_string *str @@     got struct rcu_string [noderef] __rcu *name @@
>     fs/btrfs/volumes.c:984:39: sparse:     expected struct rcu_string *str
>     fs/btrfs/volumes.c:984:39: sparse:     got struct rcu_string [noderef] __rcu *name


                 rcu_string_free(device->name);


>     fs/btrfs/volumes.c:1040:58: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected char const *src @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:1040:58: sparse:     expected char const *src
>     fs/btrfs/volumes.c:1040:58: sparse:     got char [noderef] __rcu *

                         name = rcu_string_strdup(orig_dev->name->str,
                                         GFP_KERNEL);

>     fs/btrfs/volumes.c:2235:49: sparse: sparse: incorrect type in argument 3 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:2235:49: sparse:     expected char const *device_path
>     fs/btrfs/volumes.c:2235:49: sparse:     got char [noderef] __rcu *

                 btrfs_scratch_superblocks(fs_info, device->bdev,
                                           device->name->str);

>     fs/btrfs/volumes.c:2350:41: sparse: sparse: incorrect type in argument 3 (different address spaces) @@     expected char const *device_path @@     got char [noderef] __rcu * @@
>     fs/btrfs/volumes.c:2350:41: sparse:     expected char const *device_path
>     fs/btrfs/volumes.c:2350:41: sparse:     got char [noderef] __rcu *


         btrfs_scratch_superblocks(tgtdev->fs_info, tgtdev->bdev,
                                   tgtdev->name->str);

Anand Jain Dec. 10, 2021, 12:54 p.m. UTC | #4

On 08/12/2021 22:29, Josef Bacik wrote:
> On Wed, Dec 08, 2021 at 10:05:29PM +0800, Anand Jain wrote:
>> Identifying and removing the stale device from the fs_uuids list is done
>> by the function btrfs_free_stale_devices().
>> btrfs_free_stale_devices() in turn depends on the function
>> device_path_matched() to check if the device repeats in more than one
>> btrfs_device structure.
>>
>> The matching of the device happens by its path, the device path. However,
>> when dm mapper is in use, the dm device paths are nothing but a link to
>> the actual block device, which leads to the device_path_matched() failing
>> to match.
>>
>> Fix this by matching the dev_t as provided by lookup_bdev() instead of
>> plain strcmp() the device paths.
>>
>> Reported-by: Josef Bacik <josef@toxicpanda.com>
>> Signed-off-by: Anand Jain <anand.jain@oracle.com>
> 
> We already have the bdev for the device in most of the callers here, the only
> exception is btrfs_forget_devices.  Can we change this up to pass in the dev_t
> of the device we're trying to remove, that way we don't have to do the lookup
> over and over for the path of the device we're trying to forget?  Thanks,

Right. I have made the related changes and, in v2, this change is on top 
of this patch.

Thanks, Anand


> 
> Josef

diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 553ee97078f6..cedadc81c851 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -535,15 +535,34 @@  btrfs_get_bdev_and_sb(const char *device_path, fmode_t flags, void *holder,
 	return ret;
 }
 
-static bool device_path_matched(const char *path, struct btrfs_device *device)
+/*
+ * Check if the device in the 'path' matches with the device in the given
+ * struct btrfs_device '*device'.
+ * Returns:
+ *	0	If it is the same device.
+ *	1	If it is not the same device.
+ *	-errno	For error.
+ */
+static int device_matched(struct btrfs_device *device, const char *path)
 {
-	int found;
+	dev_t dev_old;
+	dev_t dev_new;
+	int error;
 
-	rcu_read_lock();
-	found = strcmp(rcu_str_deref(device->name), path);
-	rcu_read_unlock();
+	lockdep_assert_held(&device->fs_devices->device_list_mutex);
+	/* rcu is not required as we are inside the device_list_mutex */
+	error = lookup_bdev(device->name->str, &dev_old);
+	if (error)
+		return error;
 
-	return found == 0;
+	error = lookup_bdev(path, &dev_new);
+	if (error)
+		return error;
+
+	if (dev_old == dev_new)
+		return 0;
+
+	return 1;
 }
 
 /*
@@ -578,7 +597,7 @@  static int btrfs_free_stale_devices(const char *path,
 				continue;
 			if (path && !device->name)
 				continue;
-			if (path && !device_path_matched(path, device))
+			if (path && device_matched(device, path) != 0)
 				continue;
 			if (fs_devices->opened) {
 				/* for an already deleted device return 0 */

btrfs: harden identification of the stale device

Commit Message

Comments

Patch