From: Keith Busch <[email protected]> This addresses the misaligned direct-io problem behind various threads:
https://lore.kernel.org/linux-xfs/[email protected]/ https://lore.kernel.org/all/CAC_j7i1R7oy+nRhxEjCTba=dugn02w9x+p94dcu0ahv5+5t...@mail.gmail.com/ https://lore.kernel.org/linux-block/ai7rnH20IYeSmY8s@gallifrey/ https://lore.kernel.org/linux-block/[email protected]/ The various tested fixes are correct as far as they go, but they treat the symptom: they only matter because an invalid bio reaches those drivers in the first place. The reason it reaches them is an assumption I made when I removed direct-io alignment checks in 5ff3f74e145a ("block: simplify direct io validity check") and 7eac331869575 ("iomap: simplify direct io validity check"): every bio is eventually split to the device limits, and the upper layers cope with resulting errors once the bio has formed. Both were optimistic assumptions. Drivers with their own ->submit_bio may never pass through blk_mq_submit_bio()'s split, so the check never runs for them, and as numerous threads showed, the consumers don't uniformly handle this condition. This patch stops the invalid bio at the source instead. It validates the buffer's alignment against the alignment limits when the bio is built from the iov_iter. The check is folded into the bvec extraction that already walks the vectors, so it adds only a comparison on a path that is pinning direct-io pages anyway. Misalignment is now uniformly rejected with EINVAL before submission for every direct-io submission path. With this in place, the dm side changes under discussion are no longer required to fix the bugs: the affected targets simply never see the invalid bio. The tested patches remain reasonable as defense-in-depth if desired, but they are not strictly necessary after this. Keith Busch (1): block: validate user space vectors during extraction block/bio.c | 19 ++++++++++++++++--- block/blk-map.c | 2 +- block/fops.c | 3 ++- fs/iomap/direct-io.c | 3 ++- include/linux/bio.h | 2 +- include/linux/uio.h | 3 ++- lib/iov_iter.c | 9 ++++++++- 7 files changed, 32 insertions(+), 9 deletions(-) -- 2.52.0
