* [PATCH v3 0/3] fix argument type of bio_trim()
@ 2021-07-21 12:43 Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 1/3] block: fix arg " Naohiro Aota
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Naohiro Aota @ 2021-07-21 12:43 UTC (permalink / raw)
To: linux-btrfs, linux-block; +Cc: Jens Axboe, David Sterba, Naohiro Aota
The function bio_trim has offset and size arguments that are declared as
int. But it actually expects sector value and the range of int is not
enough for bio->bi_iter.bi_size and bio_advance() which is/takes unsigned
int. So, let's fix the argument type of bio_trim() and its callers.
Patches 1 and 2 fix bio_trim() argument and its caller's argument.
Patch 3 is depending on patch 1 and 2 and do some cleanup for btrfs.
Changes:
- v3:
- Introduce BIO_MAX_SECTORS instead of a function local const
- Some style fix
- v2:
- Add WARN_ON and ASSERT to catch overflow values
- Change argument type of btrfs_bio_clone_partial() to u64
Chaitanya Kulkarni (2):
block: fix arg type of bio_trim()
btrfs: fix argument type of btrfs_bio_clone_partial()
Naohiro Aota (1):
btrfs: drop unnecessary ASSERT from btrfs_submit_direct()
block/bio.c | 12 +++++++-----
fs/btrfs/extent_io.c | 4 +++-
fs/btrfs/extent_io.h | 2 +-
fs/btrfs/inode.c | 8 ++++----
include/linux/bio.h | 2 +-
include/linux/blk_types.h | 1 +
6 files changed, 17 insertions(+), 12 deletions(-)
--
2.32.0
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v3 1/3] block: fix arg type of bio_trim()
2021-07-21 12:43 [PATCH v3 0/3] fix argument type of bio_trim() Naohiro Aota
@ 2021-07-21 12:43 ` Naohiro Aota
2021-07-21 15:21 ` Christoph Hellwig
2021-07-21 12:43 ` [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial() Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct() Naohiro Aota
2 siblings, 1 reply; 7+ messages in thread
From: Naohiro Aota @ 2021-07-21 12:43 UTC (permalink / raw)
To: linux-btrfs, linux-block
Cc: Jens Axboe, David Sterba, Chaitanya Kulkarni, Naohiro Aota
From: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
The function bio_trim has offset and size arguments that are declared
as int.
The callers of this function uses sector_t type when passing the offset
and size e,g. drivers/md/raid1.c:narrow_write_error() and
drivers/md/raid1.c:narrow_write_error().
Change offset and size arguments to sector_t type for bio_trim(). Also, add
WARN_ON_ONCE() to catch their overflow.
Signed-off-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
Signed-off-by: Naohiro Aota <naohiro.aota@wdc.com>
---
block/bio.c | 12 +++++++-----
include/linux/bio.h | 2 +-
include/linux/blk_types.h | 1 +
3 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/block/bio.c b/block/bio.c
index 44205dfb6b60..0bf2b865feaf 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1464,12 +1464,15 @@ EXPORT_SYMBOL(bio_split);
* @bio: bio to trim
* @offset: number of sectors to trim from the front of @bio
* @size: size we want to trim @bio to, in sectors
+ *
+ * This function is typically used for bios that are cloned and submitted
+ * to the underlying device in parts.
*/
-void bio_trim(struct bio *bio, int offset, int size)
+void bio_trim(struct bio *bio, sector_t offset, sector_t size)
{
- /* 'bio' is a cloned bio which we need to trim to match
- * the given offset and size.
