fb1c56d1d2
[ Upstream commit e274832590211c4b1b1e807ca66fad8b5bb8b328 ] In null_init_zone_dev() check if the zone size is larger than device capacity, return error if needed. This also fixes the following oops :- null_blk: changed the number of conventional zones to 4294967295 BUG: kernel NULL pointer dereference, address: 0000000000000010 PGD 7d76c5067 P4D 7d76c5067 PUD 7d240c067 PMD 0 Oops: 0002 [#1] SMP NOPTI CPU: 4 PID: 5508 Comm: nullbtests.sh Tainted: G OE 5.7.0-rc4lblk-fnext0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e4 RIP: 0010:null_init_zoned_dev+0x17a/0x27f [null_blk] RSP: 0018:ffffc90007007e00 EFLAGS: 00010246 RAX: 0000000000000020 RBX: ffff8887fb3f3c00 RCX: 0000000000000007 RDX: 0000000000000000 RSI: ffff8887ca09d688 RDI: ffff888810fea510 RBP: 0000000000000010 R08: ffff8887ca09d688 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8887c26e8000 R13: ffffffffa05e9390 R14: 0000000000000000 R15: 0000000000000001 FS: 00007fcb5256f740(0000) GS:ffff888810e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000010 CR3: 000000081e8fe000 CR4: 00000000003406e0 Call Trace: null_add_dev+0x534/0x71b [null_blk] nullb_device_power_store.cold.41+0x8/0x2e [null_blk] configfs_write_file+0xe6/0x150 vfs_write+0xba/0x1e0 ksys_write+0x5f/0xe0 do_syscall_64+0x60/0x250 entry_SYSCALL_64_after_hwframe+0x49/0xb3 RIP: 0033:0x7fcb51c71840 Signed-off-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Sasha Levin <sashal@kernel.org>
147 lines
3.5 KiB
C
147 lines
3.5 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
#include <linux/vmalloc.h>
|
|
#include "null_blk.h"
|
|
|
|
/* zone_size in MBs to sectors. */
|
|
#define ZONE_SIZE_SHIFT 11
|
|
|
|
static inline unsigned int null_zone_no(struct nullb_device *dev, sector_t sect)
|
|
{
|
|
return sect >> ilog2(dev->zone_size_sects);
|
|
}
|
|
|
|
int null_zone_init(struct nullb_device *dev)
|
|
{
|
|
sector_t dev_size = (sector_t)dev->size * 1024 * 1024;
|
|
sector_t sector = 0;
|
|
unsigned int i;
|
|
|
|
if (!is_power_of_2(dev->zone_size)) {
|
|
pr_err("null_blk: zone_size must be power-of-two\n");
|
|
return -EINVAL;
|
|
}
|
|
if (dev->zone_size > dev->size) {
|
|
pr_err("Zone size larger than device capacity\n");
|
|
return -EINVAL;
|
|
}
|
|
|
|
dev->zone_size_sects = dev->zone_size << ZONE_SIZE_SHIFT;
|
|
dev->nr_zones = dev_size >>
|
|
(SECTOR_SHIFT + ilog2(dev->zone_size_sects));
|
|
dev->zones = kvmalloc_array(dev->nr_zones, sizeof(struct blk_zone),
|
|
GFP_KERNEL | __GFP_ZERO);
|
|
if (!dev->zones)
|
|
return -ENOMEM;
|
|
|
|
for (i = 0; i < dev->nr_zones; i++) {
|
|
struct blk_zone *zone = &dev->zones[i];
|
|
|
|
zone->start = zone->wp = sector;
|
|
zone->len = dev->zone_size_sects;
|
|
zone->type = BLK_ZONE_TYPE_SEQWRITE_REQ;
|
|
