From: Kent Overstreet <koverstreet@google.com>
To: Vivek Goyal <vgoyal@redhat.com>
Cc: linux-bcache@vger.kernel.org, linux-kernel@vger.kernel.org,
dm-devel@redhat.com, axboe@kernel.dk,
"Martin K. Petersen" <martin.petersen@oracle.com>,
tj@kernel.org
Subject: Re: [dm-devel] [PATCH v3 01/26] block: Fix a buffer overrun in bio_integrity_split()
Date: Mon, 1 Oct 2012 14:42:41 -0700 [thread overview]
Message-ID: <20121001214241.GE26488@google.com> (raw)
In-Reply-To: <20121001212336.GA17165@redhat.com>
On Mon, Oct 01, 2012 at 05:23:36PM -0400, Vivek Goyal wrote:
> On Mon, Sep 24, 2012 at 03:34:41PM -0700, Kent Overstreet wrote:
> > bio_integrity_split() seemed to be confusing pointers and arrays -
> > bip_vec in bio_integrity_payload is an array appended to the end of the
> > payload, so the bio_vecs in struct bio_pair need to come immediately
> > after the bio_integrity_payload they're for, and there was an assignment
> > in bio_integrity_split() that didn't make any sense.
> >
> > Signed-off-by: Kent Overstreet <koverstreet@google.com>
> > CC: Jens Axboe <axboe@kernel.dk>
> > CC: Martin K. Petersen <martin.petersen@oracle.com>
> > ---
> > fs/bio-integrity.c | 3 ---
> > include/linux/bio.h | 6 ++++--
> > 2 files changed, 4 insertions(+), 5 deletions(-)
> >
> > diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
> > index a3f28f3..c7b6b52 100644
> > --- a/fs/bio-integrity.c
> > +++ b/fs/bio-integrity.c
> > @@ -697,9 +697,6 @@ void bio_integrity_split(struct bio *bio, struct bio_pair *bp, int sectors)
> > bp->iv1 = bip->bip_vec[0];
> > bp->iv2 = bip->bip_vec[0];
> >
> > - bp->bip1.bip_vec[0] = bp->iv1;
> > - bp->bip2.bip_vec[0] = bp->iv2;
> > -
> > bp->iv1.bv_len = sectors * bi->tuple_size;
> > bp->iv2.bv_offset += sectors * bi->tuple_size;
> > bp->iv2.bv_len -= sectors * bi->tuple_size;
> > diff --git a/include/linux/bio.h b/include/linux/bio.h
> > index b31036f..8e2d108 100644
> > --- a/include/linux/bio.h
> > +++ b/include/linux/bio.h
> > @@ -200,8 +200,10 @@ struct bio_pair {
> > struct bio bio1, bio2;
> > struct bio_vec bv1, bv2;
> > #if defined(CONFIG_BLK_DEV_INTEGRITY)
> > - struct bio_integrity_payload bip1, bip2;
> > - struct bio_vec iv1, iv2;
> > + struct bio_integrity_payload bip1;
> > + struct bio_vec iv1;
> > + struct bio_integrity_payload bip2;
> > + struct bio_vec iv2;
> > #endif
>
> I think it probably is a good idea to put a comment here so that we
> know that certain elements of structure assume ordering.
>
> Also I am wondering that what's the gurantee that there are no padding
> bytes between bipi1 and iv1 (or bip2 or iv2). I think if there are padding
> bytes then the assumption that bio_vec is always following bip will be
> broken?
Here's the new patch:
commit e270c9ca843b5c86d59431b0d7a676b7846946d6
Author: Kent Overstreet <koverstreet@google.com>
Date: Mon Oct 1 14:41:08 2012 -0700
block: Fix a buffer overrun in bio_integrity_split()
bio_integrity_split() seemed to be confusing pointers and arrays -
bip_vec in bio_integrity_payload is an array appended to the end of the
payload, so the bio_vecs in struct bio_pair need to come immediately
after the bio_integrity_payload they're for, and there was an assignment
in bio_integrity_split() that didn't make any sense.
Also, changed bio_integrity_split() to not refer to the bvecs embedded
in struct bio_pair, in case there's padding between them and
bip->bip_vec.