- */
+ if (WARN_ON_ONCE(offset > BIO_MAX_SECTORS || size > BIO_MAX_SECTORS ||
+ offset + size > bio->bi_iter.bi_size))
+ return;
size <<= 9;
if (offset == 0 && size == bio->bi_iter.bi_size)
@@ -1480,7 +1483,6 @@ void bio_trim(struct bio *bio, int offset, int size)
if (bio_integrity(bio))
bio_integrity_trim(bio);
-
}
EXPORT_SYMBOL_GPL(bio_trim);
diff --git a/include/linux/bio.h b/include/linux/bio.h
index a0b4cfdf62a4..fb663152521e 100644
--- a/include/linux/bio.h
+++ b/include/linux/bio.h
@@ -379,7 +379,7 @@ static inline void bip_set_seed(struct bio_integrity_payload *bip,
#endif /* CONFIG_BLK_DEV_INTEGRITY */
-extern void bio_trim(struct bio *bio, int offset, int size);
+void bio_trim(struct bio *bio, sector_t offset, sector_t size);
extern struct bio *bio_split(struct bio *bio, int sectors,
gfp_t gfp, struct bio_set *bs);
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index db026b6ec15a..24dfb980fb3f 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -285,6 +285,7 @@ struct bio {
};
#define BIO_RESET_BYTES offsetof(struct bio, bi_max_vecs)
+#define BIO_MAX_SECTORS (UINT_MAX >> SECTOR_SHIFT)
/*
* bio flags
--
2.32.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial()
2021-07-21 12:43 [PATCH v3 0/3] fix argument type of bio_trim() Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 1/3] block: fix arg " Naohiro Aota
@ 2021-07-21 12:43 ` Naohiro Aota
2021-07-21 15:23 ` Christoph Hellwig
2021-07-21 12:43 ` [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct() Naohiro Aota
2 siblings, 1 reply; 7+ messages in thread
From: Naohiro Aota @ 2021-07-21 12:43 UTC (permalink / raw)
To: linux-btrfs, linux-block
Cc: Jens Axboe, David Sterba, Chaitanya Kulkarni, Naohiro Aota
From: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
The offset and can never be negative use unsigned int instead of int type
for them.
Signed-off-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
Signed-off-by: Naohiro Aota <naohiro.aota@wdc.com>
---
fs/btrfs/extent_io.c | 4 +++-
fs/btrfs/extent_io.h | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c
index 1f947e24091a..97c275b5631e 100644
--- a/fs/btrfs/extent_io.c
+++ b/fs/btrfs/extent_io.c
@@ -3153,11 +3153,13 @@ struct bio *btrfs_io_bio_alloc(unsigned int nr_iovecs)
return bio;
}
-struct bio *btrfs_bio_clone_partial(struct bio *orig, int offset, int size)
+struct bio *btrfs_bio_clone_partial(struct bio *orig, u64 offset, u64 size)
{
struct bio *bio;
struct btrfs_io_bio *btrfs_bio;
+ ASSERT(offset <= UINT_MAX && size <= UINT_MAX);
+
/* this will never fail when it's backed by a bioset */
bio = bio_clone_fast(orig, GFP_NOFS, &btrfs_bioset);
ASSERT(bio);
diff --git a/fs/btrfs/extent_io.h b/fs/btrfs/extent_io.h
index 62027f551b44..53abdc280451 100644
--- a/fs/btrfs/extent_io.h
+++ b/fs/btrfs/extent_io.h
@@ -280,7 +280,7 @@ void extent_clear_unlock_delalloc(struct btrfs_inode *inode, u64 start, u64 end,
struct bio *btrfs_bio_alloc(u64 first_byte);
struct bio *btrfs_io_bio_alloc(unsigned int nr_iovecs);
struct bio *btrfs_bio_clone(struct bio *bio);
-struct bio *btrfs_bio_clone_partial(struct bio *orig, int offset, int size);
+struct bio *btrfs_bio_clone_partial(struct bio *orig, u64 offset, u64 size);
int repair_io_failure(struct btrfs_fs_info *fs_info, u64 ino, u64 start,
u64 length, u64 logical, struct page *page,
--
2.32.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct()
2021-07-21 12:43 [PATCH v3 0/3] fix argument type of bio_trim() Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 1/3] block: fix arg " Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial() Naohiro Aota
@ 2021-07-21 12:43 ` Naohiro Aota
2021-07-21 16:04 ` David Sterba
2 siblings, 1 reply; 7+ messages in thread
From: Naohiro Aota @ 2021-07-21 12:43 UTC (permalink / raw)
To: linux-btrfs, linux-block; +Cc: Jens Axboe, David Sterba, Naohiro Aota
When on SINGLE block group, btrfs_get_io_geometry() will return "the
size of the block group - the offset of the logical address within the
block group" as geom.len. Since we allow up to 8 GB zone size on zoned
btrfs, we can have up to 8 GB block group, so can have up to 8 GB
geom.len. With this setup, we easily hit the "ASSERT(geom.len <=
INT_MAX);".
The ASSERT looks like to guard btrfs_bio_clone_partial() and bio_trim()
which both take "int" (now "unsigned int" with the previous patch). So to
be precise the ASSERT should check if clone_len <= UINT_MAX. But
actually, clone_len is already capped by bio.bi_iter.bi_size which is
unsigned int. So the ASSERT is not necessary.
