On Thu, 25 Aug 2022, Zdenek Kabelac wrote:
> Since reproducing this issue is rather 'trival' - since creation of simple
> linear DM device and reloading it with 'self-reference' table line is easy
> I'd
> advocate for some simplistic check on kernel side - as such 'crash' can't be
> even rebooted with SysRQ+B (on my laptop).
>
> I guess some 'bitmap/tree' of already visited device during some check might
> avoid endless loop although it's quite 'ugly' this check needs to happen on
> 'resume' phase - so the failure here is hard to deal with - still better than
> this kernel busy loop.
>
> Zdenek
Detecting dm table self-reference is easy, but detecting a loop in the
dependency graph is complicated and I would't do it.
There is another (more serious) problem - the user can crash the kernel by
creating deep-enough non-recursive mapping. We do not specify any maximum
tree depth that is guaranteed to work. Perhaps we should specify such
depth and audit the code so that this maximum device depth doesn't
overflow the stack.
Perhaps we could add a function remaining_stack_space() and just bail out
of recursion when it returns too low value. But the problem with this
approach is that different architectures have different stack consumption
(for example, on sparc64, every non-leaf function consumes at least 176
bytes of stack). Perhaps we could bail out if less than X percent of the
stack is remaining.
Mikulas
--
dm-devel mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/dm-devel
