Re: [PATCH v4 2/3] rust: block: add rnull, Rust null_blk implementation

From: Andreas Hindborg
Date: Sat Jun 01 2024 - 15:54:15 EST

Next message: Jason Gunthorpe: "Re: [PATCH 3/5] x86/mm: Introduce and export interface arch_clean_nonsnoop_dma()"
Previous message: Jonathan Cameron: "Re: [PATCH v2] staging: iio: adt7316: remove unused struct 'adt7316_limit_regs'"
In reply to: Andreas Hindborg: "Re: [PATCH v4 2/3] rust: block: add rnull, Rust null_blk implementation"
Next in thread: Matthew Wilcox: "Re: [PATCH v4 2/3] rust: block: add rnull, Rust null_blk implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andreas Hindborg <nmi@xxxxxxxxxxxx> writes:

> Keith Busch <kbusch@xxxxxxxxxx> writes:
>
>> On Sat, Jun 01, 2024 at 05:36:20PM +0200, Andreas Hindborg wrote:
>>> Keith Busch <kbusch@xxxxxxxxxx> writes:
>>>
>>> > On Sat, Jun 01, 2024 at 03:40:04PM +0200, Andreas Hindborg wrote:
>>> >> +impl kernel::Module for NullBlkModule {
>>> >> + fn init(_module: &'static ThisModule) -> Result<Self> {
>>> >> + pr_info!("Rust null_blk loaded\n");
>>> >> + let tagset = Arc::pin_init(TagSet::try_new(1, 256, 1), flags::GFP_KERNEL)?;
>>> >> +
>>> >> + let disk = {
>>> >> + let block_size: u16 = 4096;
>>> >> + if block_size % 512 != 0 || !(512..=4096).contains(&block_size) {
>>> >> + return Err(kernel::error::code::EINVAL);
>>> >> + }
>>> >
>>> > You've set block_size to the literal 4096, then validate its value
>>> > immediately after? Am I missing some way this could ever be invalid?
>>>
>>> Good catch. It is because I have a patch in the outbound queue that allows setting
>>> the block size via a module parameter. The module parameter patch is not
>>> upstream yet. Once I have that up, I will send the patch with the block
>>> size config.
>>>
>>> Do you think it is OK to have this redundancy? It would only be for a
>>> few cycles.
>>
>> It's fine, just wondering why it's there. But it also allows values like
>> 1536 and 3584, which are not valid block sizes, so I think you want the
>> check to be:
>>
>> if !(512..=4096).contains(&block_size) || ((block_size & (block_size - 1)) != 0)
>
> Right, that makes sense. I modeled it after the C null_blk validation
> code in `null_validate_conf`. It contains this:
>
> dev->blocksize = round_down(dev->blocksize, 512);
> dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096);
>
> That would have the same semantics, right? I guess I'll try to make a
> device with a 1536 block size and see what happens.

This happens:

root@debian:~# insmod /mnt/linux-build/drivers/block/null_blk/null_blk.ko bs=1536
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 0 P4D 0
Oops: Oops: 0002 [#1] SMP
CPU: 2 PID: 291 Comm: insmod Not tainted 6.10.0-rc1+ #839

Probably a good idea with a better check.

BR Andreas

Next message: Jason Gunthorpe: "Re: [PATCH 3/5] x86/mm: Introduce and export interface arch_clean_nonsnoop_dma()"
Previous message: Jonathan Cameron: "Re: [PATCH v2] staging: iio: adt7316: remove unused struct 'adt7316_limit_regs'"
In reply to: Andreas Hindborg: "Re: [PATCH v4 2/3] rust: block: add rnull, Rust null_blk implementation"
Next in thread: Matthew Wilcox: "Re: [PATCH v4 2/3] rust: block: add rnull, Rust null_blk implementation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]