Re: [PATCH] 9p/virtio: restrict page pinning to user_backed_iter() iovec

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Christian Schoenebeck <linux_oss@crudebyte.com>
To: Eric Van Hensbergen <ericvh@kernel.org>,
	Latchesar Ionkov <lucho@ionkov.net>,
	asmadeus@codewreck.org, Chris Arges <carges@cloudflare.com>,
	Dominique Martinet <asmadeus@codewreck.org>
Cc: v9fs@lists.linux.dev, linux-kernel@vger.kernel.org,
	David Howells <dhowells@redhat.com>,
	Matthew Wilcox <willy@infradead.org>,
	linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] 9p/virtio: restrict page pinning to user_backed_iter() iovec
Date: Wed, 17 Dec 2025 14:41:31 +0100	[thread overview]
Message-ID: <2332946.iZASKD2KPV@weasel> (raw)
In-Reply-To: <20251210-virtio_trans_iter-v1-1-92eee6d8b6db@codewreck.org>

On Tuesday, 9 December 2025 22:04:23 CET Dominique Martinet via B4 Relay 
wrote:
> From: Dominique Martinet <asmadeus@codewreck.org>
> 
> When doing a loop mount of a filesystem over 9p, read requests can come
> from unexpected places and blow up as reported by Chris Arges with this
> reproducer:
> ```
> dd if=/dev/zero of=./xfs.img bs=1M count=300
> yes | mkfs.xfs -b size=8192 ./xfs.img
> rm -rf ./mount && mkdir -p ./mount
> mount -o loop ./xfs.img ./mount
> ```
> 
> The problem is that iov_iter_get_pages_alloc2() apparently cannot be
> called on folios (as illustrated by the backtrace below), so limit what
> iov we can pin from !iov_iter_is_kvec() to user_backed_iter()
[...] 
> diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c
> index
> 10c2dd48643818907f4370243eb971fceba4d40b..f7ee1f864b03a59568510eb0dd3496bd0
> 5b3b8d6 100644 --- a/net/9p/trans_virtio.c
> +++ b/net/9p/trans_virtio.c
> @@ -318,7 +318,7 @@ static int p9_get_mapped_pages(struct virtio_chan *chan,
> if (!iov_iter_count(data))
>  		return 0;
> 
> -	if (!iov_iter_is_kvec(data)) {
> +	if (user_backed_iter(data)) {
>  		int n;
>  		/*
>  		 * We allow only p9_max_pages pinned. We wait for the
> 
> ---
> base-commit: 3e281113f871d7f9c69ca55a4d806a72180b7e8a
> change-id: 20251210-virtio_trans_iter-5973892db2e3

Something's seriously messed up with 9p cache right now. With today's git 
master I do get data corruption in any 9p cache mode, including cache=mmap, 
only cache=none behaves clean.

With this patch applied though it gets even worse as I can't even boot due to 
immediate 9p data corruption. Could be coincidence, as I get corruption 
without this patch in any cache mode as well, but at least I have to try much 
harder to trigger it.

Currently busy with other stuff, so could be a while before being able to 
identify the cause.

/Christian

next prev parent reply	other threads:[~2025-12-17 13:41 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-12-09 21:04 [PATCH] 9p/virtio: restrict page pinning to user_backed_iter() iovec Dominique Martinet via B4 Relay
2025-12-10  4:21 ` Matthew Wilcox
2025-12-10  6:04 ` Christoph Hellwig
2025-12-10  7:38   ` asmadeus
2025-12-10  8:32     ` Christoph Hellwig
2025-12-13 13:28       ` asmadeus
2025-12-15  5:55         ` Christoph Hellwig
2025-12-15  7:34           ` Dominique Martinet
2025-12-15 11:16             ` Christian Schoenebeck
2025-12-15 14:37             ` Christoph Hellwig
2025-12-19 12:03             ` David Howells
2025-12-19 12:00           ` David Howells
2025-12-19 11:26         ` David Howells
2025-12-10 13:33   ` Christian Schoenebeck
2025-12-17 13:41 ` Christian Schoenebeck [this message]
2025-12-17 21:49   ` asmadeus
2025-12-18 14:21     ` asmadeus
2025-12-18 15:14       ` Christian Schoenebeck
2025-12-18 23:14         ` asmadeus
2025-12-19  4:09           ` 9p read corruption of mmaped content (Was: [PATCH] 9p/virtio: restrict page pinning to user_backed_iter() iovec) Dominique Martinet
2025-12-19 11:53             ` Dominique Martinet
2025-12-19 13:46               ` Dominique Martinet
2025-12-19 14:01             ` David Howells
2025-12-19 12:06   ` [PATCH] 9p/virtio: restrict page pinning to user_backed_iter() iovec David Howells

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2332946.iZASKD2KPV@weasel \
    --to=linux_oss@crudebyte.com \
    --cc=asmadeus@codewreck.org \
    --cc=carges@cloudflare.com \
    --cc=dhowells@redhat.com \
    --cc=ericvh@kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucho@ionkov.net \
    --cc=v9fs@lists.linux.dev \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).