[Backport request] blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello stable kernel maintainers,

Please backport patch 327ea4adcfa3 ("blkdev_report_zones_ioctl():
Use vmalloc() to allocate large buffers") to at least the v4.17.x and
v4.14.y stable kernel series. That patch fixes a bug introduced in
kernel v4.10. The entire patch is shown below.

Thanks,

Bart.


commit cf0110698846fc5a93df89eb20ac7cc70a860c17
Author: Bart Van Assche <bart.vanassche@xxxxxxx>
Date:   Tue May 22 08:27:22 2018 -0700

    blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
    
    Avoid that complaints similar to the following appear in the kernel log
    if the number of zones is sufficiently large:
    
      fio: page allocation failure: order:9, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null)
      Call Trace:
      dump_stack+0x63/0x88
      warn_alloc+0xf5/0x190
      __alloc_pages_slowpath+0x8f0/0xb0d
      __alloc_pages_nodemask+0x242/0x260
      alloc_pages_current+0x6a/0xb0
      kmalloc_order+0x18/0x50
      kmalloc_order_trace+0x26/0xb0
      __kmalloc+0x20e/0x220
      blkdev_report_zones_ioctl+0xa5/0x1a0
      blkdev_ioctl+0x1ba/0x930
      block_ioctl+0x41/0x50
      do_vfs_ioctl+0xaa/0x610
      SyS_ioctl+0x79/0x90
      do_syscall_64+0x79/0x1b0
      entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    
    Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls")
    Signed-off-by: Bart Van Assche <bart.vanassche@xxxxxxx>
    Cc: Shaun Tancheff <shaun.tancheff@xxxxxxxxxxx>
    Cc: Damien Le Moal <damien.lemoal@xxxxxxxx>
    Cc: Christoph Hellwig <hch@xxxxxx>
    Cc: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
    Cc: Hannes Reinecke <hare@xxxxxxxx>
    Cc: <stable@xxxxxxxxxxxxxxx>
    Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>

diff --git a/block/blk-zoned.c b/block/blk-zoned.c
index 08e84ef2bc05..3d08dc84db16 100644
--- a/block/blk-zoned.c
+++ b/block/blk-zoned.c
@@ -328,7 +328,11 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode,
 	if (!rep.nr_zones)
 		return -EINVAL;
 
-	zones = kcalloc(rep.nr_zones, sizeof(struct blk_zone), GFP_KERNEL);
+	if (rep.nr_zones > INT_MAX / sizeof(struct blk_zone))
+		return -ERANGE;
+
+	zones = kvmalloc(rep.nr_zones * sizeof(struct blk_zone),
+			GFP_KERNEL | __GFP_ZERO);
 	if (!zones)
 		return -ENOMEM;
 
@@ -350,7 +354,7 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode,
 	}
 
  out:
-	kfree(zones);
+	kvfree(zones);
 
 	return ret;
 }
[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux