Re: [PATCH -next] blk-throttle: Set BIO_THROTTLED when bio has been throttled

[Tejun Heo]

On Mon, Dec 13, 2021 at 05:24:00PM +0800, QiuLaibin wrote:
> > * This function is called synchronously on the issue path. The bio isn't
> >    seen by the queue and device driver yet and nothing can race to issue it
> >    before this function returns.
> > 
> 
> The bio is under throttle here, this submit_bio return directly. And
> current process will queue a dispatch work by
> throtl_schedule_pending_timer() to submit this bio before BIO_THROTTLED flag
> set. If the bio is completed quickly after the dispatch work is queued, UAF
> of bio will happen.

You are right, the timer can get to it. Can't it be solved by just
reordering spin_unlock and setting BIO_THROTTLED?

> > * Now we're not setting BIO_THROTTLED when we're taking a different return
> >    path through the out_unlock label and risks calling back into blk_throtl
> >    again on the same bio.
> > 
> 
> In my opinion, This flag can prevent the request from being throttled
> multiple times. If the request itself does not need to be throttled, the
> result of repeated entry will be the same.
> If necessary, I think we can use other methods to achieve this effect for
> request does not need to be throttled.

So that we don't change anything regarding this?

Thanks.

-- 
tejun