lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4D8CF202.9010809@kernel.dk>
Date:	Fri, 25 Mar 2011 20:50:26 +0100
From:	Jens Axboe <axboe@...nel.dk>
To:	Mike Snitzer <snitzer@...hat.com>
CC:	Markus Trippelsdorf <markus@...ppelsdorf.de>,
	Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
	linux-kernel@...r.kernel.org, Chris Mason <chris.mason@...cle.com>,
	tj@...nel.org, Vivek Goyal <vgoyal@...hat.com>,
	Jeff Moyer <jmoyer@...hat.com>
Subject: Re: elevator private data for REQ_FLUSH

On 2011-03-25 19:54, Mike Snitzer wrote:
> On Fri, Mar 25 2011 at 11:50am -0400,
> Jens Axboe <axboe@...nel.dk> wrote:
> 
>> On 2011-03-25 16:40, Mike Snitzer wrote:
>>> On Fri, Mar 25 2011 at 11:22am -0400,
>>> Markus Trippelsdorf <markus@...ppelsdorf.de> wrote:
>>>
>>>> On 2011.03.25 at 17:15 +0200, Sergey Senozhatsky wrote:
>>>>> Hello,
>>>>>
>>>>> Commit
>>>>>     9d5a4e946ce5352f19400b6370f4cd8e72806278
>>>>>     block: skip elevator data initialization for flush requests
>>>>>     
>>>>>     Skip elevator initialization for flush requests by passing priv=0 to
>>>>>     blk_alloc_request() in get_request().  As such elv_set_request() is
>>>>>     never called for flush requests.
>>>>>
>>>>> introduced priv flag, to skip elevator_private data init for FLUSH requests.
>>>>> This, I guess, lead to NULL pointer deref on my machine in cfq_insert_request,
>>>>> which requires elevator_private to be set:
>>>>>
>>>>>   1 [   78.982169] Call Trace:                                                                                                                                                                                                     
>>>>>   2 [   78.982178]  [<ffffffff8122d1fe>] cfq_insert_request+0x4e/0x47d
>>>>>   3 [   78.982184]  [<ffffffff8123e139>] ? do_raw_spin_lock+0x6b/0x122
>>>>
>>>>> Should we in that case use ELEVATOR_INSERT_FLUSH for REQ_FLUSH | REQ_FUA requests
>>>>> (like below)?
>>>>>
>>>>> ---
>>>>>
>>>>>  block/elevator.c |    2 ++
>>>>>  1 files changed, 2 insertions(+), 0 deletions(-)
>>>>>
>>>>> diff --git a/block/elevator.c b/block/elevator.c
>>>>> index c387d31..b17e577 100644
>>>>> --- a/block/elevator.c
>>>>> +++ b/block/elevator.c
>>>>> @@ -734,6 +734,8 @@ void __elv_add_request(struct request_queue *q, struct request *rq, int where)
>>>>>  			q->end_sector = rq_end_sector(rq);
>>>>>  			q->boundary_rq = rq;
>>>>>  		}
>>>>> +	} else if (rq->cmd_flags & (REQ_FLUSH | REQ_FUA)) {
>>>>> +		where = ELEVATOR_INSERT_FLUSH;
>>>>>  	} else if (!(rq->cmd_flags & REQ_ELVPRIV) &&
>>>>>  		    where == ELEVATOR_INSERT_SORT)
>>>>>  		where = ELEVATOR_INSERT_BACK;
>>>>
>>>> Thanks. That solves all (corruption-) problems that I reported earlier in an other
>>>> thread. 
>>>
>>> So the flush-merge changes introduced ELEVATOR_INSERT_FLUSH (via commit
>>> ae1b1539).  And the flush bio will now get ELEVATOR_INSERT_FLUSH in
>>> __make_request().
>>>
>>> So it is interesting that the flush is getting inserted in the elevator
>>> at all.  AFAIK that shouldn't be (and historically hasn't been) the
>>> case.
>>>
>>> Combination of onstack plug changes?
>>
>> It is, it forces a sort insert. I'll fix this up, I'm relieved we have a
>> good handle on this issue now.
> 
> Should we also add a safety net to avoid the potential for future silent
> corruption, etc?  E.g.:

Yes, I was thinking about something like that. I consider the patch
merged an immediate stop gap, we need to improve this situation. It's
not exactly pretty to have this sort of condition in both
__make_request() and flush_plug_list(). Clearly it should be handled
further down.


-- 
Jens Axboe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