diff options
| author | Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | 2011-04-18 11:34:55 -0400 |
|---|---|---|
| committer | Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | 2011-04-18 11:34:55 -0400 |
| commit | e93504933ee6982bdc005fa5c24e1ea330faaf8b (patch) | |
| tree | 4e775c9ab335e82cc5ffdbf54d49d8cb91f12adf | |
| parent | 9f3aedf573dd034d59e7eb6c4ee97648d5be8fc6 (diff) | |
xen/blkback: Move the check for misaligned I/O once more.
The commit 976222e05ea5a9959ccf880d7a24efbf79b3c6cf
xen/blkback: Move the check for misaligned I/O higher.
moved it a bit to high. The preq->vbdev was not set, so the
check for misaligned I/O would cause a NULL pointer derefence.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
| -rw-r--r-- | drivers/xen/blkback/blkback.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/drivers/xen/blkback/blkback.c b/drivers/xen/blkback/blkback.c index c645c83f900b..a0d3227955c9 100644 --- a/drivers/xen/blkback/blkback.c +++ b/drivers/xen/blkback/blkback.c | |||
| @@ -514,6 +514,7 @@ static void dispatch_rw_block_io(struct blkif_st *blkif, | |||
| 514 | pending_req->operation = req->operation; | 514 | pending_req->operation = req->operation; |
| 515 | pending_req->status = BLKIF_RSP_OKAY; | 515 | pending_req->status = BLKIF_RSP_OKAY; |
| 516 | pending_req->nr_pages = nseg; | 516 | pending_req->nr_pages = nseg; |
| 517 | |||
| 517 | for (i = 0; i < nseg; i++) { | 518 | for (i = 0; i < nseg; i++) { |
| 518 | seg[i].nsec = req->u.rw.seg[i].last_sect - | 519 | seg[i].nsec = req->u.rw.seg[i].last_sect - |
| 519 | req->u.rw.seg[i].first_sect + 1; | 520 | req->u.rw.seg[i].first_sect + 1; |
| @@ -522,12 +523,6 @@ static void dispatch_rw_block_io(struct blkif_st *blkif, | |||
| 522 | goto fail_response; | 523 | goto fail_response; |
| 523 | preq.nr_sects += seg[i].nsec; | 524 | preq.nr_sects += seg[i].nsec; |
| 524 | 525 | ||
| 525 | if (((int)preq.sector_number|(int)seg[i].nsec) & | ||
| 526 | ((bdev_logical_block_size(preq.bdev) >> 9) - 1)) { | ||
| 527 | DPRINTK("Misaligned I/O request from domain %d", | ||
| 528 | blkif->domid); | ||
| 529 | goto fail_response; | ||
| 530 | } | ||
| 531 | } | 526 | } |
| 532 | 527 | ||
| 533 | if (vbd_translate(&preq, blkif, operation) != 0) { | 528 | if (vbd_translate(&preq, blkif, operation) != 0) { |
| @@ -537,6 +532,16 @@ static void dispatch_rw_block_io(struct blkif_st *blkif, | |||
| 537 | preq.sector_number + preq.nr_sects, preq.dev); | 532 | preq.sector_number + preq.nr_sects, preq.dev); |
| 538 | goto fail_response; | 533 | goto fail_response; |
| 539 | } | 534 | } |
| 535 | /* This check _MUST_ be done after vbd_translate as the preq.bdev | ||
| 536 | * is set there. */ | ||
| 537 | for (i = 0; i < nseg; i++) { | ||
| 538 | if (((int)preq.sector_number|(int)seg[i].nsec) & | ||
| 539 | ((bdev_logical_block_size(preq.bdev) >> 9) - 1)) { | ||
| 540 | DPRINTK("Misaligned I/O request from domain %d", | ||
| 541 | blkif->domid); | ||
| 542 | goto fail_response; | ||
| 543 | } | ||
| 544 | } | ||
| 540 | /* If we have failed at this point, we need to undo the M2P override, | 545 | /* If we have failed at this point, we need to undo the M2P override, |
| 541 | * set gnttab_set_unmap_op on all of the grant references and perform | 546 | * set gnttab_set_unmap_op on all of the grant references and perform |
| 542 | * the hypercall to unmap the grants - that is all done in | 547 | * the hypercall to unmap the grants - that is all done in |