Received: by 2002:ab2:6309:0:b0:1fb:d597:ff75 with SMTP id s9csp472055lqt; Thu, 6 Jun 2024 08:51:09 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUTisklb9apaoOjfwZjzarkXKgYDYzEWqOE7pKlzx6rYyCo/u/qf/KF1344T1j7P1jUwWJiWNATC/UKG4z7ryR+RpJLhP2P3WPVRUDRQQ== X-Google-Smtp-Source: AGHT+IEgG3sBdJumfHpvSkWAEi2uj7BRi46xflnNREdeIZbaPvq01d3zkteAjO7+/ej7MfiYDUwI X-Received: by 2002:a05:6a20:12d5:b0:1af:cbd3:ab48 with SMTP id adf61e73a8af0-1b2b6e3d462mr6765041637.3.1717689069315; Thu, 06 Jun 2024 08:51:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717689068; cv=pass; d=google.com; s=arc-20160816; b=pATzJrCQT7lzooFFck+H3buUCNp8bTSx9BkelCSoJIvDwghWPsziNYT2vhwWKZn7Be SACpl3nlhph1QMmXn3PfOWMxzmw62+MRdJx8zDodo0D4ay3MTScem73CBAld0ab5cU9L Waz9HOB2cCBnkdkb5zjGofQBjjGWyrmwWMPqt65MFG5Um1PJwQHeS1DZaoPANXRwUovu Izzec8eQEX70kmEMU9onPOa8MnM8mq1CzYA7TIyKuyUfcnqwlzF8c8HN5ESE6OMfroVs hPVke/B+l3RT2AitWNw2iSqjoFBII44/90t5A40FJQswdJ/1STXlt1ij8k2OZ+qI5lrg TqKQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=cPggZ9pVR9qxpKAQI4zXgMoKYPYmbU5ua2LBIpa8czI=; fh=xzfvzxJF2xSTGH3u0DOAtekoUDcRs/07vWbL6m/FbtQ=; b=JUVyeWUQpoQnxLE1h15DPTzHucdrlTVCFQrFYIWtyjjn7YBcq1Pw16AAOZdExlaoeb AI4ffiMRXRLl2M+jUXWfXc+yKsKIFba7L425q4Meey4M/S4IthYGdCKlxW/ErrZTJeSg 5FfNo5HFEh8KCNxuhazaRALeZlG6MdbUgDkGLnC5qA6U41nIdYQbmxBrFDglOtkk4T8H KSmDC9VztOx2bu9+lWwYSVkzuAFs5VbWuPcZ/fmRxPGeKxW15eeZYdf64tp41358nTHq Vi2XPXl3bBkNLmZGWRCxJIROL4cfLhWIm0aR8wiSOVpqPCZU0PKghZ2vhG7cpBOUFDKN +86Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W+oln5bP; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-204605-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-204605-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 41be03b00d2f7-6de208318f3si1393221a12.94.2024.06.06.08.51.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Jun 2024 08:51:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-204605-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=W+oln5bP; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-204605-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-204605-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 5626828357E for ; Thu, 6 Jun 2024 15:48:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B07BD198836; Thu, 6 Jun 2024 15:48:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W+oln5bP" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D15D4197A7A; Thu, 6 Jun 2024 15:48:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717688906; cv=none; b=l9ptWnlza/UlsFoPSEVtv5sUbyAEEnAUITXhHE/DKQ7k+DZ/agyK88iTPF4l+fdnXby72iRAYLYsQfh5/Xi/7N6nfiTktBmbBOC3WLeZuYU9Q3zMx/YPMCCCpJZOxUoQKqed7/GE0Jg7lyU/71UxzLLbPAHK+wjZ+HbCmQNL2Xs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717688906; c=relaxed/simple; bh=kGvrhh9vt44tqgRnyfCTTCQ/16e7yxQoW2Mu3o2AbYc=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ux87UNtfeliywWfbOHJ/Cl8VGPAJIeDlVpa90fKC+MbJft2f85UvHmgA/x53rNpe7j37nnSo63WyZ/lrRjkK3rUjxcxfAJ14fOUfzQKmnlSK1FSTHVDwcQ5G5+c5tV8vO8iOPl6NHTPvyfYUisZc2FR2zsGriXeMyAHdSFcT2tQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=W+oln5bP; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id C4B11C32782; Thu, 6 Jun 2024 15:48:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717688906; bh=kGvrhh9vt44tqgRnyfCTTCQ/16e7yxQoW2Mu3o2AbYc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=W+oln5bPyjfE9gzBCUilSGSHPhrea1mfNoB4si8c39KE9ty439swsXFFpTAmyDg9+ 5OhGgHE0tvjwNtyYXMFOqOnBMKywDw/LZP6LWpgLyDlMONlHDbjpvP5HtYoONMVCx5 RGCU6H0dvjp0P+1KQmOJM1FGrSw789VvJTmPARa4Br1xtby86ZuOG4fN4zpyOGowpO jpvi67lnTuAgcLVbqCNgidg3XIUcwm3J2UYa7L8Gmhhvq3v+uLwLa+o70RYZQI+9K3 R2Mf/fT1o6LGwnGflSYTT2hLuhadoA/w+muao30xHh2VksaJyT4JTaX/pzzg9i+92u t9xkRemDBbVUA== Date: Thu, 6 Jun 2024 09:48:23 -0600 From: Keith Busch To: Christoph Hellwig Cc: Ming Lei , yebin , axboe@kernel.dk, linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, Ye Bin , Zhang Yi , "Ewan D. Milne" , linux-nvme@lists.infradead.org Subject: Re: [PATCH] block: bio-integrity: fix potential null-ptr-deref in bio_integrity_free Message-ID: References: <20240606062655.2185006-1-yebin@huaweicloud.com> <66619EB6.4040002@huaweicloud.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Thu, Jun 06, 2024 at 07:52:51AM -0700, Christoph Hellwig wrote: > On Thu, Jun 06, 2024 at 10:30:06PM +0800, Ming Lei wrote: > > Yeah, that is one area queue freezing can't cover logical block size > > change, but I'd suggest to put the logical bs check into submit_bio() or > > slow path of __bio_queue_enter() at least. > > We really need an alignment check in submit_bio anyway, so doing it > under the freeze protection would also help with this. > > > My concern is that nvme format is started without draining IO, and > > IO can be submitted to hardware when nvme FW is handling formatting. > > I am not sure if nvme FW can deal with this situation correctly. > > Ewan suggested to run 'nvme format' with exclusive nvme disk open, which > > needs nvme-cli change. > > .. and doesn't protect against someone using a different tool anyway. It also doesn't work if format is sent from a different host. If you have a shared namespace, anyone could change the format without coordinating with anyone else. That's just an unfixable gap with the current spec. The driver tries to react to the Namespace Notice AEN for this, but that can be too late or not even enabled. > That beeing said, nvme_passthru_start actually freezes all queues > based on the commands supported an affects log, and > nvme_init_known_nvm_effects should force this even for controllers > not supporting the log or reporting bogus information. So in general > the queue should be frozen during the actual format. Just for single host consideration, the our current nvme freeze does ensure IO is drained before dispatching the format, and should work for most format changes.