| Message ID | 20191209191114.17266-1-agruenba@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | block: fix "check bi_size overflow before merge" | expand |
On Mon, Dec 09, 2019 at 08:11:14PM +0100, Andreas Gruenbacher wrote: > This partially reverts commit e3a5d8e386c3fb973fa75f2403622a8f3640ec06. > > Commit e3a5d8e386c3 ("check bi_size overflow before merge") adds a bio_full > check to __bio_try_merge_page. This will cause __bio_try_merge_page to fail > when the last bi_io_vec has been reached. Instead, what we want here is only > the bi_size overflow check. > > Fixes: e3a5d8e386c3 ("block: check bi_size overflow before merge") > Cc: stable@vger.kernel.org # v5.4+ > Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> > --- > block/bio.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/block/bio.c b/block/bio.c > index 9d54aa37ce6c..a5d75f6bf4c7 100644 > --- a/block/bio.c > +++ b/block/bio.c > @@ -754,10 +754,12 @@ bool __bio_try_merge_page(struct bio *bio, struct page *page, > if (WARN_ON_ONCE(bio_flagged(bio, BIO_CLONED))) > return false; > > - if (bio->bi_vcnt > 0 && !bio_full(bio, len)) { > + if (bio->bi_vcnt > 0) { > struct bio_vec *bv = &bio->bi_io_vec[bio->bi_vcnt - 1]; > > if (page_is_mergeable(bv, page, len, off, same_page)) { > + if (bio->bi_iter.bi_size > UINT_MAX - len) > + return false; > bv->bv_len += len; > bio->bi_iter.bi_size += len; > return true; page merging doesn't consume new bvec, so this patch is correct: Reviewed-by: Ming Lei <ming.lei@redhat.com> Thanks, Ming
On 12/9/19 12:11 PM, Andreas Gruenbacher wrote: > This partially reverts commit e3a5d8e386c3fb973fa75f2403622a8f3640ec06. > > Commit e3a5d8e386c3 ("check bi_size overflow before merge") adds a bio_full > check to __bio_try_merge_page. This will cause __bio_try_merge_page to fail > when the last bi_io_vec has been reached. Instead, what we want here is only > the bi_size overflow check. Applied, thanks.
diff --git a/block/bio.c b/block/bio.c index 9d54aa37ce6c..a5d75f6bf4c7 100644 --- a/block/bio.c +++ b/block/bio.c @@ -754,10 +754,12 @@ bool __bio_try_merge_page(struct bio *bio, struct page *page, if (WARN_ON_ONCE(bio_flagged(bio, BIO_CLONED))) return false; - if (bio->bi_vcnt > 0 && !bio_full(bio, len)) { + if (bio->bi_vcnt > 0) { struct bio_vec *bv = &bio->bi_io_vec[bio->bi_vcnt - 1]; if (page_is_mergeable(bv, page, len, off, same_page)) { + if (bio->bi_iter.bi_size > UINT_MAX - len) + return false; bv->bv_len += len; bio->bi_iter.bi_size += len; return true;
This partially reverts commit e3a5d8e386c3fb973fa75f2403622a8f3640ec06. Commit e3a5d8e386c3 ("check bi_size overflow before merge") adds a bio_full check to __bio_try_merge_page. This will cause __bio_try_merge_page to fail when the last bi_io_vec has been reached. Instead, what we want here is only the bi_size overflow check. Fixes: e3a5d8e386c3 ("block: check bi_size overflow before merge") Cc: stable@vger.kernel.org # v5.4+ Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> --- block/bio.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)