From 422652e5f361c254af0057bde70eab171e132596 Mon Sep 17 00:00:00 2001 From: zhongjiang-ali Date: Tue, 9 Jun 2020 14:09:04 +0800 Subject: [PATCH] alinux: block: replace reserved field with extended bio_flags task #28327019 Commit bc0cc3606caf ("alinux: blk-throttle: fix tg NULL pointer dereference") add an self-defined bio flags to fix an issue of use-after-free. But it is limited to 13 entry and has used up, hence it will fails to sync related patch. The patch replace reserved field with extended bio_flags to allow us to define more bio flags. Reviewed-by: Xunlei Pang Signed-off-by: zhongjiang-ali --- block/blk-throttle.c | 8 ++++---- include/linux/bio.h | 15 +++++++++++++++ include/linux/blk_types.h | 9 +++++++-- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/block/blk-throttle.c b/block/blk-throttle.c index c0e35459a144..3e064438082e 100644 --- a/block/blk-throttle.c +++ b/block/blk-throttle.c @@ -1120,7 +1120,7 @@ static void throtl_bio_end_io(struct bio *bio) rcu_read_lock(); /* see comments in throtl_bio_stats_start() */ - if (!bio_flagged(bio, BIO_THROTL_STATED)) + if (!bio_ext_flagged(bio, BIO_THROTL_STATED)) goto out; tg = (struct throtl_grp *)bio->bi_tg_private; @@ -1131,7 +1131,7 @@ static void throtl_bio_end_io(struct bio *bio) bio_io_start_time_ns(bio), bio_op(bio)); blkg_put(tg_to_blkg(tg)); - bio_clear_flag(bio, BIO_THROTL_STATED); + bio_clear_ext_flag(bio, BIO_THROTL_STATED); out: rcu_read_unlock(); } @@ -1147,9 +1147,9 @@ static inline void throtl_bio_stats_start(struct bio *bio, struct throtl_grp *tg * BIO_THROTL_STATED to do only once statistics. */ if ((op == REQ_OP_READ || op == REQ_OP_WRITE) && - !bio_flagged(bio, BIO_THROTL_STATED)) { + !bio_ext_flagged(bio, BIO_THROTL_STATED)) { blkg_get(tg_to_blkg(tg)); - bio_set_flag(bio, BIO_THROTL_STATED); + bio_set_ext_flag(bio, BIO_THROTL_STATED); bio->bi_tg_end_io = throtl_bio_end_io; bio->bi_tg_private = tg; bio_set_start_time_ns(bio); diff --git a/include/linux/bio.h b/include/linux/bio.h index 7d5e3f6d61b4..9d03f87af80d 100644 --- a/include/linux/bio.h +++ b/include/linux/bio.h @@ -291,6 +291,21 @@ static inline void bio_clear_flag(struct bio *bio, unsigned int bit) bio->bi_flags &= ~(1U << bit); } +static inline bool bio_ext_flagged(struct bio *bio, unsigned int bit) +{ + return (bio->bi_ext_flags & (1U << bit)) != 0; +} + +static inline void bio_set_ext_flag(struct bio *bio, unsigned int bit) +{ + bio->bi_ext_flags |= (1U << bit); +} + +static inline void bio_clear_ext_flag(struct bio *bio, unsigned int bit) +{ + bio->bi_ext_flags &= ~(1U << bit); +} + static inline void bio_get_first_bvec(struct bio *bio, struct bio_vec *bv) { *bv = bio_iovec(bio); diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 742314d0a7f1..528d5ec60a4f 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -214,8 +214,9 @@ struct bio { struct bio_set *bi_pool; + unsigned long bi_ext_flags; /* extend the bi_flags */ + ALI_HOTFIX_RESERVE(1) - ALI_HOTFIX_RESERVE(2) /* * We can inline a number of vecs at the end of the bio, to avoid @@ -244,7 +245,11 @@ struct bio { #define BIO_TRACE_COMPLETION 10 /* bio_endio() should trace the final completion * of this bio. */ #define BIO_QUEUE_ENTERED 11 /* can use blk_queue_enter_live() */ -#define BIO_THROTL_STATED 12 /* bio already stated */ + +/* + * Extend bio flags should be added in here + */ +#define BIO_THROTL_STATED 0 /* bio already stated */ /* See BVEC_POOL_OFFSET below before adding new flags */ -- GitLab