linux/block
Christian A. Ehrhardt 13f3956eb5 block: Fix WARNING in _copy_from_iter
Syzkaller reports a warning in _copy_from_iter because an
iov_iter is supposedly used in the wrong direction. The reason
is that syzcaller managed to generate a request with
a transfer direction of SG_DXFER_TO_FROM_DEV. This instructs
the kernel to copy user buffers into the kernel, read into
the copied buffers and then copy the data back to user space.

Thus the iovec is used in both directions.

Detect this situation in the block layer and construct a new
iterator with the correct direction for the copy-in.

Reported-by: syzbot+a532b03fdfee2c137666@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/lkml/0000000000009b92c10604d7a5e9@google.com/t/
Reported-by: syzbot+63dec323ac56c28e644f@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/lkml/0000000000003faaa105f6e7c658@google.com/T/
Signed-off-by: Christian A. Ehrhardt <lk@c--e.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20240121202634.275068-1-lk@c--e.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2024-01-23 08:56:55 -07:00
..
partitions block: Move checking GENHD_FL_NO_PART to bdev_add_partition() 2024-01-22 09:51:29 -07:00
badblocks.c badblocks: avoid checking invalid range in badblocks_check() 2023-12-23 18:38:08 -07:00
bdev.c vfs-6.8.super 2024-01-08 10:43:51 -08:00
bfq-cgroup.c blkcg: Restructure blkg_conf_prep() and friends 2023-04-13 06:46:49 -06:00
bfq-iosched.c SCSI misc on 20230629 2023-06-30 11:57:07 -07:00
bfq-iosched.h block, bfq: remove BFQ_WEIGHT_LEGACY_DFL 2023-04-06 16:17:32 -06:00
bfq-wf2q.c block, bfq: inject I/O to underutilized actuators 2023-01-29 15:18:33 -07:00
bio-integrity.c block: bio-integrity: fix kcalloc() arguments order 2024-01-16 09:51:22 -07:00
bio.c block: support adding less than len in bio_add_hw_page 2023-12-15 07:34:27 -07:00
blk-cgroup-fc-appid.c block: Replace all non-returning strlcpy with strscpy 2023-06-01 09:13:31 -06:00
blk-cgroup-rwstat.c Revert "blk-cgroup: pin the gendisk in struct blkcg_gq" 2023-02-14 14:24:09 -07:00
blk-cgroup-rwstat.h block: Use the new blk_opf_t type 2022-07-14 12:14:30 -06:00
blk-cgroup.c block: Correct a documentation comment in blk-cgroup.c 2024-01-15 07:23:38 -07:00
blk-cgroup.h blk-cgroup: fix rcu lockdep warning in blkg_lookup() 2024-01-04 16:08:54 -07:00
blk-core.c for-6.8/block-2024-01-08 2024-01-11 13:58:04 -08:00
blk-crypto-fallback.c blk-crypto: dynamically allocate fallback profile 2023-08-18 15:00:39 -06:00
blk-crypto-internal.h blk-crypto: remove blk_crypto_insert_cloned_request() 2023-03-16 09:35:09 -06:00
blk-crypto-profile.c blk-crypto: use dynamic lock class for blk_crypto_profile::lock 2023-07-05 16:36:12 -06:00
blk-crypto-sysfs.c block: make kobj_type structures constant 2023-02-09 09:38:16 -07:00
blk-crypto.c blk-crypto: make blk_crypto_evict_key() more robust 2023-03-16 09:35:09 -06:00
blk-flush.c blk-mq: remove RQF_MQ_INFLIGHT 2023-09-22 08:52:13 -06:00
blk-ia-ranges.c block: make kobj_type structures constant 2023-02-09 09:38:16 -07:00
blk-integrity.c blk-integrity: register sysfs attributes on struct device 2023-04-26 18:22:50 -06:00
blk-ioc.c blk-ioc: fix recursive spin_lock/unlock_irq() in ioc_clear_queue() 2023-06-07 07:51:00 -06:00
blk-iocost.c block/iocost: silence warning on 'last_period' potentially being unused 2024-01-10 08:43:06 -07:00
blk-iolatency.c block: fix bad lockdep annotation in blk-iolatency 2023-08-10 17:24:53 -06:00
blk-ioprio.c blk-ioprio: Introduce promote-to-rt policy 2023-06-06 22:26:26 -06:00
blk-ioprio.h blk-ioprio: pass a gendisk to blk_ioprio_init and blk_ioprio_exit 2022-09-26 19:09:31 -06:00
blk-lib.c blk-lib: fix blkdev_issue_secure_erase 2022-09-15 00:25:17 -06:00
blk-map.c block: Fix WARNING in _copy_from_iter 2024-01-23 08:56:55 -07:00
blk-merge.c block: remove two comments in bio_split_discard 2023-12-29 08:44:12 -07:00
