From: Christoph Hellwig <hch@lst.de>
To: Uday Shankar <ushankar@purestorage.com>
Cc: Jens Axboe <axboe@kernel.dk>, Kanchan Joshi <joshi.k@samsung.com>,
Anuj Gupta <anuj20.g@samsung.com>, Christoph Hellwig <hch@lst.de>,
linux-block@vger.kernel.org,
Xinyu Zhang <xizhang@purestorage.com>
Subject: Re: [PATCH] block: fix sanity checks in blk_rq_map_user_bvec
Date: Thu, 24 Oct 2024 06:56:22 +0200 [thread overview]
Message-ID: <20241024045622.GA30309@lst.de> (raw)
In-Reply-To: <20241023211519.4177873-1-ushankar@purestorage.com>
On Wed, Oct 23, 2024 at 03:15:19PM -0600, Uday Shankar wrote:
> @@ -600,9 +600,7 @@ static int blk_rq_map_user_bvec(struct request *rq, const struct iov_iter *iter)
> if (nsegs >= nr_segs || bytes > UINT_MAX - bv->bv_len)
> goto put_bio;
> if (bytes + bv->bv_len > nr_iter)
> - goto put_bio;
> - if (bv->bv_offset + bv->bv_len > PAGE_SIZE)
> - goto put_bio;
> + break;
So while this fixes NVMe, it actually breaks just about every SCSI
driver as the code will easily exceed max_segment_size now, which the
old code obeyed (although more by accident).
The right thing here is to probably remove blk_rq_map_user_bvec entirely
and rely on the ITER_BVEC extraction in iov_iter_extract_pages plus
the bio_add_hw_page in bio_map_user_iov.
next prev parent reply other threads:[~2024-10-24 4:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-23 21:15 [PATCH] block: fix sanity checks in blk_rq_map_user_bvec Uday Shankar
2024-10-23 22:31 ` Jens Axboe
2024-10-23 22:46 ` Uday Shankar
2024-10-23 22:50 ` Uday Shankar
2024-10-23 22:54 ` Bart Van Assche
2024-10-24 0:42 ` Chaitanya Kulkarni
2024-10-23 23:03 ` Jens Axboe
2024-10-24 4:56 ` Christoph Hellwig [this message]
2024-10-24 6:05 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241024045622.GA30309@lst.de \
--to=hch@lst.de \
--cc=anuj20.g@samsung.com \
--cc=axboe@kernel.dk \
--cc=joshi.k@samsung.com \
--cc=linux-block@vger.kernel.org \
--cc=ushankar@purestorage.com \
--cc=xizhang@purestorage.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.