linux/drivers/md
Mikulas Patocka e6a3531dd5 dm-verity: restart or panic on an I/O error
Maxim Suhanov reported that dm-verity doesn't crash if an I/O error
happens. In theory, this could be used to subvert security, because an
attacker can create sectors that return error with the Write Uncorrectable
command. Some programs may misbehave if they have to deal with EIO.

This commit fixes dm-verity, so that if "panic_on_corruption" or
"restart_on_corruption" was specified and an I/O error happens, the
machine will panic or restart.

This commit also changes kernel_restart to emergency_restart -
kernel_restart calls reboot notifiers and these reboot notifiers may wait
for the bio that failed. emergency_restart doesn't call the notifiers.

Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@vger.kernel.org
2024-09-26 17:27:07 +02:00
..
bcache - In the series "treewide: Refactor heap related implementation", 2024-07-21 17:56:22 -07:00
dm-vdo dm vdo: handle unaligned discards correctly 2024-09-23 15:15:41 +02:00
persistent-data dm persistent data: fix memory allocation failure 2024-08-13 21:14:21 +02:00
dm-audit.c
dm-audit.h
dm-bio-prison-v1.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-bio-prison-v1.h
dm-bio-prison-v2.c dm: use bio_list_merge_init 2024-04-01 11:53:37 -06:00
dm-bio-prison-v2.h
dm-bio-record.h
dm-bufio.c dm bufio: Remove NULL check of list_entry() 2024-08-22 18:32:55 +02:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c dm: Constify struct dm_block_validator 2024-07-19 12:08:15 +02:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c dm: fix spelling errors 2024-09-26 17:27:07 +02:00
dm-clone-metadata.c dm: Make use of __assign_bit() API 2024-09-02 16:53:53 +02:00
dm-clone-metadata.h
dm-clone-target.c dm: stop using blk_limits_io_{min,opt} 2024-07-10 13:10:06 +02:00
dm-core.h dm: optimize flushes 2024-06-26 11:32:39 -04:00
dm-crypt.c dm-crypt: Use common error handling code in crypt_set_keyring_key() 2024-09-18 18:17:06 +02:00
dm-delay.c dm-delay: remove timer_lock 2024-05-09 09:10:58 -04:00
dm-dust.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-ebs-target.c dm: stop using blk_limits_io_{min,opt} 2024-07-10 13:10:06 +02:00
dm-era-target.c dm: Constify struct dm_block_validator 2024-07-19 12:08:15 +02:00
dm-exception-store.c
dm-exception-store.h
dm-flakey.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-ima.c
dm-ima.h
dm-init.c dm init: Handle minors larger than 255 2024-07-02 20:53:41 +02:00
dm-integrity.c dm-integrity: check mac_size against HASH_MAX_DIGESTSIZE in sb_mac() 2024-09-11 14:04:41 +02:00
dm-io-rewind.c
dm-io-tracker.h
dm-io.c dm io: remove code duplication between sync_io and aysnc_io 2024-07-02 12:00:43 +02:00
dm-ioctl.c dm resume: don't return EINVAL when signalled 2024-08-13 13:51:34 +02:00
dm-kcopyd.c dm io: Support IO priority 2024-02-20 14:22:51 -05:00
dm-linear.c dm: optimize flushes 2024-06-26 11:32:39 -04:00
dm-log-userspace-base.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c dm: always manage discard support in terms of max_hw_discard_sectors 2024-05-20 15:51:19 -04:00
dm-log.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-mpath.c dm mpath: don't call dm_get_device in multipath_message 2024-07-10 13:10:06 +02:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-ps-historical-service-time.c
dm-ps-io-affinity.c
dm-ps-queue-length.c
dm-ps-round-robin.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-ps-service-time.c
dm-raid1.c dm io: Support IO priority 2024-02-20 14:22:51 -05:00
dm-raid.c dm: fix spelling errors 2024-09-26 17:27:07 +02:00
dm-region-hash.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-rq.c Revert "dm: requeue IO if mapping table not yet available" 2024-09-15 21:02:54 +02:00
dm-rq.h
dm-snap-persistent.c dm io: Support IO priority 2024-02-20 14:22:51 -05:00
