block: eliminate potential for infinite loop in blkdev_issue_discard

Due to the recently identified overflow in read_capacity_16() it was possible for max_discard_sectors to be zero but still have discards enabled on the associated device's queue. Eliminate the possibility for blkdev_issue_discard to infinitely loop. Interestingly this issue wasn't identified until a device, whose discard_granularity was 0 due to read_capacity_16 overflow, was consumed by blk_stack_limits() to construct limits for a higher-level DM multipath device. The multipath device's resulting limits never had the discard limits stacked because blk_stack_limits() will only do so if the bottom device's discard_granularity != 0. This resulted in the multipath device's limits.max_discard_sectors being 0. Signed-off-by: Mike Snitzer <snitzer@redhat.com> Signed-off-by: Jens Axboe <jaxboe@fusionio.com>

block: eliminate potential for infinite loop in blkdev_issue_discard
Due to the recently identified overflow in read_capacity_16() it was possible for max_discard_sectors to be zero but still have discards enabled on the associated device's queue. Eliminate the possibility for blkdev_issue_discard to infinitely loop. Interestingly this issue wasn't identified until a device, whose discard_granularity was 0 due to read_capacity_16 overflow, was consumed by blk_stack_limits() to construct limits for a higher-level DM multipath device. The multipath device's resulting limits never had the discard limits stacked because blk_stack_limits() will only do so if the bottom device's discard_granularity != 0. This resulted in the multipath device's limits.max_discard_sectors being 0. Signed-off-by: Mike Snitzer <snitzer@redhat.com> Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
Mike Snitzer · Jens Axboe
1 parent 390192b300
Showing 1 changed file with 4 additions and 1 deletions Side-by-side Diff
block/blk-lib.c
@@ -59,7 +59,10 @@
 	 * granularity
 	 */
 	max_discard_sectors = min(q->limits.max_discard_sectors, UINT_MAX >> 9);
-	if (q->limits.discard_granularity) {
+	if (!unlikely(!max_discard_sectors)) {
+		/* Avoid infinite loop below. Being cautious never hurts. */
+		return -EOPNOTSUPP;
+	} else if (q->limits.discard_granularity) {
 		unsigned int disc_sects = q->limits.discard_granularity >> 9;
  
 		max_discard_sectors &= ~(disc_sects - 1);
...	...	@@ -59,7 +59,10 @@
59	59	* granularity
60	60	*/
61	61	max_discard_sectors = min(q->limits.max_discard_sectors, UINT_MAX >> 9);
62		- if (q->limits.discard_granularity) {
	62	+ if (!unlikely(!max_discard_sectors)) {
	63	+ /* Avoid infinite loop below. Being cautious never hurts. */
	64	+ return -EOPNOTSUPP;
	65	+ } else if (q->limits.discard_granularity) {
63	66	unsigned int disc_sects = q->limits.discard_granularity >> 9;
64	67
65	68	max_discard_sectors &= ~(disc_sects - 1);