block/loop: No longer allows to create partitions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Stefan Bader |
Bug Description
== SRU Justification ==
-- Impact --
In 22.04/Jammy with the GA 5.15 kernel there was an upstream change preventing partition table operations when GENHD_FL_NO_PART is set.
1a721de8489f "block: don't add or resize partition on the disk with GENHD_FL_NO_PART"
Beside of changing return codes and breaking some user-space that way this also causes loop block devices to no longer be able to have partitions manually created. This is because the loop block driver uses GENHD_FL_NO_PART to prevent active partition scans.
-- Fix --
This was changed in 5.19 (and thus Mantic is not affected) by introducing a separate flag to prevent those scans:
b9684a71fca7 "block, loop: support partitions without scanning"
The fix depends on a larger rewrite so it cannot be simply picked. The biggest change from the original is moving the check for the new flag into a helper function in genhd.h which checks whether a disk should be scanned for partitions. That function was dropped with the upstream rewrite and checking moved into the loop driver directly. But it felt like adjusting the helper was the better approach.
Note: The upstream patch has a follow-up change submitted:
748008e1da92 "block: don't add partitions if GD_SUPPRESS_
We do _NOT_ need that in Jammy/5.15 because block/partition
blk_add_
-- Testcase --
$ fallocate -l 1G /tmp/blob
$ LOOPDEV=$(sudo losetup --find --show /tmp/blob)
$ sudo /usr/sbin/parted -s -m -a optimal $LOOPDEV -- unit KiB mklabel gpt mkpart primary 0% 100%
-- Regression Potential --
If things go wrong it might be other devices which no longer get scanned automatically or other issues with the loop block driver.
CVE References
Changed in linux (Ubuntu Jammy): | |
assignee: | nobody → Stefan Bader (smb) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux (Ubuntu): | |
status: | Triaged → Invalid |
assignee: | Stefan Bader (smb) → nobody |
description: | updated |
Changed in linux (Ubuntu Jammy): | |
status: | In Progress → Fix Committed |
tags: |
added: verification-done-focal-linux-aws-5.15 verification-done-focal-linux-nvidia-tegra-5.15 verification-done-jammy-linux-aws-fips verification-done-jammy-linux-nvidia-tegra removed: verification-needed-focal-linux-aws-5.15 verification-needed-focal-linux-nvidia-tegra-5.15 verification-needed-jammy-linux-aws-fips verification-needed-jammy-linux-nvidia-tegra |
This bug is awaiting verification that the linux/5. 15.0-102. 112 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- jammy-linux' to 'verification- done-jammy- linux'. If the problem still exists, change the tag 'verification- needed- jammy-linux' to 'verification- failed- jammy-linux' .
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!