On Tue, Sep 15, 2020 at 08:53:15PM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > bio_crypt_set_ctx() assumes its gfp_mask argument always includes > __GFP_DIRECT_RECLAIM, so that the mempool_alloc() will always succeed. > > For now this assumption is still fine, since no callers violate it. > Making bio_crypt_set_ctx() able to fail would add unneeded complexity. > > However, if a caller didn't use __GFP_DIRECT_RECLAIM, it would be very > hard to notice the bug. Make it easier by adding a WARN_ON_ONCE(). > > Cc: Miaohe Lin <linmiaohe@xxxxxxxxxx> > Cc: Satya Tangirala <satyat@xxxxxxxxxx> > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> > --- > block/blk-crypto.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/block/blk-crypto.c b/block/blk-crypto.c > index bbe7974fd74f0..5da43f0973b46 100644 > --- a/block/blk-crypto.c > +++ b/block/blk-crypto.c > @@ -81,7 +81,15 @@ subsys_initcall(bio_crypt_ctx_init); > void bio_crypt_set_ctx(struct bio *bio, const struct blk_crypto_key *key, > const u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE], gfp_t gfp_mask) > { > - struct bio_crypt_ctx *bc = mempool_alloc(bio_crypt_ctx_pool, gfp_mask); > + struct bio_crypt_ctx *bc; > + > + /* > + * The caller must use a gfp_mask that contains __GFP_DIRECT_RECLAIM so > + * that the mempool_alloc() can't fail. > + */ > + WARN_ON_ONCE(!(gfp_mask & __GFP_DIRECT_RECLAIM)); > + > + bc = mempool_alloc(bio_crypt_ctx_pool, gfp_mask); > > bc->bc_key = key; > memcpy(bc->bc_dun, dun, sizeof(bc->bc_dun)); > -- Looks good! Reviewed-by: Satya Tangirala <satyat@xxxxxxxxxx> > 2.28.0 >