Signed-off-by: Kent Overstreet <koverstreet@google.com>
CC: Jens Axboe <axboe@kernel.dk>
CC: Martin K. Petersen <martin.petersen@oracle.com>
diff --git a/fs/bio-integrity.c b/fs/bio-integrity.c
index a3f28f3..4ae22a8 100644
--- a/fs/bio-integrity.c
+++ b/fs/bio-integrity.c
@@ -694,15 +694,12 @@ void bio_integrity_split(struct bio *bio, struct bio_pair *bp, int sectors)
bp->bio1.bi_integrity = &bp->bip1;
bp->bio2.bi_integrity = &bp->bip2;
- bp->iv1 = bip->bip_vec[0];
- bp->iv2 = bip->bip_vec[0];
+ *bp->bip1.bip_vec = bip->bip_vec[0];
+ *bp->bip2.bip_vec = bip->bip_vec[0];
- bp->bip1.bip_vec[0] = bp->iv1;
- bp->bip2.bip_vec[0] = bp->iv2;
-
- bp->iv1.bv_len = sectors * bi->tuple_size;
- bp->iv2.bv_offset += sectors * bi->tuple_size;
- bp->iv2.bv_len -= sectors * bi->tuple_size;
+ bp->bip1.bip_vec->bv_len = sectors * bi->tuple_size;
+ bp->bip2.bip_vec->bv_offset += sectors * bi->tuple_size;
+ bp->bip2.bip_vec->bv_len -= sectors * bi->tuple_size;
bp->bip1.bip_sector = bio->bi_integrity->bip_sector;
bp->bip2.bip_sector = bio->bi_integrity->bip_sector + nr_sectors;
diff --git a/include/linux/bio.h b/include/linux/bio.h
index b31036f..8e2d108 100644
--- a/include/linux/bio.h
+++ b/include/linux/bio.h
@@ -200,8 +200,10 @@ struct bio_pair {
struct bio bio1, bio2;
struct bio_vec bv1, bv2;
#if defined(CONFIG_BLK_DEV_INTEGRITY)
- struct bio_integrity_payload bip1, bip2;
- struct bio_vec iv1, iv2;
+ struct bio_integrity_payload bip1;
+ struct bio_vec iv1;
+ struct bio_integrity_payload bip2;
+ struct bio_vec iv2;
#endif
atomic_t cnt;
int error;
next prev parent reply other threads:[~2012-10-01 21:42 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-24 22:34 [PATCH v3 00/26] Prep work for immutable bio vecs Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 01/26] block: Fix a buffer overrun in bio_integrity_split() Kent Overstreet
2012-10-01 21:23 ` [dm-devel] " Vivek Goyal
2012-10-01 21:36 ` Kent Overstreet
2012-10-01 21:42 ` Kent Overstreet [this message]
2012-10-02 14:08 ` Vivek Goyal
2012-10-02 20:26 ` Kent Overstreet
2012-10-02 20:32 ` Vivek Goyal
2012-10-02 21:01 ` Kent Overstreet
2012-10-02 21:58 ` Vivek Goyal
2012-10-02 22:07 ` Kent Overstreet
2012-10-02 22:30 ` Martin K. Petersen
2012-09-24 22:34 ` [PATCH v3 02/26] block: Convert integrity to bvec_alloc_bs() Kent Overstreet
2012-10-02 15:12 ` [dm-devel] " Vivek Goyal
2012-10-02 20:52 ` Kent Overstreet
2012-10-02 22:05 ` Vivek Goyal
2012-10-02 22:17 ` Kent Overstreet
2012-10-02 15:37 ` Vivek Goyal
2012-10-02 21:00 ` Kent Overstreet
2012-10-02 22:02 ` Vivek Goyal
2012-09-24 22:34 ` [PATCH v3 03/26] block: Add bio_advance() Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 04/26] block: Refactor blk_update_request() Kent Overstreet
2012-10-02 18:43 ` [dm-devel] " Vivek Goyal
2012-10-02 20:10 ` Kent Overstreet
2012-10-02 20:14 ` Vivek Goyal
2012-10-02 20:25 ` Kent Overstreet
2012-10-02 18:59 ` Vivek Goyal
2012-10-02 20:09 ` Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 05/26] md: Convert md_trim_bio() to use bio_advance() Kent Overstreet
2012-09-26 0:38 ` NeilBrown
2012-09-27 4:41 ` Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 06/26] block: Add bio_end_sector() Kent Overstreet
2012-09-25 11:54 ` [Drbd-dev] " Lars Ellenberg
2012-09-25 22:06 ` Kent Overstreet
2012-09-26 15:16 ` Lars Ellenberg
2012-10-02 18:10 ` [dm-devel] " Vivek Goyal
2012-10-02 20:20 ` Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 07/26] block: Use bio_sectors() more consistently Kent Overstreet
2012-09-24 23:04 ` Jim Paris
2012-09-24 23:09 ` Kent Overstreet
2012-09-25 0:54 ` Ed Cashin
2012-09-24 22:34 ` [PATCH v3 08/26] block: Change bio_split() to respect the current value of bi_idx Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 09/26] block: Remove bi_idx references Kent Overstreet
2012-10-02 19:24 ` [dm-devel] " Vivek Goyal
2012-10-02 20:16 ` Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 10/26] block: Remove some unnecessary bi_vcnt usage Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 11/26] block: Add submit_bio_wait(), remove from md Kent Overstreet
2012-09-25 5:51 ` [dm-devel] " Hannes Reinecke
2012-09-25 22:15 ` Kent Overstreet
2012-10-02 19:41 ` Vivek Goyal
2012-10-02 20:11 ` Kent Overstreet
2012-10-02 20:16 ` Vivek Goyal
2012-10-02 20:22 ` Kent Overstreet
2012-10-04 6:07 ` Hannes Reinecke
2012-09-24 22:34 ` [PATCH v3 12/26] raid10: Use bio_reset() Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 13/26] raid1: use bio_reset() Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 14/26] raid5: " Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 15/26] raid1: Refactor narrow_write_error() to not use bi_idx Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 16/26] block: Add bio_copy_data() Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 17/26] pktcdvd: use bio_copy_data() Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 18/26] pktcdvd: Use bio_reset() in disabled code to kill bi_idx usage Kent Overstreet
2012-09-24 22:34 ` [PATCH v3 19/26] raid1: use bio_copy_data() Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 20/26] bounce: Refactor __blk_queue_bounce to not use bi_io_vec Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 21/26] block: Add bio_for_each_segment_all() Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 22/26] block: Convert some code to bio_for_each_segment_all() Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 23/26] block: Add bio_alloc_pages() Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 24/26] block: Add an explicit bio flag for bios that own their bvec Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 25/26] bio-integrity: Add explicit field for owner of bip_buf Kent Overstreet
2012-09-24 22:35 ` [PATCH v3 26/26] block: Add BIO_SUBMITTED flag, kill BIO_CLONED Kent Overstreet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121001214241.GE26488@google.com \
--to=koverstreet@google.com \
--cc=axboe@kernel.dk \
--cc=dm-devel@redhat.com \
--cc=linux-bcache@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.petersen@oracle.com \
--cc=tj@kernel.org \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).