blk-mq-cpumap.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-debugfs-zoned.c block: move zone related fields to struct gendisk 2022-07-06 06:46:26 -06:00
blk-mq-debugfs.c blk-mq: Remove the hctx 'run' debugfs attribute 2024-01-17 14:16:34 -07:00
blk-mq-debugfs.h block: remove per-disk debugfs files in blk_unregister_queue 2022-06-17 07:31:05 -06:00
blk-mq-pci.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-sched.c blk-mq: Remove the hctx 'run' debugfs attribute 2024-01-17 14:16:34 -07:00
blk-mq-sched.h blk-mq: make sure elevator callbacks aren't called for passthrough request 2023-05-18 19:42:54 -06:00
blk-mq-sysfs.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-tag.c for-6.5/block-2023-06-23 2023-06-26 12:47:20 -07:00
blk-mq-virtio.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq.c for-6.8/block-2024-01-18 2024-01-18 18:22:40 -08:00
blk-mq.h blk-mq: update driver tags request table when start request 2023-09-22 08:52:13 -06:00
blk-pm.c block: Remove blk_set_runtime_active() 2023-11-20 10:22:40 -07:00
blk-pm.h
blk-rq-qos.c block: correct stale comment in rq_qos_wait 2023-09-18 14:15:28 -06:00
blk-rq-qos.h block: skip QUEUE_FLAG_STATS and rq-qos for passthrough io 2023-12-01 18:29:18 -07:00
blk-settings.c block: floor the discard granularity to the physical block size 2024-01-04 16:05:49 -07:00
blk-stat.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-stat.h
blk-sysfs.c for-6.8/block-2024-01-08 2024-01-11 13:58:04 -08:00
blk-throttle.c blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" 2023-11-17 10:48:58 -07:00
blk-throttle.h blk-throttle: print signed value 'carryover_bytes/ios' for user 2023-08-30 10:15:01 -06:00
blk-timeout.c
blk-wbt.c blk-wbt: remove the separate write cache tracking 2023-12-26 09:28:10 -07:00
blk-wbt.h blk-wbt: remove the separate write cache tracking 2023-12-26 09:28:10 -07:00
blk-zoned.c block: Treat sequential write preferred zone type as invalid 2024-01-08 08:34:24 -07:00
blk.h block: simplify disk_set_zoned 2023-12-19 20:17:43 -07:00
bounce.c block: change the blk_queue_bounce calling convention 2022-08-02 17:22:54 -06:00
bsg-lib.c scsi: replace the fmode_t argument to ->sg_io_fn with a simple bool 2023-06-12 08:04:04 -06:00
bsg.c SCSI misc on 20230629 2023-06-30 11:57:07 -07:00
disk-events.c block: move bdev_mark_dead out of disk_check_media_change 2023-10-28 13:29:23 +02:00
early-lookup.c block: don't return -EINVAL for not found names in devt_from_devname 2023-06-22 09:09:33 -06:00
elevator.c blk-mq: release scheduler resource when request completes 2023-08-19 07:47:17 -06:00
elevator.h blk-mq: pass a flags argument to elevator_type->insert_requests 2023-04-13 06:52:30 -06:00
fops.c fs: convert block_write_full_page to block_write_full_folio 2023-12-29 11:58:35 -08:00
genhd.c block: add check of 'minors' and 'first_minor' in device_add_disk() 2023-12-19 08:23:12 -07:00
holder.c block: don't allow a disk link holder to itself 2022-11-16 15:19:56 -07:00
ioctl.c block: Move checking GENHD_FL_NO_PART to bdev_add_partition() 2024-01-22 09:51:29 -07:00
ioprio.c block: move __get_task_ioprio() into header file 2024-01-08 12:27:39 -07:00
Kconfig block: Add config option to not allow writing to mounted devices 2023-11-18 14:59:25 +01:00
Kconfig.iosched block: Default to use cgroup support for BFQ 2023-01-30 09:42:42 -07:00
kyber-iosched.c blk-mq: pass a flags argument to elevator_type->insert_requests 2023-04-13 06:52:30 -06:00
Makefile block: move the code to do early boot lookup of block devices to block/ 2023-06-05 10:57:40 -06:00
mq-deadline.c block/mq-deadline: use correct way to throttling write requests 2023-08-08 15:46:41 -06:00
opal_proto.h block: sed-opal: Implement IOC_OPAL_REVERT_LSP 2023-08-22 11:10:26 -06:00
sed-opal.c for-6.7/block-2023-10-30 2023-11-01 12:30:07 -10:00
t10-pi.c