Re: [PATCH v2 4/7] libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant

From: Verma, Vishal L
Date: Thu Jul 18 2019 - 14:21:26 EST

Next message: Hariprasad Kelam: "[PATCH] staging: kpc2000: Remove null check before kfree"
Previous message: Linus Torvalds: "Re: [GIT PULL] xfs: cleanups for 5.3"
In reply to: Dan Williams: "[PATCH v2 4/7] libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant"
Next in thread: Dan Williams: "[PATCH v2 5/7] libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2019-07-17 at 18:08 -0700, Dan Williams wrote:
> In preparation for not holding a lock over the execution of
> nd_ioctl(),
> update the implementation to allow multiple threads to be attempting
> ioctls at the same time. The bus lock still prevents multiple in-
> flight
> ->ndctl() invocations from corrupting each other's state, but static
> global staging buffers are moved to the heap.
>
> Reported-by: Vishal Verma <vishal.l.verma@xxxxxxxxx>
> Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> ---
> drivers/nvdimm/bus.c | 59 +++++++++++++++++++++++++++++++--------
> -----------
> 1 file changed, 37 insertions(+), 22 deletions(-)

Ran tens of iterations of the unit tests with this, and couldn't
reproduce the failure.

Reviewed-by: Vishal Verma <vishal.l.verma@xxxxxxxxx>
Tested-by: Vishal Verma <vishal.l.verma@xxxxxxxxx>

>
> diff --git a/drivers/nvdimm/bus.c b/drivers/nvdimm/bus.c
> index 42713b210f51..a3180c28fb2b 100644
> --- a/drivers/nvdimm/bus.c
> +++ b/drivers/nvdimm/bus.c
> @@ -970,20 +970,19 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> int read_only, unsigned int ioctl_cmd, unsigned long
> arg)
> {
> struct nvdimm_bus_descriptor *nd_desc = nvdimm_bus->nd_desc;
> - static char out_env[ND_CMD_MAX_ENVELOPE];
> - static char in_env[ND_CMD_MAX_ENVELOPE];
> const struct nd_cmd_desc *desc = NULL;
> unsigned int cmd = _IOC_NR(ioctl_cmd);
> struct device *dev = &nvdimm_bus->dev;
> void __user *p = (void __user *) arg;
> + char *out_env = NULL, *in_env = NULL;
> const char *cmd_name, *dimm_name;
> u32 in_len = 0, out_len = 0;
> unsigned int func = cmd;
> unsigned long cmd_mask;
> struct nd_cmd_pkg pkg;
> int rc, i, cmd_rc;
> + void *buf = NULL;
> u64 buf_len = 0;
> - void *buf;
>
> if (nvdimm) {
> desc = nd_cmd_dimm_desc(cmd);
> @@ -1023,6 +1022,9 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> }
>
> /* process an input envelope */
> + in_env = kzalloc(ND_CMD_MAX_ENVELOPE, GFP_KERNEL);
> + if (!in_env)
> + return -ENOMEM;
> for (i = 0; i < desc->in_num; i++) {
> u32 in_size, copy;
>
> @@ -1030,14 +1032,17 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> if (in_size == UINT_MAX) {
> dev_err(dev, "%s:%s unknown input size cmd: %s
> field: %d\n",
> __func__, dimm_name, cmd_name,
> i);
> - return -ENXIO;
> + rc = -ENXIO;
> + goto out;
> }
> - if (in_len < sizeof(in_env))
> - copy = min_t(u32, sizeof(in_env) - in_len,
> in_size);
> + if (in_len < ND_CMD_MAX_ENVELOPE)
> + copy = min_t(u32, ND_CMD_MAX_ENVELOPE - in_len,
> in_size);
> else
> copy = 0;
> - if (copy && copy_from_user(&in_env[in_len], p + in_len,
> copy))
> - return -EFAULT;
> + if (copy && copy_from_user(&in_env[in_len], p + in_len,
> copy)) {
> + rc = -EFAULT;
> + goto out;
> + }
> in_len += in_size;
> }
>
> @@ -1049,6 +1054,12 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> }
>
> /* process an output envelope */
> + out_env = kzalloc(ND_CMD_MAX_ENVELOPE, GFP_KERNEL);
> + if (!out_env) {
> + rc = -ENOMEM;
> + goto out;
> + }
> +
> for (i = 0; i < desc->out_num; i++) {
> u32 out_size = nd_cmd_out_size(nvdimm, cmd, desc, i,
> (u32 *) in_env, (u32 *) out_env, 0);
> @@ -1057,15 +1068,18 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> if (out_size == UINT_MAX) {
> dev_dbg(dev, "%s unknown output size cmd: %s
> field: %d\n",
> dimm_name, cmd_name, i);
> - return -EFAULT;
> + rc = -EFAULT;
> + goto out;
> }
> - if (out_len < sizeof(out_env))
> - copy = min_t(u32, sizeof(out_env) - out_len,
> out_size);
> + if (out_len < ND_CMD_MAX_ENVELOPE)
> + copy = min_t(u32, ND_CMD_MAX_ENVELOPE - out_len,
> out_size);
> else
> copy = 0;
> if (copy && copy_from_user(&out_env[out_len],
> - p + in_len + out_len, copy))
> - return -EFAULT;
> + p + in_len + out_len, copy)) {
> + rc = -EFAULT;
> + goto out;
> + }
> out_len += out_size;
> }
>
> @@ -1073,12 +1087,15 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> if (buf_len > ND_IOCTL_MAX_BUFLEN) {
> dev_dbg(dev, "%s cmd: %s buf_len: %llu > %d\n",
> dimm_name,
> cmd_name, buf_len, ND_IOCTL_MAX_BUFLEN);
> - return -EINVAL;
> + rc = -EINVAL;
> + goto out;
> }
>
> buf = vmalloc(buf_len);
> - if (!buf)
> - return -ENOMEM;
> + if (!buf) {
> + rc = -ENOMEM;
> + goto out;
> + }
>
> if (copy_from_user(buf, p, buf_len)) {
> rc = -EFAULT;
> @@ -1100,17 +1117,15 @@ static int __nd_ioctl(struct nvdimm_bus
> *nvdimm_bus, struct nvdimm *nvdimm,
> nvdimm_account_cleared_poison(nvdimm_bus, clear_err-
> >address,
> clear_err->cleared);
> }
> - nvdimm_bus_unlock(&nvdimm_bus->dev);
>
> if (copy_to_user(p, buf, buf_len))
> rc = -EFAULT;
>
> - vfree(buf);
> - return rc;
> -
> - out_unlock:
> +out_unlock:
> nvdimm_bus_unlock(&nvdimm_bus->dev);
> - out:
> +out:
> + kfree(in_env);
> + kfree(out_env);
> vfree(buf);
> return rc;
> }
>

Next message: Hariprasad Kelam: "[PATCH] staging: kpc2000: Remove null check before kfree"
Previous message: Linus Torvalds: "Re: [GIT PULL] xfs: cleanups for 5.3"
In reply to: Dan Williams: "[PATCH v2 4/7] libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant"
Next in thread: Dan Williams: "[PATCH v2 5/7] libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]