Description of problem: On remap/attach of the device, there is no way for rbd-nbd to defend if the backend storage is matching with the initial backend storage. Say, if an initial map request for backend "pool1/image1" got mapped to /dev/nbd0 and the userspace process is terminated/detached. A next remap/attach request within reattach-timeout is allowed to use /dev/nbd0 for a different backend "pool1/image2" For example, an operation like below could be dangerous: $ sudo rbd-nbd map --try-netlink rbd-pool/ext4-image /dev/nbd0 $ sudo blkid /dev/nbd0 /dev/nbd0: UUID="bfc444b4-64b1-418f-8b36-6e0d170cfc04" TYPE="ext4" $ sudo pkill 15 rbd-nbd <- nodeplugin terminate $ sudo rbd-nbd attach --try-netlink --device /dev/nbd0 rbd-pool/xfs-image /dev/nbd0 $ sudo blkid /dev/nbd0 /dev/nbd0: UUID="d29bf343-6570-4069-a9ea-2fa156ced908" TYPE="xfs" Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: Provided above. Actual results: Attach accepts other backend images, which is dangerous. Expected results: Attach should reject other backends for a given device. Additional info: https://tracker.ceph.com/issues/53046 https://github.com/ceph/ceph/pull/41323
Please specify the severity of this bug. Severity is defined here: https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.
Working as expected . Verified with the below kernel and ceph versions [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device -t nbd map test/image2 --options try-netlink --show-cookie /dev/nbd0 5e4e3320-24ee-4948-a670-20387a75d8cc [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device detach -t nbd test/image2 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device attach -t nbd --device /dev/nbd0 test/image2 rbd: could not validate attach request rbd: mismatching the image and the device may lead to data corruption rbd: must specify --cookie <arg> or --force to proceed [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device attach -t nbd --device /dev/nbd0 --cookie 5e4e3320-24ee-4948-a670-20387a75d8cc test/image2 /dev/nbd0 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device detach -t nbd test/image2 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device attach -t nbd --device /dev/nbd0 --cookie 5e4e3320-24ee-4948-a670-20387a75d8dd test/image2 rbd-nbd: cookie mismatch rbd: rbd-nbd failed with error: /usr/bin/rbd-nbd: exit status: 1 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device attach -t nbd --device /dev/nbd0 --cookie 5e4e3320-24ee-4948-a670-20387a75d8cc test/image2 /dev/nbd0 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# rbd device unmap -t nbd test/image2 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# [root@ceph-scale-test-1gjvin-node1-installer cephuser]# worked as expected from step1 to step7 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# uname -r 4.18.0-368.el8.x86_64 [root@ceph-scale-test-1gjvin-node1-installer cephuser]# ceph version ceph version 16.2.7-65.el8cp (499bc1e23ab4671631da5affff6e1c772b8fe42d) pacific (stable) [root@ceph-scale-test-1gjvin-node1-installer cephuser]#
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:1174