Re: [PATCH 7/9] Guard bvec iteration logic v3
> if (bio_no_advance_iter(bio)) > iter->bi_size -= bytes; > - else > - bvec_iter_advance(bio->bi_io_vec, iter, bytes); > + else { > + int err; > + err = bvec_iter_advance(bio->bi_io_vec, iter, bytes); > + if (unlikely(err)) > + bio->bi_error = err; > + } I don't think that setting bi_error here is a good idea without actually completing the bio, which would be a much bigger change. Maybe leave the error ignored here for now with a fixme comment, and then we can look into proper error handling in a separate series.
Re: [PATCH 7/9] Guard bvec iteration logic v3
> if (bio_no_advance_iter(bio)) > iter->bi_size -= bytes; > - else > - bvec_iter_advance(bio->bi_io_vec, iter, bytes); > + else { > + int err; > + err = bvec_iter_advance(bio->bi_io_vec, iter, bytes); > + if (unlikely(err)) > + bio->bi_error = err; > + } I don't think that setting bi_error here is a good idea without actually completing the bio, which would be a much bigger change. Maybe leave the error ignored here for now with a fixme comment, and then we can look into proper error handling in a separate series.
Re: [PATCH 7/9] Guard bvec iteration logic v3
On 04/04/2017 08:56 PM, Dmitry Monakhov wrote: > Currently if some one try to advance bvec beyond it's size we simply > dump WARN_ONCE and continue to iterate beyond bvec array boundaries. > This simply means that we endup dereferencing/corrupting random memory > region. > > Sane reaction would be to propagate error back to calling context > But bvec_iter_advance's calling context is not always good for error > handling. For safity reason let truncate iterator size to zero which > will break external iteration loop which prevent us from unpredictable > memory range corruption. And even it caller ignores an error, it will > corrupt it's own bvecs, not others. > > This patch does: > - Return error back to caller with hope that it will react on this > - Truncate iterator size > > Code was added long time ago here 4550dd6c, luckily no one hit it > in real life :) > > changes since V1: > - Replace BUG_ON with error logic. > > Signed-off-by: Dmitry Monakhov> --- > drivers/nvdimm/blk.c | 4 +++- > drivers/nvdimm/btt.c | 4 +++- > include/linux/bio.h | 8 ++-- > include/linux/bvec.h | 11 --- > 4 files changed, 20 insertions(+), 7 deletions(-) > Reviewed-by: Hannes Reinecke Cheers, Hannes -- Dr. Hannes ReineckeTeamlead Storage & Networking h...@suse.de +49 911 74053 688 SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton HRB 21284 (AG Nürnberg)
Re: [PATCH 7/9] Guard bvec iteration logic v3
On 04/04/2017 08:56 PM, Dmitry Monakhov wrote: > Currently if some one try to advance bvec beyond it's size we simply > dump WARN_ONCE and continue to iterate beyond bvec array boundaries. > This simply means that we endup dereferencing/corrupting random memory > region. > > Sane reaction would be to propagate error back to calling context > But bvec_iter_advance's calling context is not always good for error > handling. For safity reason let truncate iterator size to zero which > will break external iteration loop which prevent us from unpredictable > memory range corruption. And even it caller ignores an error, it will > corrupt it's own bvecs, not others. > > This patch does: > - Return error back to caller with hope that it will react on this > - Truncate iterator size > > Code was added long time ago here 4550dd6c, luckily no one hit it > in real life :) > > changes since V1: > - Replace BUG_ON with error logic. > > Signed-off-by: Dmitry Monakhov > --- > drivers/nvdimm/blk.c | 4 +++- > drivers/nvdimm/btt.c | 4 +++- > include/linux/bio.h | 8 ++-- > include/linux/bvec.h | 11 --- > 4 files changed, 20 insertions(+), 7 deletions(-) > Reviewed-by: Hannes Reinecke Cheers, Hannes -- Dr. Hannes ReineckeTeamlead Storage & Networking h...@suse.de +49 911 74053 688 SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton HRB 21284 (AG Nürnberg)