btrfs: fix per-subvolume RO/RW flags with new mount API

[BUG]
With util-linux 2.40.2, the 'mount' utility is already utilizing the new
mount API. e.g:

  # strace  mount -o subvol=subv1,ro /dev/test/scratch1 /mnt/test/
  ...
  fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/mapper/test-scratch1", 0) = 0
  fsconfig(3, FSCONFIG_SET_STRING, "subvol", "subv1", 0) = 0
  fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0
  fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
  fsmount(3, FSMOUNT_CLOEXEC, 0)          = 4
  mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0
  move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0

But this leads to a new problem, that per-subvolume RO/RW mount no
longer works, if the initial mount is RO:

  # mount -o subvol=subv1,ro /dev/test/scratch1 /mnt/test
  # mount -o rw,subvol=subv2 /dev/test/scratch1  /mnt/scratch
  # mount | grep mnt
  /dev/mapper/test-scratch1 on /mnt/test type btrfs (ro,relatime,discard=async,space_cache=v2,subvolid=256,subvol=/subv1)
  /dev/mapper/test-scratch1 on /mnt/scratch type btrfs (ro,relatime,discard=async,space_cache=v2,subvolid=257,subvol=/subv2)
  # touch /mnt/scratch/foobar
  touch: cannot touch '/mnt/scratch/foobar': Read-only file system

This is a common use cases on distros.

[CAUSE]
We have a workaround for remount to handle the RO->RW change, but if the
mount is using the new mount API, we do not do that, and rely on the
mount tool NOT to set the ro flag.

But that's not how the mount tool is doing for the new API:

  fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/mapper/test-scratch1", 0) = 0
  fsconfig(3, FSCONFIG_SET_STRING, "subvol", "subv1", 0) = 0
  fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0       <<<< Setting RO flag for super block
  fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
  fsmount(3, FSMOUNT_CLOEXEC, 0)          = 4
  mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0
  move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0

This means we will set the super block RO at the first mount.

Later RW mount will not try to reconfigure the fs to RW because the
mount tool is already using the new API.

This totally breaks the per-subvolume RO/RW mount behavior.

[FIX]
Do not skip the reconfiguration even if using the new API.  The old
comments are just expecting any mount tool to properly skip the RO flag
set even if we specify "ro", which is not the reality.

Update the comments regarding the backward compatibility on the kernel
level so it works with old and new mount utilities.

CC: stable@vger.kernel.org # 6.8+
Fixes: f044b31867 ("btrfs: handle the ro->rw transition for mounting different subvolumes")
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
This commit is contained in:
Qu Wenruo 2024-10-30 11:25:47 +10:30 committed by David Sterba
parent 77b0d113ee
commit cda7163d4e

View File

@ -1979,25 +1979,10 @@ static int btrfs_get_tree_super(struct fs_context *fc)
* fsconfig(FSCONFIG_SET_FLAG, "ro"). This option is seen by the filesystem * fsconfig(FSCONFIG_SET_FLAG, "ro"). This option is seen by the filesystem
* in fc->sb_flags. * in fc->sb_flags.
* *
* This disambiguation has rather positive consequences. Mounting a subvolume * But, currently the util-linux mount command already utilizes the new mount
* ro will not also turn the superblock ro. Only the mount for the subvolume * API and is still setting fsconfig(FSCONFIG_SET_FLAG, "ro") no matter if it's
* will become ro. * btrfs or not, setting the whole super block RO. To make per-subvolume mounting
* * work with different options work we need to keep backward compatibility.
* So, if the superblock creation request comes from the new mount API the
* caller must have explicitly done:
*
* fsconfig(FSCONFIG_SET_FLAG, "ro")
* fsmount/mount_setattr(MOUNT_ATTR_RDONLY)
*
* IOW, at some point the caller must have explicitly turned the whole
* superblock ro and we shouldn't just undo it like we did for the old mount
* API. In any case, it lets us avoid the hack in the new mount API.
*
* Consequently, the remounting hack must only be used for requests originating
* from the old mount API and should be marked for full deprecation so it can be
* turned off in a couple of years.
*
* The new mount API has no reason to support this hack.
*/ */
static struct vfsmount *btrfs_reconfigure_for_mount(struct fs_context *fc) static struct vfsmount *btrfs_reconfigure_for_mount(struct fs_context *fc)
{ {
@ -2019,7 +2004,7 @@ static struct vfsmount *btrfs_reconfigure_for_mount(struct fs_context *fc)
if (IS_ERR(mnt)) if (IS_ERR(mnt))
return mnt; return mnt;
if (!fc->oldapi || !ro2rw) if (!ro2rw)
return mnt; return mnt;
/* We need to convert to rw, call reconfigure. */ /* We need to convert to rw, call reconfigure. */