Hi Jens, The patches in this series are what I came up with as the result of analyzing Alexander Potapenko's report about reading from null_blk. Please consider these patches for kernel v5.8. Thanks, Bart. Changes compared to v1: - Adjusted the comments added by patch "Document the bio_vec properties" as requested by Christoph. - Left out the patch "Fix zero_fill_bio()" since it is not necessary. - Moved zero_fill_bvec() from patch "Fix zero_fill_bio()" into patch "null_blk: Zero-initialize read buffers in non-memory-backed mode". Bart Van Assche (4): block: Fix type of first compat_put_{,u}long() argument bio.h: Declare the arguments of the bio iteration functions const block: Document the bio_vec properties null_blk: Zero-initialize read buffers in non-memory-backed mode block/ioctl.c | 4 +-- drivers/block/null_blk_main.c | 50 +++++++++++++++++++++++++++++++++++ include/linux/bio.h | 6 ++--- include/linux/bvec.h | 13 +++++++-- 4 files changed, 66 insertions(+), 7 deletions(-)
This patch fixes the following sparse warnings: block/ioctl.c:209:16: warning: incorrect type in argument 1 (different address spaces) block/ioctl.c:209:16: expected void const volatile [noderef] <asn:1> * block/ioctl.c:209:16: got signed int [usertype] *argp block/ioctl.c:214:16: warning: incorrect type in argument 1 (different address spaces) block/ioctl.c:214:16: expected void const volatile [noderef] <asn:1> * block/ioctl.c:214:16: got unsigned int [usertype] *argp block/ioctl.c:666:40: warning: incorrect type in argument 1 (different address spaces) block/ioctl.c:666:40: expected signed int [usertype] *argp block/ioctl.c:666:40: got void [noderef] <asn:1> *argp block/ioctl.c:672:41: warning: incorrect type in argument 1 (different address spaces) block/ioctl.c:672:41: expected unsigned int [usertype] *argp block/ioctl.c:672:41: got void [noderef] <asn:1> *argp Cc: Arnd Bergmann <arnd@arndb.de> Acked-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Christoph Hellwig <hch@lst.de> Fixes: 9b81648cb5e3 ("compat_ioctl: simplify up block/ioctl.c") Signed-off-by: Bart Van Assche <bvanassche@acm.org> --- block/ioctl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/block/ioctl.c b/block/ioctl.c index 75c64811b534..bdb3bbb253d9 100644 --- a/block/ioctl.c +++ b/block/ioctl.c @@ -204,12 +204,12 @@ static int put_u64(u64 __user *argp, u64 val) } #ifdef CONFIG_COMPAT -static int compat_put_long(compat_long_t *argp, long val) +static int compat_put_long(compat_long_t __user *argp, long val) { return put_user(val, argp); } -static int compat_put_ulong(compat_ulong_t *argp, compat_ulong_t val) +static int compat_put_ulong(compat_ulong_t __user *argp, compat_ulong_t val) { return put_user(val, argp); }
This change makes it possible to pass 'const struct bio *' arguments to these functions. Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Cc: Ming Lei <ming.lei@redhat.com> Cc: Damien Le Moal <damien.lemoal@wdc.com> Cc: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Cc: Alexander Potapenko <glider@google.com> Signed-off-by: Bart Van Assche <bvanassche@acm.org> --- include/linux/bio.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/linux/bio.h b/include/linux/bio.h index a0ee494a6329..950c9dc44c4f 100644 --- a/include/linux/bio.h +++ b/include/linux/bio.h @@ -70,7 +70,7 @@ static inline bool bio_has_data(struct bio *bio) return false; } -static inline bool bio_no_advance_iter(struct bio *bio) +static inline bool bio_no_advance_iter(const struct bio *bio) { return bio_op(bio) == REQ_OP_DISCARD || bio_op(bio) == REQ_OP_SECURE_ERASE || @@ -138,8 +138,8 @@ static inline bool bio_next_segment(const struct bio *bio, #define bio_for_each_segment_all(bvl, bio, iter) \ for (bvl = bvec_init_iter_all(&iter); bio_next_segment((bio), &iter); ) -static inline void bio_advance_iter(struct bio *bio, struct bvec_iter *iter, - unsigned bytes) +static inline void bio_advance_iter(const struct bio *bio, + struct bvec_iter *iter, unsigned int bytes) { iter->bi_sector += bytes >> 9;
Since it is nontrivial that nth_page() does not have to be used for a bio_vec, document this. CC: Christoph Hellwig <hch@infradead.org> Cc: Ming Lei <ming.lei@redhat.com> Signed-off-by: Bart Van Assche <bvanassche@acm.org> --- include/linux/bvec.h | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/include/linux/bvec.h b/include/linux/bvec.h index a81c13ac1972..ac0c7299d5b8 100644 --- a/include/linux/bvec.h +++ b/include/linux/bvec.h @@ -12,8 +12,17 @@ #include <linux/errno.h> #include <linux/mm.h> -/* - * was unsigned short, but we might as well be ready for > 64kB I/O pages +/** + * struct bio_vec - a contiguous range of physical memory addresses + * @bv_page: First page associated with the address range. + * @bv_len: Number of bytes in the address range. + * @bv_offset: Start of the address range relative to the start of @bv_page. + * + * The following holds for a bvec if n * PAGE_SIZE < bv_offset + bv_len: + * + * nth_page(@bv_page, n) == @bv_page + n + * + * This holds because page_is_mergeable() checks the above property. */ struct bio_vec { struct page *bv_page;
