* [4.19.y] 32-bit overflow in __blkdev_issue_discard()
@ 2020-01-30 12:10 Konstantin Khlebnikov
2020-01-30 14:27 ` Greg KH
0 siblings, 1 reply; 2+ messages in thread
From: Konstantin Khlebnikov @ 2020-01-30 12:10 UTC (permalink / raw)
To: Stable; +Cc: linux-block, Jens Axboe, Ming Lei, Dmitry Monakhov
Please consider including into 4.19 upstream commits
ba5d73851e71847ba7f7f4c27a1a6e1f5ab91c79
("block: cleanup __blkdev_issue_discard()")
and
4800bf7bc8c725e955fcbc6191cc872f43f506d3
("block: fix 32 bit overflow in __blkdev_issue_discard()")
Overflow of unsigned long "req_sects" (fixed in second patch)
actually exist here much longer.
And 4.19 commit 744889b7cbb56a64f957e65ade7cb65fe3f35714
("block: don't deal with discard limit in blkdev_issue_discard()")
make it worse by replacing
req_sects = min_t(sector_t, nr_sects, q->limits.max_discard_sectors);
with
unsigned int req_sects = nr_sects;
because now discard length isn't cut by max_discard_sectors it easily overflows.
As a result BLKDISCARD fails unexpectedly:
ioctl(3, BLKDISCARD, [0, 0x20000000000]) = -1 EOPNOTSUPP (Operation not supported)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [4.19.y] 32-bit overflow in __blkdev_issue_discard()
2020-01-30 12:10 [4.19.y] 32-bit overflow in __blkdev_issue_discard() Konstantin Khlebnikov
@ 2020-01-30 14:27 ` Greg KH
0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2020-01-30 14:27 UTC (permalink / raw)
To: Konstantin Khlebnikov
Cc: Stable, linux-block, Jens Axboe, Ming Lei, Dmitry Monakhov
On Thu, Jan 30, 2020 at 03:10:42PM +0300, Konstantin Khlebnikov wrote:
> Please consider including into 4.19 upstream commits
>
> ba5d73851e71847ba7f7f4c27a1a6e1f5ab91c79
> ("block: cleanup __blkdev_issue_discard()")
>
> and
>
> 4800bf7bc8c725e955fcbc6191cc872f43f506d3
> ("block: fix 32 bit overflow in __blkdev_issue_discard()")
THis patch does not apply to the 4.19 tree :(
> Overflow of unsigned long "req_sects" (fixed in second patch)
> actually exist here much longer.
>
> And 4.19 commit 744889b7cbb56a64f957e65ade7cb65fe3f35714
> ("block: don't deal with discard limit in blkdev_issue_discard()")
> make it worse by replacing
>
> req_sects = min_t(sector_t, nr_sects, q->limits.max_discard_sectors);
>
> with
>
> unsigned int req_sects = nr_sects;
>
>
> because now discard length isn't cut by max_discard_sectors it easily overflows.
> As a result BLKDISCARD fails unexpectedly:
>
> ioctl(3, BLKDISCARD, [0, 0x20000000000]) = -1 EOPNOTSUPP (Operation not supported)
I don't understand. Can you provide backported and working patches for
the 4.19.y series so that I can apply them that way to show exactly what
you have changed here?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-01-30 14:27 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-30 12:10 [4.19.y] 32-bit overflow in __blkdev_issue_discard() Konstantin Khlebnikov
2020-01-30 14:27 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).