commit ff63198850f33eab54b2da6905380fd4d4fc0739 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Revert "virtio-blk: Add validation for block size in config space"

It turns out that access to config space before completing the feature
negotiation is broken for big endian guests at least with QEMU hosts up
to 6.1 inclusive. This affects any device that accesses config space in
the validate callback: at the moment that is virtio-net with
VIRTIO_NET_F_MTU but since 82e89ea077b9 ("virtio-blk: Add validation for
block size in config space") that also started affecting virtio-blk with
VIRTIO_BLK_F_BLK_SIZE. Further, unlike VIRTIO_NET_F_MTU which is off by
default on QEMU, VIRTIO_BLK_F_BLK_SIZE is on by default, which resulted
in lots of people not being able to boot VMs on BE.

The spec is very clear that what we are doing is legal so QEMU needs to
be fixed, but given it's been broken for so many years and no one
noticed, we need to give QEMU a bit more time before applying this.

Further, this patch is incomplete (does not check blk size is a power
of two) and it duplicates the logic from nbd.

Revert for now, and we'll reapply a cleaner logic in the next release.

Cc: stable@vger.kernel.org
Fixes: 82e89ea077b9 ("virtio-blk: Add validation for block size in config space")
Cc: Xie Yongji <xieyongji@bytedance.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Michael S. Tsirkin 4 years ago ff631988 97f854be

+6 -31

1 changed file

expand all

unified split

drivers

block

virtio_blk.c

+6 -31

drivers/block/virtio_blk.c

··· 689 static unsigned int virtblk_queue_depth; 690 module_param_named(queue_depth, virtblk_queue_depth, uint, 0444); 691 692 - static int virtblk_validate(struct virtio_device *vdev) 693 - { 694 - u32 blk_size; 695 - 696 - if (!vdev->config->get) { 697 - dev_err(&vdev->dev, "%s failure: config access disabled\n", 698 - __func__); 699 - return -EINVAL; 700 - } 701 - 702 - if (!virtio_has_feature(vdev, VIRTIO_BLK_F_BLK_SIZE)) 703 - return 0; 704 - 705 - blk_size = virtio_cread32(vdev, 706 - offsetof(struct virtio_blk_config, blk_size)); 707 - 708 - if (blk_size < SECTOR_SIZE || blk_size > PAGE_SIZE) 709 - __virtio_clear_bit(vdev, VIRTIO_BLK_F_BLK_SIZE); 710 - 711 - return 0; 712 - } 713 - 714 static int virtblk_probe(struct virtio_device *vdev) 715 { 716 struct virtio_blk *vblk; ··· 699 u16 min_io_size; 700 u8 physical_block_exp, alignment_offset; 701 unsigned int queue_depth; 702 703 err = ida_simple_get(&vd_index_ida, 0, minor_to_index(1 << MINORBITS), 704 GFP_KERNEL); ··· 819 blk_queue_logical_block_size(q, blk_size); 820 else 821 blk_size = queue_logical_block_size(q); 822 - 823 - if (blk_size < SECTOR_SIZE || blk_size > PAGE_SIZE) { 824 - dev_err(&vdev->dev, 825 - "block size is changed unexpectedly, now is %u\n", 826 - blk_size); 827 - err = -EINVAL; 828 - goto out_cleanup_disk; 829 - } 830 831 /* Use topology information if available */ 832 err = virtio_cread_feature(vdev, VIRTIO_BLK_F_TOPOLOGY, ··· 985 .driver.name = KBUILD_MODNAME, 986 .driver.owner = THIS_MODULE, 987 .id_table = id_table, 988 - .validate = virtblk_validate, 989 .probe = virtblk_probe, 990 .remove = virtblk_remove, 991 .config_changed = virtblk_config_changed,

··· 689 static unsigned int virtblk_queue_depth; 690 module_param_named(queue_depth, virtblk_queue_depth, uint, 0444); 691 692 static int virtblk_probe(struct virtio_device *vdev) 693 { 694 struct virtio_blk *vblk; ··· 721 u16 min_io_size; 722 u8 physical_block_exp, alignment_offset; 723 unsigned int queue_depth; 724 + 725 + if (!vdev->config->get) { 726 + dev_err(&vdev->dev, "%s failure: config access disabled\n", 727 + __func__); 728 + return -EINVAL; 729 + } 730 731 err = ida_simple_get(&vd_index_ida, 0, minor_to_index(1 << MINORBITS), 732 GFP_KERNEL); ··· 835 blk_queue_logical_block_size(q, blk_size); 836 else 837 blk_size = queue_logical_block_size(q); 838 839 /* Use topology information if available */ 840 err = virtio_cread_feature(vdev, VIRTIO_BLK_F_TOPOLOGY, ··· 1009 .driver.name = KBUILD_MODNAME, 1010 .driver.owner = THIS_MODULE, 1011 .id_table = id_table, 1012 .probe = virtblk_probe, 1013 .remove = virtblk_remove, 1014 .config_changed = virtblk_config_changed,