[RHEL7,COMMIT] fuse: Relax BUG_ON() in fuse_direct_IO_bvec()

Submitted by Konstantin Khorenko on July 10, 2018, 11:27 a.m.

Details

Message ID 201807101127.w6ABRUvx028885@finist_ce7.work
State New
Series "fuse: Relax BUG_ON() in fuse_direct_IO_bvec()"
Headers show

Commit Message

Konstantin Khorenko July 10, 2018, 11:27 a.m.
The commit is pushed to "branch-rh7-3.10.0-862.6.3.vz7.62.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.6.3.vz7.62.2
------>
commit d5000f4605f0bbc7cbb5df15a44f9ac66228a8f5
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Tue Jul 10 14:27:30 2018 +0300

    fuse: Relax BUG_ON() in fuse_direct_IO_bvec()
    
    This check is introduced by commit 64d710175251 "fuse: assert i_size boundaries
    for fuse_direct_IO_bvec".
    
    The commit does not say it's related to kio or to fuse in general, but since
    the function can fail, and this is just fuse staff, let's relax the check and
    to return -EINVAL if such the situation happens instead of crash.
    
    https://jira.sw.ru/browse/PSBM-86446
    
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
    Reviewed-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
    Acked-by: Konstantin Khorenko <khorenko@virtuozzo.com>
    
    dmonakhov@:
    AFAIK compressed-ploop always increases file size in advance before sending
    bio.  So the check should be valid for both ploop over pStorage with fastpath
    feture and without it.  It's check like bio_check_eod().
    
    Probably we should just fail bio which exceeds the file size not crashing the
    kernel, but anyway if compressed ploop sends bio which exceeds the file size -
    it's a violation of the rule that image size must always be increased in
    advance with help of truncate() aligned to ploop-fs-block size (1MB).
    
    At the same time some other code apart from extendable ploop (for example raw
    ploop) may use fuse_direct_IO_bvec() in the case when i_size is changing, so
    the check may be relaxed for those cases.
    
    khorenko@:
    1) use WARN_ONCE() in order to taint kernel as well, may be useful to
       catch the problem later.
    
    2) let's leave the check in fuse_direct_IO_bvec() for all cases, that way we
       findout of raw ploops really send bio-s which exceed fize size.
---
 fs/fuse/file.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index f96667cdabc8..7f762c87d3bc 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -3475,7 +3475,10 @@  static ssize_t fuse_direct_IO_bvec(int rw, struct kiocb *iocb,
 	int i;
 
 	/* TODO: File extension is not yet implemented */
-	BUG_ON(offset + bvec_length(bvec, bvec_len) > i_size);
+	if (offset + bvec_length(bvec, bvec_len) > i_size) {
+		WARN_ONCE(1, "fuse: file extension is not implemented yet\n");
+		return -EINVAL;
+	}
 
 	if (nmax > FUSE_MAX_PAGES_PER_REQ << PAGE_SHIFT)
 		nmax = FUSE_MAX_PAGES_PER_REQ << PAGE_SHIFT;