| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Jun 2010 19:51:04 -0400
From: Mike Snitzer <snitzer@...hat.com>
To: James Bottomley <James.Bottomley@...e.de>
Cc: Mikulas Patocka <mpatocka@...hat.com>,
device-mapper development <dm-devel@...hat.com>,
axboe@...nel.dk, linux-scsi@...r.kernel.org,
martin.petersen@...cle.com, linux-kernel@...r.kernel.org,
akpm@...ux-foundation.org, Christoph Hellwig <hch@....de>
Subject: Re: [PATCH 1/2] block: fix leaks associated with discard request
payload
On Tue, Jun 29 2010 at 7:03pm -0400,
James Bottomley <James.Bottomley@...e.de> wrote:
> On Tue, 2010-06-29 at 18:28 -0400, Mikulas Patocka wrote:
> >
> > On Sun, 27 Jun 2010, James Bottomley wrote:
> >
> > > linux-scsi cc added, since it's a SCSI patch.
> > >
> > > On Sat, 2010-06-26 at 15:56 -0400, Mike Snitzer wrote:
> > > > Fix leaks introduced via "block: don't allocate a payload for discard
> > > > request" commit a1d949f5f44.
> > > >
> > > > sd_done() is not called for REQ_TYPE_BLOCK_PC commands so cleanup
> > > > discard request's payload directly in scsi_finish_command().
> > > >
> > > > Also cleanup page allocated for discard payload in
> > > > scsi_setup_discard_cmnd's scsi_setup_blk_pc_cmnd error path.
> > > >
> > > > Signed-off-by: Mike Snitzer <snitzer@...hat.com>
> > > > ---
> > > > block/blk-core.c | 23 +++++++++++++++++++++++
> > > > drivers/scsi/scsi.c | 8 ++++++++
> > > > drivers/scsi/sd.c | 18 ++++++++----------
> > > > include/linux/blkdev.h | 1 +
> > > > 4 files changed, 40 insertions(+), 10 deletions(-)
> > > >
> > > > diff --git a/block/blk-core.c b/block/blk-core.c
> > > > index 98b4cee..07925aa 100644
> > > > --- a/block/blk-core.c
> > > > +++ b/block/blk-core.c
> > > > @@ -1167,6 +1167,29 @@ void blk_add_request_payload(struct request *rq, struct page *page,
> > > > }
> > > > EXPORT_SYMBOL_GPL(blk_add_request_payload);
> > > >
> > > > +/**
> > > > + * blk_clear_request_payload - clear a request's payload
> > > > + * @rq: request to update
> > > > + *
> > > > + * The driver needs to take care of freeing the payload itself.
> > > > + */
> > > > +void blk_clear_request_payload(struct request *rq)
> > > > +{
> > > > + struct bio *bio = rq->bio;
> > > > +
> > > > + rq->__data_len = rq->resid_len = 0;
> > > > + rq->nr_phys_segments = 0;
> > > > + rq->buffer = NULL;
> > > > +
> > > > + bio->bi_size = 0;
> > > > + bio->bi_vcnt = 0;
> > > > + bio->bi_phys_segments = 0;
> > > > +
> > > > + bio->bi_io_vec->bv_page = NULL;
> > > > + bio->bi_io_vec->bv_len = 0;
> > > > +}
> > > > +EXPORT_SYMBOL_GPL(blk_clear_request_payload);
> > > > +
> > > > void init_request_from_bio(struct request *req, struct bio *bio)
> > > > {
> > > > req->cpu = bio->bi_comp_cpu;
> > > > diff --git a/drivers/scsi/scsi.c b/drivers/scsi/scsi.c
> > > > index ad0ed21..69c7ea4 100644
> > > > --- a/drivers/scsi/scsi.c
> > > > +++ b/drivers/scsi/scsi.c
> > > > @@ -851,6 +851,14 @@ void scsi_finish_command(struct scsi_cmnd *cmd)
> > > > */
> > > > if (good_bytes == old_good_bytes)
> > > > good_bytes -= scsi_get_resid(cmd);
> > > > + } else if (cmd->request->cmd_flags & REQ_DISCARD) {
> > > > + /*
> > > > + * If this is a discard request that originated from the kernel
> > > > + * we need to free our payload here. Note that we need to check
> > > > + * the request flag as the normal payload rules apply for
> > > > + * pass-through UNMAP / WRITE SAME requests.
