Restricting max_sectors is not enough.
If someone uses bio_add_page to add 8 disjunct 512 byte
partial pages to a bio, it would succeed,
but could still cross a border of whatever restrictions
are below us (raid0 stripe boundary). An attempted
bio_split would not succeed, because bi_vcnt is 8.
E.g. the xen io layer is known to do trigger this.
Signed-off-by: Lars Ellenberg <lars.ellenberg@xxxxxxxxxx>
---
should maybe be "backported" to the stable series kernels as well,
at least if one plans to use xen vm's on top of lvm on top of
md or drbd.
drivers/md/dm-table.c | 13 ++++++++++++-
1 files changed, 12 insertions(+), 1 deletions(-)
diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c
index 798e468..5995381 100644
--- a/drivers/md/dm-table.c
+++ b/drivers/md/dm-table.c
@@ -512,11 +512,22 @@ void dm_set_device_limits(struct dm_target *ti, struct block_device *bdev)
* smaller I/O, just to be safe.
*/
- if (q->merge_bvec_fn && !ti->type->merge)
+ if (q->merge_bvec_fn && !ti->type->merge) {
rs->max_sectors =
min_not_zero(rs->max_sectors,
(unsigned int) (PAGE_SIZE >> 9));
+ /* Restricting max_sectors is not enough.
+ * If someone uses bio_add_page to add 8 disjunct 512 byte
+ * partial pages to a bio, it would succeed,
+ * but could still cross a border of whatever restrictions
+ * are below us (raid0 stripe boundary). An attempted
+ * bio_split would not succeed, because bi_vcnt is 8.
+ * E.g. the xen io layer is known to do trigger this.
+ */
+ rs->max_phys_segments = 1;
+ }
+
rs->max_phys_segments =
min_not_zero(rs->max_phys_segments,
q->max_phys_segments);
--
1.5.5.GIT
--
: Lars Ellenberg Tel +43-1-8178292-55 :
: LINBIT Information Technologies GmbH Fax +43-1-8178292-82 :
: Vivenotgasse 48, A-1120 Vienna/Europe http://www.linbit.com :
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