This patch suppresses an uninteresting KMSAN complaint without affecting performance of the null_blk driver if CONFIG_KMSAN is disabled. Cc: Christoph Hellwig <hch@lst.de> Cc: Ming Lei <ming.lei@redhat.com> Cc: Damien Le Moal <damien.lemoal@wdc.com> Cc: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Cc: Alexander Potapenko <glider@google.com> Reported-by: Alexander Potapenko <glider@google.com> Tested-by: Alexander Potapenko <glider@google.com> Signed-off-by: Bart Van Assche <bvanassche@acm.org> --- drivers/block/null_blk_main.c | 50 +++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/drivers/block/null_blk_main.c b/drivers/block/null_blk_main.c index 06f5761fccb6..0c1df6ecb30b 100644 --- a/drivers/block/null_blk_main.c +++ b/drivers/block/null_blk_main.c @@ -1250,8 +1250,58 @@ static inline blk_status_t null_handle_memory_backed(struct nullb_cmd *cmd, return errno_to_blk_status(err); } +static void zero_fill_bvec(const struct bio_vec *bvec) +{ + struct page *page = bvec->bv_page; + u32 offset = bvec->bv_offset; + u32 left = bvec->bv_len; + + while (left) { + u32 len = min_t(u32, left, PAGE_SIZE - offset); + void *kaddr; + + kaddr = kmap_atomic(page); + memset(kaddr + offset, 0, len); + flush_dcache_page(page); + kunmap_atomic(kaddr); + page++; + left -= len; + offset = 0; + } +} + +static void nullb_zero_rq_data_buffer(const struct request *rq) +{ + struct req_iterator iter; + struct bio_vec bvec; + + rq_for_each_bvec(bvec, rq, iter) + zero_fill_bvec(&bvec); +} + +static void nullb_zero_read_cmd_buffer(struct nullb_cmd *cmd) +{ + struct nullb_device *dev = cmd->nq->dev; + + if (dev->queue_mode == NULL_Q_BIO && bio_op(cmd->bio) == REQ_OP_READ) + zero_fill_bio(cmd->bio); + else if (req_op(cmd->rq) == REQ_OP_READ) + nullb_zero_rq_data_buffer(cmd->rq); +} + +/* Complete a request. Only called if dev->memory_backed == 0. */ static inline void nullb_complete_cmd(struct nullb_cmd *cmd) { + /* + * Since root privileges are required to configure the null_blk + * driver, it is fine that this driver does not initialize the + * data buffers of read commands. Zero-initialize these buffers + * anyway if KMSAN is enabled to prevent that KMSAN complains + * about null_blk not initializing read data buffers. + */ + if (IS_ENABLED(CONFIG_KMSAN)) + nullb_zero_read_cmd_buffer(cmd); + /* Complete IO by inline, softirq or timer */ switch (cmd->nq->dev->irqmode) { case NULL_IRQ_SOFTIRQ:
On Sun, May 17, 2020 at 06:48:07PM -0700, Bart Van Assche wrote:
> This patch suppresses an uninteresting KMSAN complaint without affecting
> performance of the null_blk driver if CONFIG_KMSAN is disabled.
>
> Cc: Christoph Hellwig <hch@lst.de>
> Cc: Ming Lei <ming.lei@redhat.com>
> Cc: Damien Le Moal <damien.lemoal@wdc.com>
> Cc: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
> Cc: Alexander Potapenko <glider@google.com>
> Reported-by: Alexander Potapenko <glider@google.com>
> Tested-by: Alexander Potapenko <glider@google.com>
> Signed-off-by: Bart Van Assche <bvanassche@acm.org>
> ---
> drivers/block/null_blk_main.c | 50 +++++++++++++++++++++++++++++++++++
> 1 file changed, 50 insertions(+)
>
> diff --git a/drivers/block/null_blk_main.c b/drivers/block/null_blk_main.c
> index 06f5761fccb6..0c1df6ecb30b 100644
> --- a/drivers/block/null_blk_main.c
> +++ b/drivers/block/null_blk_main.c
> @@ -1250,8 +1250,58 @@ static inline blk_status_t null_handle_memory_backed(struct nullb_cmd *cmd,
> return errno_to_blk_status(err);
> }
>
> +static void zero_fill_bvec(const struct bio_vec *bvec)
> +{
> + struct page *page = bvec->bv_page;
> + u32 offset = bvec->bv_offset;
> + u32 left = bvec->bv_len;
> +
> + while (left) {
> + u32 len = min_t(u32, left, PAGE_SIZE - offset);
> + void *kaddr;
> +
> + kaddr = kmap_atomic(page);
> + memset(kaddr + offset, 0, len);
> + flush_dcache_page(page);
> + kunmap_atomic(kaddr);
> + page++;
> + left -= len;
> + offset = 0;
> + }
> +}
> +
> +static void nullb_zero_rq_data_buffer(const struct request *rq)
> +{
> + struct req_iterator iter;
> + struct bio_vec bvec;
> +
> + rq_for_each_bvec(bvec, rq, iter)
> + zero_fill_bvec(&bvec);
> +}
Not necessary to add zero_fill_bvec(), and it can be done in the
following two line code:
__rq_for_each_bio(bio, rq)
zero_fill_bio(bio);
Thanks,
Ming
On Sun, May 17, 2020 at 06:48:06PM -0700, Bart Van Assche wrote:
> Since it is nontrivial that nth_page() does not have to be used for a
> bio_vec, document this.
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>