Adding more Cc and stable (i thought this was 5.1 addition). Note that without this patch on arch/kernel where PAGE_SIZE != 4096 userspace could read random memory through a zram block device (thought userspace probably would have no control on the address being read).
On Mon, Apr 08, 2019 at 02:32:19PM -0400, jglisse@redhat.com wrote:
From: Jérôme Glisse jglisse@redhat.com
When scheduling work item to read page we need to pass down the proper bvec struct which point to the page to read into. Before this patch it uses randomly initialized bvec (only if PAGE_SIZE != 4096) which is wrong.
Signed-off-by: Jérôme Glisse jglisse@redhat.com Cc: Minchan Kim minchan@kernel.org Cc: Nitin Gupta ngupta@vflare.org Cc: Sergey Senozhatsky sergey.senozhatsky.work@gmail.com Cc: linux-kernel@vger.kernel.org
drivers/block/zram/zram_drv.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 399cad7daae7..d58a359a6622 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -774,18 +774,18 @@ struct zram_work { struct zram *zram; unsigned long entry; struct bio *bio;
- struct bio_vec bvec;
}; #if PAGE_SIZE != 4096 static void zram_sync_read(struct work_struct *work) {
- struct bio_vec bvec; struct zram_work *zw = container_of(work, struct zram_work, work); struct zram *zram = zw->zram; unsigned long entry = zw->entry; struct bio *bio = zw->bio;
- read_from_bdev_async(zram, &bvec, entry, bio);
- read_from_bdev_async(zram, &zw->bvec, entry, bio);
} /* @@ -798,6 +798,7 @@ static int read_from_bdev_sync(struct zram *zram, struct bio_vec *bvec, { struct zram_work work;
- work.bvec = *bvec; work.zram = zram; work.entry = entry; work.bio = bio;
-- 2.20.1
On Wed, 10 Apr 2019 15:43:50 -0400 Jerome Glisse jglisse@redhat.com wrote:
Adding more Cc and stable (i thought this was 5.1 addition). Note that without this patch on arch/kernel where PAGE_SIZE != 4096 userspace could read random memory through a zram block device (thought userspace probably would have no control on the address being read).
Looks good to me.
Minchan & Sergey, can you please review?
From: Jérôme Glisse jglisse@redhat.com Subject: zram: pass down the bvec we need to read into in the work struct
When scheduling work item to read page we need to pass down the proper bvec struct which points to the page to read into. Before this patch it uses a randomly initialized bvec (only if PAGE_SIZE != 4096) which is wrong.
Note that without this patch on arch/kernel where PAGE_SIZE != 4096 userspace could read random memory through a zram block device (thought userspace probably would have no control on the address being read).
Link: http://lkml.kernel.org/r/20190408183219.26377-1-jglisse@redhat.com Signed-off-by: Jérôme Glisse jglisse@redhat.com Reviewed-by: Andrew Morton akpm@linux-foundation.org Cc: Minchan Kim minchan@kernel.org Cc: Nitin Gupta ngupta@vflare.org Cc: Sergey Senozhatsky sergey.senozhatsky.work@gmail.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org ---
drivers/block/zram/zram_drv.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
--- a/drivers/block/zram/zram_drv.c~zram-pass-down-the-bvec-we-need-to-read-into-in-the-work-struct +++ a/drivers/block/zram/zram_drv.c @@ -774,18 +774,18 @@ struct zram_work { struct zram *zram; unsigned long entry; struct bio *bio; + struct bio_vec bvec; };
#if PAGE_SIZE != 4096 static void zram_sync_read(struct work_struct *work) { - struct bio_vec bvec; struct zram_work *zw = container_of(work, struct zram_work, work); struct zram *zram = zw->zram; unsigned long entry = zw->entry; struct bio *bio = zw->bio;
- read_from_bdev_async(zram, &bvec, entry, bio); + read_from_bdev_async(zram, &zw->bvec, entry, bio); }
/* @@ -798,6 +798,7 @@ static int read_from_bdev_sync(struct zr { struct zram_work work;
+ work.bvec = *bvec; work.zram = zram; work.entry = entry; work.bio = bio; _
On (04/16/19 16:53), Andrew Morton wrote:
Adding more Cc and stable (i thought this was 5.1 addition). Note that without this patch on arch/kernel where PAGE_SIZE != 4096 userspace could read random memory through a zram block device (thought userspace probably would have no control on the address being read).
Looks good to me.
Minchan & Sergey, can you please review?
Sorry.
Looks OK to me.
Reviewed-by: Sergey Senozhatsky sergey.senozhatsky@gmail.com
-ss
linux-stable-mirror@lists.linaro.org
-
Andrew Morton -
Jerome Glisse -
Sergey Senozhatsky