dm-snap-transient.c
dm-snap.c dm: always manage discard support in terms of max_hw_discard_sectors 2024-05-20 15:51:19 -04:00
dm-stats.c dm stats: limit the number of entries 2024-01-30 14:06:44 -05:00
dm-stats.h
dm-stripe.c dm: stop using blk_limits_io_{min,opt} 2024-07-10 13:10:06 +02:00
dm-switch.c
dm-sysfs.c
dm-table.c dm: introduce the target flag mempool_needs_integrity 2024-07-12 12:39:06 -04:00
dm-target.c dm: always manage discard support in terms of max_hw_discard_sectors 2024-05-20 15:51:19 -04:00
dm-thin-metadata.c dm: Constify struct dm_block_validator 2024-07-19 12:08:15 +02:00
dm-thin-metadata.h
dm-thin.c dm: Convert to use ERR_CAST() 2024-09-02 11:41:11 +02:00
dm-uevent.c
dm-uevent.h
dm-unstripe.c
dm-verity-fec.c dm-verity: make verity_hash() take dm_verity_io instead of ahash_request 2024-07-03 21:41:11 +02:00
dm-verity-fec.h dm-verity: always "map" the data blocks 2024-07-03 21:41:11 +02:00
dm-verity-loadpin.c dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter 2023-06-28 10:43:04 -07:00
dm-verity-target.c dm-verity: restart or panic on an I/O error 2024-09-26 17:27:07 +02:00
dm-verity-verify-sig.c dm verity: add support for signature verification with platform keyring 2024-07-03 21:41:11 +02:00
dm-verity-verify-sig.h
dm-verity.h dm-verity: hash blocks with shash import+finup when possible 2024-07-03 21:41:11 +02:00
dm-writecache.c dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list 2024-02-20 14:22:55 -05:00
dm-zero.c dm: always manage discard support in terms of max_hw_discard_sectors 2024-05-20 15:51:19 -04:00
dm-zone.c dm: handle REQ_OP_ZONE_RESET_ALL 2024-07-05 00:42:04 -06:00
dm-zoned-metadata.c block: remove gfp_flags from blkdev_zone_mgmt 2024-02-12 08:41:16 -07:00
dm-zoned-reclaim.c
dm-zoned-target.c dm: stop using blk_limits_io_{min,opt} 2024-07-10 13:10:06 +02:00
dm-zoned.h
dm.c Revert "dm: requeue IO if mapping table not yet available" 2024-09-15 21:02:54 +02:00
dm.h dm: Remove unused declaration and empty definition "dm_zone_map_bio" 2024-08-21 13:12:12 +02:00
Kconfig dm verity: add support for signature verification with platform keyring 2024-07-03 21:41:11 +02:00
Makefile dm vdo: use a proper Makefile for dm-vdo 2024-02-20 13:43:17 -05:00
md-autodetect.c md: Remove deprecated CONFIG_MD_LINEAR 2023-12-19 10:16:51 -08:00
md-bitmap.c md/md-bitmap: fix writing non bitmap pages 2024-06-11 21:22:21 +00:00
md-bitmap.h md-bitmap: don't use ->index for pages backing the bitmap file 2023-07-27 00:13:29 -07:00
md-cluster.c for-6.11/block-20240722 2024-07-22 11:32:05 -07:00
md-cluster.h md-cluster: fix no recovery job when adding/re-adding a disk 2024-07-12 01:30:18 +00:00
md.c md-cluster: fix no recovery job when adding/re-adding a disk 2024-07-12 01:30:18 +00:00
md.h md-cluster: Constify struct md_cluster_operations 2024-07-04 06:20:27 +00:00
raid0.c md: set md-specific flags for all queue limits 2024-06-26 09:37:35 -06:00
raid0.h md/raid0: add discard support for the 'original' layout 2023-06-30 15:43:50 -07:00
raid1-10.c md/raid1-10: factor out a new helper raid1_should_read_first() 2024-02-29 22:49:46 -08:00
raid1.c md/raid1: Fix data corruption for degraded array with slow disk 2024-08-15 13:38:17 -07:00
raid1.h md/raid1: record nonrot rdevs while adding/removing rdevs to conf 2024-02-29 22:49:45 -08:00
raid5-cache.c md/raid5: remove rcu protection to access rdev from conf 2023-11-27 15:49:05 -08:00
raid5-log.h
raid5-ppl.c md: remove mddev->queue 2024-03-06 08:59:53 -08:00
raid5.c md/raid5: recheck if reshape has finished with device_lock held 2024-07-04 06:35:19 +00:00
raid5.h md/raid5: remove rcu protection to access rdev from conf 2023-11-27 15:49:05 -08:00
raid10.c md: set md-specific flags for all queue limits 2024-06-26 09:37:35 -06:00
raid10.h md/raid10: switch to use md_account_bio() for io accounting 2023-07-27 00:13:29 -07:00