Drop the ASSERT and properly compare submit_len and geom.len in u64. Then,
let the implicit casting to convert it to unsigned int.
Signed-off-by: Naohiro Aota <naohiro.aota@wdc.com>
---
fs/btrfs/inode.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index 8f60314c36c5..8cd1a4f0174a 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -8206,8 +8206,8 @@ static blk_qc_t btrfs_submit_direct(struct inode *inode, struct iomap *iomap,
u64 start_sector;
int async_submit = 0;
u64 submit_len;
- int clone_offset = 0;
- int clone_len;
+ u64 clone_offset = 0;
+ u64 clone_len;
u64 logical;
int ret;
blk_status_t status;
@@ -8255,9 +8255,9 @@ static blk_qc_t btrfs_submit_direct(struct inode *inode, struct iomap *iomap,
status = errno_to_blk_status(ret);
goto out_err_em;
}
- ASSERT(geom.len <= INT_MAX);
- clone_len = min_t(int, submit_len, geom.len);
+ clone_len = min(submit_len, geom.len);
+ ASSERT(clone_len <= UINT_MAX);
/*
* This will never fail as it's passing GPF_NOFS and
--
2.32.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v3 1/3] block: fix arg type of bio_trim()
2021-07-21 12:43 ` [PATCH v3 1/3] block: fix arg " Naohiro Aota
@ 2021-07-21 15:21 ` Christoph Hellwig
0 siblings, 0 replies; 7+ messages in thread
From: Christoph Hellwig @ 2021-07-21 15:21 UTC (permalink / raw)
To: Naohiro Aota
Cc: linux-btrfs, linux-block, Jens Axboe, David Sterba, Chaitanya Kulkarni
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial()
2021-07-21 12:43 ` [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial() Naohiro Aota
@ 2021-07-21 15:23 ` Christoph Hellwig
0 siblings, 0 replies; 7+ messages in thread
From: Christoph Hellwig @ 2021-07-21 15:23 UTC (permalink / raw)
To: Naohiro Aota
Cc: linux-btrfs, linux-block, Jens Axboe, David Sterba, Chaitanya Kulkarni
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct()
2021-07-21 12:43 ` [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct() Naohiro Aota
@ 2021-07-21 16:04 ` David Sterba
0 siblings, 0 replies; 7+ messages in thread
From: David Sterba @ 2021-07-21 16:04 UTC (permalink / raw)
To: Naohiro Aota; +Cc: linux-btrfs, linux-block, Jens Axboe, David Sterba
On Wed, Jul 21, 2021 at 09:43:34PM +0900, Naohiro Aota wrote:
> When on SINGLE block group, btrfs_get_io_geometry() will return "the
> size of the block group - the offset of the logical address within the
> block group" as geom.len. Since we allow up to 8 GB zone size on zoned
> btrfs, we can have up to 8 GB block group, so can have up to 8 GB
> geom.len. With this setup, we easily hit the "ASSERT(geom.len <=
> INT_MAX);".
>
> The ASSERT looks like to guard btrfs_bio_clone_partial() and bio_trim()
> which both take "int" (now "unsigned int" with the previous patch). So to
^^^^^^^^^^^^
That is now u64, fixed in the case below too.
> be precise the ASSERT should check if clone_len <= UINT_MAX. But
> actually, clone_len is already capped by bio.bi_iter.bi_size which is
> unsigned int. So the ASSERT is not necessary.
>
> Drop the ASSERT and properly compare submit_len and geom.len in u64. Then,
> let the implicit casting to convert it to unsigned int.
^^^^^^^^^^^^
As it's fixing the 8GB zone case I'd like to put the series to -rc
queue. There are the two block layer patches, reviewed by Christoph but
I'll wait a bit for acks before sending it to Linus. Meanwhile I'll add
it to for-next for testing. Thanks.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-07-21 16:07 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-21 12:43 [PATCH v3 0/3] fix argument type of bio_trim() Naohiro Aota
2021-07-21 12:43 ` [PATCH v3 1/3] block: fix arg " Naohiro Aota
2021-07-21 15:21 ` Christoph Hellwig
2021-07-21 12:43 ` [PATCH v3 2/3] btrfs: fix argument type of btrfs_bio_clone_partial() Naohiro Aota
2021-07-21 15:23 ` Christoph Hellwig
2021-07-21 12:43 ` [PATCH v3 3/3] btrfs: drop unnecessary ASSERT from btrfs_submit_direct() Naohiro Aota
2021-07-21 16:04 ` David Sterba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).