lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c2833bf7-16a2-7eec-4497-69ba02779669@roeck-us.net>
Date:   Wed, 7 Aug 2019 10:47:19 -0700
From:   Guenter Roeck <linux@...ck-us.net>
To:     Paolo Valente <paolo.valente@...aro.org>,
        Jens Axboe <axboe@...nel.dk>
Cc:     linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
        ulf.hansson@...aro.org, linus.walleij@...aro.org,
        bfq-iosched@...glegroups.com, oleksandr@...alenko.name,
        Hsin-Yi Wang <hsinyi@...gle.com>,
        Nicolas Boichat <drinkcat@...omium.org>,
        Doug Anderson <dianders@...omium.org>
Subject: Re: [BUGFIX 1/1] block, bfq: handle NULL return value by
 bfq_init_rq()

On 8/7/19 10:21 AM, Paolo Valente wrote:
> As reported in [1], the call bfq_init_rq(rq) may return NULL in case
> of OOM (in particular, if rq->elv.icq is NULL because memory
> allocation failed in failed in ioc_create_icq()).
> 
> This commit handles this circumstance.
> 
> [1] https://lkml.org/lkml/2019/7/22/824
> 
> Reported-by: Guenter Roeck <linux@...ck-us.net>
> Reported-by: Hsin-Yi Wang <hsinyi@...gle.com>
> Cc: Hsin-Yi Wang <hsinyi@...gle.com>
> Cc: Nicolas Boichat <drinkcat@...omium.org>
> Cc: Doug Anderson <dianders@...omium.org>
> Signed-off-by: Paolo Valente <paolo.valente@...aro.org>

Reviewed-by: Guenter Roeck <linux@...ck-us.net>

> ---
>   block/bfq-iosched.c | 14 +++++++++++---
>   1 file changed, 11 insertions(+), 3 deletions(-)
> 
> diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c
> index 586fcfe227ea..32686300d89b 100644
> --- a/block/bfq-iosched.c
> +++ b/block/bfq-iosched.c
> @@ -2250,9 +2250,14 @@ static void bfq_request_merged(struct request_queue *q, struct request *req,
>   	    blk_rq_pos(container_of(rb_prev(&req->rb_node),
>   				    struct request, rb_node))) {
>   		struct bfq_queue *bfqq = bfq_init_rq(req);
> -		struct bfq_data *bfqd = bfqq->bfqd;
> +		struct bfq_data *bfqd;
>   		struct request *prev, *next_rq;
>   
> +		if (!bfqq)
> +			return;
> +
> +		bfqd = bfqq->bfqd;
> +
>   		/* Reposition request in its sort_list */
>   		elv_rb_del(&bfqq->sort_list, req);
>   		elv_rb_add(&bfqq->sort_list, req);
> @@ -2299,6 +2304,9 @@ static void bfq_requests_merged(struct request_queue *q, struct request *rq,
>   	struct bfq_queue *bfqq = bfq_init_rq(rq),
>   		*next_bfqq = bfq_init_rq(next);
>   
> +	if (!bfqq)
> +		return;
> +
>   	/*
>   	 * If next and rq belong to the same bfq_queue and next is older
>   	 * than rq, then reposition rq in the fifo (by substituting next
> @@ -5436,12 +5444,12 @@ static void bfq_insert_request(struct blk_mq_hw_ctx *hctx, struct request *rq,
>   
>   	spin_lock_irq(&bfqd->lock);
>   	bfqq = bfq_init_rq(rq);
> -	if (at_head || blk_rq_is_passthrough(rq)) {
> +	if (!bfqq || at_head || blk_rq_is_passthrough(rq)) {
>   		if (at_head)
>   			list_add(&rq->queuelist, &bfqd->dispatch);
>   		else
>   			list_add_tail(&rq->queuelist, &bfqd->dispatch);
> -	} else { /* bfqq is assumed to be non null here */
> +	} else {
>   		idle_timer_disabled = __bfq_insert_request(bfqd, rq);
>   		/*
>   		 * Update bfqq, because, if a queue merge has occurred
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