zone->cond = BLK_ZONE_COND_EMPTY;
|
|
|
|
sector += dev->zone_size_sects;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
void null_zone_exit(struct nullb_device *dev)
|
|
{
|
|
kvfree(dev->zones);
|
|
}
|
|
|
|
static void null_zone_fill_bio(struct nullb_device *dev, struct bio *bio,
|
|
unsigned int zno, unsigned int nr_zones)
|
|
{
|
|
struct blk_zone_report_hdr *hdr = NULL;
|
|
struct bio_vec bvec;
|
|
struct bvec_iter iter;
|
|
void *addr;
|
|
unsigned int zones_to_cpy;
|
|
|
|
bio_for_each_segment(bvec, bio, iter) {
|
|
addr = kmap_atomic(bvec.bv_page);
|
|
|
|
zones_to_cpy = bvec.bv_len / sizeof(struct blk_zone);
|
|
|
|
if (!hdr) {
|
|
hdr = (struct blk_zone_report_hdr *)addr;
|
|
hdr->nr_zones = nr_zones;
|
|
zones_to_cpy--;
|
|
addr += sizeof(struct blk_zone_report_hdr);
|
|
}
|
|
|
|
zones_to_cpy = min_t(unsigned int, zones_to_cpy, nr_zones);
|
|
|
|
memcpy(addr, &dev->zones[zno],
|
|
zones_to_cpy * sizeof(struct blk_zone));
|
|
|
|
kunmap_atomic(addr);
|
|
|
|
nr_zones -= zones_to_cpy;
|
|
zno += zones_to_cpy;
|
|
|
|
if (!nr_zones)
|
|
break;
|
|
}
|
|
}
|
|
|
|
blk_status_t null_zone_report(struct nullb *nullb, struct bio *bio)
|
|
{
|
|
struct nullb_device *dev = nullb->dev;
|
|
unsigned int zno = null_zone_no(dev, bio->bi_iter.bi_sector);
|
|
unsigned int nr_zones = dev->nr_zones - zno;
|
|
unsigned int max_zones;
|
|
|
|
max_zones = (bio->bi_iter.bi_size / sizeof(struct blk_zone)) - 1;
|
|
nr_zones = min_t(unsigned int, nr_zones, max_zones);
|
|
null_zone_fill_bio(nullb->dev, bio, zno, nr_zones);
|
|
|
|
return BLK_STS_OK;
|
|
}
|
|
|
|
void null_zone_write(struct nullb_cmd *cmd, sector_t sector,
|
|
unsigned int nr_sectors)
|
|
{
|
|
struct nullb_device *dev = cmd->nq->dev;
|
|
unsigned int zno = null_zone_no(dev, sector);
|
|
struct blk_zone *zone = &dev->zones[zno];
|
|
|
|
switch (zone->cond) {
|
|
case BLK_ZONE_COND_FULL:
|
|
/* Cannot write to a full zone */
|
|
cmd->error = BLK_STS_IOERR;
|
|
break;
|
|
case BLK_ZONE_COND_EMPTY:
|
|
case BLK_ZONE_COND_IMP_OPEN:
|
|
/* Writes must be at the write pointer position */
|
|
if (sector != zone->wp) {
|
|
cmd->error = BLK_STS_IOERR;
|
|
break;
|
|
}
|
|
|
|
if (zone->cond == BLK_ZONE_COND_EMPTY)
|
|
zone->cond = BLK_ZONE_COND_IMP_OPEN;
|
|
|
|
zone->wp += nr_sectors;
|
|
if (zone->wp == zone->start + zone->len)
|
|
zone->cond = BLK_ZONE_COND_FULL;
|
|
break;
|
|
default:
|
|
/* Invalid zone condition */
|
|
cmd->error = BLK_STS_IOERR;
|
|
break;
|
|
}
|
|
}
|
|
|
|
void null_zone_reset(struct nullb_cmd *cmd, sector_t sector)
|
|
{
|
|
struct nullb_device *dev = cmd->nq->dev;
|
|
unsigned int zno = null_zone_no(dev, sector);
|
|
struct blk_zone *zone = &dev->zones[zno];
|
|
|
|
zone->cond = BLK_ZONE_COND_EMPTY;
|
|
zone->wp = zone->start;
|
|
}
|