> > > > + */
> > > > + __free_page(bio_page(cmd->request->bio));
> > >
> > > This is another layering violation: the page is allocated in the Upper
> > > layer and freed in the mid-layer.
> > >
> > > I really hate these growing contortions for discard. They're a clear
> > > signal that we haven't implemented it right.
> > >
> > > So let's first work out how it should be done. I really like Tomo's
> > > idea of doing discard through the normal REQ_TYPE_FS route, which means
> > > we can control the setup in prep and the tear down in done, all confined
> > > to the ULD.
> > >
> > > Where I think I'm at is partially what Christoph says: The command
> > > transformation belongs in the ULD so that's where the allocation and
> > > deallocation should be, and partly what Tomo says in that we should
> > > eliminate the special case paths.
> > >
> > > The payload vs actual request size should be a red herring if we've got
> > > everything correct: only the ULD cares about the request parameters.
> > > Once we've got everything set up, the mid layer and LLD should only care
> > > about the parameters in the command, so we can confine the size changing
> > > part to the ULD doing the discard.
> > >
> > > Could someone take a stab at this and see if it works without layering
> > > violations or any other problematic signals?
> > >
> > > Thanks,
> > >
> > > James
> >
> > Well, I think that you overestimate the importance of scsi code too much.
>
> Not, I think, a deadly sin for a SCSI maintainer.
Indeed ;)
> > There is a layering violation in the code. So what --- you either fix the
> > layering violation or let it be there and grind your teeth on it. But in
> > either case, that layering violation won't affect anyone except scsi
> > developers.
>
> A layering violation is a signal of bad design wherever it occurs, so
> that wasn't a SCSI centric argument.
>
> > On the other hand, if you say "because we want to avoid layering violation
> > in SCSI, every issuer of discard request must supply an empty page", you
> > create havoc all over the Linux codebase. md, dm, drbd, xvd, virtio ---
> > whatever you think of, will be allocating a dummy page when constructing
> > a discard request.
>
> Since I didn't actually say any of that, I suggest you re-read text you
> quoted above. The phrase "The command transformation belongs in the ULD
> so that's where the allocation and deallocation should be" might be a
> relevant one to concentrate on.
Right, freeing the page, that was allocated in SCSI's ULD, from the SCSI
midlayer is a SCSI layering violation. I think Mikulas was reacting to
the desire to maintain the existing, arguably more problematic, layering
violation that spans the block and SCSI layers.
> > If the layering violation spans only scsi code, it can be eventually
> > fixed, but this, much worse "layering violation" that will be spanning all
> > block device midlayers, won't ever be fixed.
> >
> > Imagine for example --- a discard request arrivers at a dm-snapshot
> > device. The driver splits it into chunks, remaps each chunk to the
> > physical chunk, submits the requests, the elevator merges adjacent
> > requests and submits fewer bigger requests to the device. Now, if you had
> > to allocate a zeroed page each time you are splitting the request, that
> > would exhaust memory and burn cpu needlessly. You delete a 100MB file? ---
> > fine, allocate a 100MB of zeroed pages.
>
> This is a straw man: You've tried to portray a position I've never
> taken as mine then attack it ... with what is effectively another bogus
> argument.
>
> It's not an either/or choice. I've asked the relevant parties to
> combine the approaches and see if a REQ_TYPE_FS path that does the
> allocations in the appropriate place, likely the ULD, produces a good
> design.
If in the end we can fix up SCSI properly then everyone is happy. So
lets just keep working toward that. The various attempts to convert
discard over to REQ_TYPE_FS have fallen short. Hopefully we'll have a
break through shortly.
Thanks for your guidance James,
Mike
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists