dm bio prison v1: add dm_cell_key_has_valid_range

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Don't have bio_detain() BUG_ON if a dm_cell_key is beyond
BIO_PRISON_MAX_RANGE or spans a boundary.

Update dm-thin.c:build_key() to use dm_cell_key_has_valid_range() which
will do this checking without using BUG_ON. Also update
process_discard_bio() to check the discard bio that DM core passes in
(having first imposed max_discard_granularity based splitting).

dm_cell_key_has_valid_range() will merely WARN_ON_ONCE if it returns
false because if it does: it is programmer error that should be caught
with proper testing. So relax the BUG_ONs to be WARN_ON_ONCE.

Signed-off-by: Mike Snitzer <snitzer@kernel.org>

Mike Snitzer 3 years ago 3f8d3f54 e2dd8aca

+29 -11

3 changed files

expand all

drivers

dm-bio-prison-v1.c

dm-bio-prison-v1.h

dm-thin.c

+9 -5

drivers/md/dm-bio-prison-v1.c

··· 120 120 return (key->block_begin >> BIO_PRISON_MAX_RANGE_SHIFT) & LOCK_MASK; 121 121 } 122 122 123 - static void check_range(struct dm_cell_key *key) 123 + bool dm_cell_key_has_valid_range(struct dm_cell_key *key) 124 124 { 125 - BUG_ON(key->block_end - key->block_begin > BIO_PRISON_MAX_RANGE); 126 - BUG_ON((key->block_begin >> BIO_PRISON_MAX_RANGE_SHIFT) != 127 - ((key->block_end - 1) >> BIO_PRISON_MAX_RANGE_SHIFT)); 125 + if (WARN_ON_ONCE(key->block_end - key->block_begin > BIO_PRISON_MAX_RANGE)) 126 + return false; 127 + if (WARN_ON_ONCE((key->block_begin >> BIO_PRISON_MAX_RANGE_SHIFT) != 128 + (key->block_end - 1) >> BIO_PRISON_MAX_RANGE_SHIFT)) 129 + return false; 130 + 131 + return true; 128 132 } 133 + EXPORT_SYMBOL(dm_cell_key_has_valid_range); 129 134 130 135 static int __bio_detain(struct rb_root *root, 131 136 struct dm_cell_key *key, ··· 177 172 { 178 173 int r; 179 174 unsigned l = lock_nr(key); 180 - check_range(key); 181 175 182 176 spin_lock_irq(&prison->regions[l].lock); 183 177 r = __bio_detain(&prison->regions[l].cell, key, inmate, cell_prealloc, cell_result);

drivers/md/dm-bio-prison-v1.h

··· 84 84 struct dm_bio_prison_cell **cell_result); 85 85 86 86 /* 87 + * Returns false if key is beyond BIO_PRISON_MAX_RANGE or spans a boundary. 88 + */ 89 + bool dm_cell_key_has_valid_range(struct dm_cell_key *key); 90 + 91 + /* 87 92 * An atomic op that combines retrieving or creating a cell, and adding a 88 93 * bio to it. 89 94 *

+15 -6

drivers/md/dm-thin.c

··· 118 118 PHYSICAL 119 119 }; 120 120 121 - static void build_key(struct dm_thin_device *td, enum lock_space ls, 121 + static bool build_key(struct dm_thin_device *td, enum lock_space ls, 122 122 dm_block_t b, dm_block_t e, struct dm_cell_key *key) 123 123 { 124 124 key->virtual = (ls == VIRTUAL); 125 125 key->dev = dm_thin_dev_id(td); 126 126 key->block_begin = b; 127 127 key->block_end = e; 128 + 129 + return dm_cell_key_has_valid_range(key); 128 130 } 129 131 130 132 static void build_data_key(struct dm_thin_device *td, dm_block_t b, 131 133 struct dm_cell_key *key) 132 134 { 133 - build_key(td, PHYSICAL, b, b + 1llu, key); 135 + (void) build_key(td, PHYSICAL, b, b + 1llu, key); 134 136 } 135 137 136 138 static void build_virtual_key(struct dm_thin_device *td, dm_block_t b, 137 139 struct dm_cell_key *key) 138 140 { 139 - build_key(td, VIRTUAL, b, b + 1llu, key); 141 + (void) build_key(td, VIRTUAL, b, b + 1llu, key); 140 142 } 141 143 142 144 /*----------------------------------------------------------------*/ ··· 1704 1702 << BIO_PRISON_MAX_RANGE_SHIFT; 1705 1703 len = min_t(sector_t, data_end - data_begin, next_boundary - data_begin); 1706 1704 1707 - build_key(tc->td, PHYSICAL, data_begin, data_begin + len, &data_key); 1705 + /* This key is certainly within range given the above splitting */ 1706 + (void) build_key(tc->td, PHYSICAL, data_begin, data_begin + len, &data_key); 1708 1707 if (bio_detain(tc->pool, &data_key, NULL, &data_cell)) { 1709 1708 /* contention, we'll give up with this range */ 1710 1709 data_begin += len; ··· 1781 1778 return; 1782 1779 } 1783 1780 1784 - build_key(tc->td, VIRTUAL, begin, end, &virt_key); 1785 - if (bio_detain(tc->pool, &virt_key, bio, &virt_cell)) 1781 + if (unlikely(!build_key(tc->td, VIRTUAL, begin, end, &virt_key))) { 1782 + DMERR_LIMIT("Discard doesn't respect bio prison limits"); 1783 + bio_endio(bio); 1784 + return; 1785 + } 1786 + 1787 + if (bio_detain(tc->pool, &virt_key, bio, &virt_cell)) { 1786 1788 /* 1787 1789 * Potential starvation issue: We're relying on the 1788 1790 * fs/application being well behaved, and not trying to ··· 1796 1788 * cell will never be granted. 1797 1789 */ 1798 1790 return; 1791 + } 1799 1792 1800 1793 tc->pool->process_discard_cell(tc, virt_cell); 1801 1794 }