From patchwork Fri Oct 16 09:22:50 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kinglong Mee X-Patchwork-Id: 7412921 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id C486DBEEA4 for ; Fri, 16 Oct 2015 09:23:08 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id E619E20A1C for ; Fri, 16 Oct 2015 09:23:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id EB65020A48 for ; Fri, 16 Oct 2015 09:23:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753004AbbJPJXF (ORCPT ); Fri, 16 Oct 2015 05:23:05 -0400 Received: from mail-pa0-f45.google.com ([209.85.220.45]:32842 "EHLO mail-pa0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752878AbbJPJXD (ORCPT ); Fri, 16 Oct 2015 05:23:03 -0400 Received: by pabrc13 with SMTP id rc13so115742926pab.0 for ; Fri, 16 Oct 2015 02:23:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type:content-transfer-encoding; bh=byBDHJTSxdLABjH0fDgROlubrnpjO7bwVAdB6iqGWs4=; b=SnA3jaazdi7dqP1OtIvWgiLYXYVDeOHBzWj++CjDbDsFRydDdCyCSElXo6RTdvMWn7 JQyJBfd5Dp1QjbUf9jdETffGl/NFm8vUs8XFP7KJYBhvJLiGcV9bqiJiemZMnhATbQby HnpFZ7EtYfhS6d50oQlbLdbp3Zq/UvKrO6+r96wW8ekwupnCqDFpJYcAETJWwlTdqtOU PyQlgirDezU7KZe1G96agtpIBsQ2Od2uQ2N69l/DGlEIMKZY7gzJkof9Me5Mn7mwsk+M ahENwxgq+X4zOZptG7dZugYWKf+zqOgw4bh6dSk+8xD3DqM2kXTxl76MQuIzwkRXA5Al aolg== X-Received: by 10.68.222.163 with SMTP id qn3mr15511841pbc.54.1444987382129; Fri, 16 Oct 2015 02:23:02 -0700 (PDT) Received: from [192.168.99.6] (li1439-189.members.linode.com. [45.118.132.189]) by smtp.googlemail.com with ESMTPSA id ch3sm20032099pbb.18.2015.10.16.02.22.58 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 16 Oct 2015 02:23:01 -0700 (PDT) Subject: [PATCH 1/2] nfs/blocklayout: Fix bad using of page offset in bl_read_pagelist To: Trond Myklebust References: <55FF77DD.8070807@gmail.com> <561CFD01.3080201@gmail.com> <561E01BA.4040109@gmail.com> <561F9FBA.7090501@gmail.com> Cc: "linux-nfs@vger.kernel.org" , kinglongmee@gmail.com From: Kinglong Mee Message-ID: <5620C1EA.9020302@gmail.com> Date: Fri, 16 Oct 2015 17:22:50 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <561F9FBA.7090501@gmail.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Blocklayout uses file offset for the read-back page's offset of first writing, it's definitely wrong, it writes data to bad address of page that cause userspace application segment fault. It must be the page base stored in header->args.pgbase. Also, the pg_offset has no influence with isect and extent length. Note: The offset of the non-first page is always zero. Ps: A test program will segment fault at read() as, #define _GNU_SOURCE #include #include #include #include #include #include #include int main(int argc, char **argv) { char buf[2049]; char *filename = NULL; int fd = -1; if (argc < 2) { printf("Usage: %s filename\n", argv[0]); return 0; } filename = argv[1]; fd = open(filename, O_RDONLY | O_DIRECT); if (fd < 0) { printf("Open %s fail: %m\n", filename); return 1; } lseek(fd, 2048, SEEK_SET); if (read(fd, buf, sizeof(buf) - 1) != (sizeof(buf) - 1)) printf("Read 4096 bityes data from %s fail: %m\n", filename); out: close(fd); return 0; } Signed-off-by: Kinglong Mee --- fs/nfs/blocklayout/blocklayout.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c index 9cd4eb3..ddd0138 100644 --- a/fs/nfs/blocklayout/blocklayout.c +++ b/fs/nfs/blocklayout/blocklayout.c @@ -229,7 +229,7 @@ bl_read_pagelist(struct nfs_pgio_header *header) struct parallel_io *par; loff_t f_offset = header->args.offset; size_t bytes_left = header->args.count; - unsigned int pg_offset, pg_len; + unsigned int pg_offset = header->args.pgbase, pg_len; struct page **pages = header->args.pages; int pg_index = header->args.pgbase >> PAGE_CACHE_SHIFT; const bool is_dio = (header->dreq != NULL); @@ -262,7 +262,6 @@ bl_read_pagelist(struct nfs_pgio_header *header) extent_length = be.be_length - (isect - be.be_f_offset); } - pg_offset = f_offset & ~PAGE_CACHE_MASK; if (is_dio) { if (pg_offset + bytes_left > PAGE_CACHE_SIZE) pg_len = PAGE_CACHE_SIZE - pg_offset; @@ -273,9 +272,6 @@ bl_read_pagelist(struct nfs_pgio_header *header) pg_len = PAGE_CACHE_SIZE; } - isect += (pg_offset >> SECTOR_SHIFT); - extent_length -= (pg_offset >> SECTOR_SHIFT); - if (is_hole(&be)) { bio = bl_submit_bio(READ, bio); /* Fill hole w/ zeroes w/o accessing device */ @@ -301,6 +297,7 @@ bl_read_pagelist(struct nfs_pgio_header *header) extent_length -= (pg_len >> SECTOR_SHIFT); f_offset += pg_len; bytes_left -= pg_len; + pg_offset = 0; } if ((isect << SECTOR_SHIFT) >= header->inode->i_size) { header->res.eof = 1;