From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from verein.lst.de ([213.95.11.211]:49538 "EHLO newverein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751666AbdJ0Gjt (ORCPT ); Fri, 27 Oct 2017 02:39:49 -0400 Date: Fri, 27 Oct 2017 08:39:47 +0200 From: Christoph Hellwig To: Bart Van Assche Cc: Jens Axboe , linux-block@vger.kernel.org, Christoph Hellwig , "Michael S . Tsirkin" , Dann Frazier , stable@vger.kernel.org Subject: Re: [PATCH v4] virtio_blk: Fix an SG_IO regression Message-ID: <20171027063947.GA22931@lst.de> References: <20171026101015.29855-1-bart.vanassche@wdc.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20171026101015.29855-1-bart.vanassche@wdc.com> Sender: stable-owner@vger.kernel.org List-ID: On Thu, Oct 26, 2017 at 12:10:15PM +0200, Bart Van Assche wrote: > Avoid that submitting an SG_IO ioctl triggers a kernel oops that > is preceded by: > > usercopy: kernel memory overwrite attempt detected to (null) () (6 bytes) > kernel BUG at mm/usercopy.c:72! > > Reported-by: Dann Frazier > Fixes: commit ca18d6f769d2 ("block: Make most scsi_req_init() calls implicit") > Signed-off-by: Bart Van Assche > Cc: Michael S. Tsirkin > Cc: Dann Frazier > Cc: # v4.13 > --- > drivers/block/virtio_blk.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c > index 34e17ee799be..e477d4a5181e 100644 > --- a/drivers/block/virtio_blk.c > +++ b/drivers/block/virtio_blk.c > @@ -593,10 +593,20 @@ static int virtblk_map_queues(struct blk_mq_tag_set *set) > return blk_mq_virtio_map_queues(set, vblk->vdev, 0); > } > > +static void virtblk_initialize_rq(struct request *req) > +{ > + struct virtblk_req *vbr = blk_mq_rq_to_pdu(req); > + > +#ifdef CONFIG_VIRTIO_BLK_SCSI > + scsi_req_init(&vbr->sreq); > +#endif How about only defininig the initialize_rq method and implementation if CONFIG_VIRTIO_BLK_SCSI is set? Else looks good: Reviewed-by: Christoph Hellwig