From: Matias Bjorling <m@bjorling.me>
To: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Jens Axboe <axboe@kernel.dk>,
Andrew Morton <akpm@linux-foundation.org>,
Yuanhan Liu <yuanhan.liu@linux.intel.com>,
"Darrick J. Wong" <darrick.wong@oracle.com>,
Jan Kara <jack@suse.cz>, Johannes Weiner <hannes@cmpxchg.org>,
Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Sumanth <sumantk2@linux.vnet.ibm.com>
Subject: Re: [RFC PATCH] fs null_blk: Null pointer deference problem in alloc_page_buffers
Date: Fri, 17 Jan 2014 10:26:27 -0800 [thread overview]
Message-ID: <52D975D3.2010009@bjorling.me> (raw)
In-Reply-To: <1389950530-8903-1-git-send-email-raghavendra.kt@linux.vnet.ibm.com>
On 01/17/2014 01:22 AM, Raghavendra K T wrote:
>
> diff --git a/drivers/block/null_blk.c b/drivers/block/null_blk.c
> index a2e69d2..6b0e049 100644
> --- a/drivers/block/null_blk.c
> +++ b/drivers/block/null_blk.c
> @@ -535,6 +535,11 @@ static int null_add_dev(void)
> if (!nullb)
> return -ENOMEM;
>
> + if (bs > PAGE_SIZE) {
> + WARN(1, "Invalid block size. Setting it to 4096\n");
> + bs = 4096;
> + }
> +
Use PAGESIZE instead, move it to null_init with the other checks and use
pr_warn for issuing the warning.
> spin_lock_init(&nullb->lock);
>
> if (queue_mode == NULL_Q_MQ && use_per_node_hctx)
> diff --git a/fs/buffer.c b/fs/buffer.c
> index 6024877..029c698 100644
> --- a/fs/buffer.c
> +++ b/fs/buffer.c
> @@ -883,6 +883,7 @@ struct buffer_head *alloc_page_buffers(struct page *page, unsigned long size,
> struct buffer_head *bh, *head;
> long offset;
>
> + BUG_ON(size > PAGE_SIZE);
> try_again:
> head = NULL;
> offset = PAGE_SIZE;
> @@ -1571,6 +1572,7 @@ void create_empty_buffers(struct page *page,
> struct buffer_head *bh, *head, *tail;
>
> head = alloc_page_buffers(page, blocksize, 1);
> + BUG_ON(!head);
> bh = head;
> do {
> bh->b_state |= b_state;
>
It seems? that the physical sector size is always limited to the system
page size.
Why not do the check in add_disk (or __blkdev_get) and fail there,
instead of failing on the first partition check?
next prev parent reply other threads:[~2014-01-17 18:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-17 9:22 [RFC PATCH] fs null_blk: Null pointer deference problem in alloc_page_buffers Raghavendra K T
2014-01-17 17:39 ` Jeff Moyer
2014-01-17 18:35 ` Raghavendra K T
2014-01-17 18:26 ` Matias Bjorling [this message]
2014-01-17 18:48 ` Raghavendra K T
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52D975D3.2010009@bjorling.me \
--to=m@bjorling.me \
--cc=akpm@linux-foundation.org \
--cc=axboe@kernel.dk \
--cc=darrick.wong@oracle.com \
--cc=hannes@cmpxchg.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=raghavendra.kt@linux.vnet.ibm.com \
--cc=sumantk2@linux.vnet.ibm.com \
--cc=viro@zeniv.linux.org.uk \
--cc=yuanhan.liu@linux.intel.com \
--cc=zhangyanfei@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.