APPLIED: [PATCH 0/1] [focal:linux, groovy:linux, hirsute:linux, impish:linux] block: return the correct bvec when checking for gaps

Tim Gardner tim.gardner at canonical.com
Fri Jul 30 11:46:30 UTC 2021 


On 7/30/21 3:51 AM, Kleber Souza wrote:
> On 29.07.21 14:14, Tim Gardner wrote:
>> Applied to focal:linux, hirsute:linux. Thanks.
>>
>> groovy: Won't fix
>> Impish: already upstream
>>
>> Looks like this got missed in previous cycle, nor is there a Trello
>> "Mailing List" card.
> 
> This patch was deliberately postponed because of the relatively high
> risk for the point release kernels, as documented on the Trello
> card.
> 

No good deed goes unpunished. I did look through the Trello cards, at 
least the ones in "Mailing List". The search option is a little funky. 
It dropped down a results column right on top of the lane that contained 
the card, just enough so that I didn't see it. Guess that's one of 
Trello's more endearing quirks.

How do you want to deal with this so that someone remembers to re-apply 
it weeks from now in the next cycle ?

rtg

> 
> Kleber
> 
>>
>> -rtg
>>
>> On 7/6/21 11:14 AM, Tim Gardner wrote:
>>> [Impact]
>>>
>>> There is a bug in the Linux block layer responsible for merging BIOs 
>>> that go
>>> across the page boundary. This bug was introduced in Linux 5.1 when 
>>> the block
>>> layer BIO page tracking is enhanced to support multiple pages.
>>>
>>> Without this patch, data corruption can occur. The change to the 
>>> kernel block
>>> layer in Linux 5.1 changes the way multiple pages are merged to a 
>>> single block
>>> I/O descriptor, and how contiguous block I/O descriptors are merged 
>>> with previous
>>> descriptors.
>>>
>>> If contiguous block I/O requests cross a page boundary of 4k, defined 
>>> by the hv_storvsc
>>> driver, the new block merge process can create two pages of block I/O 
>>> requests (the
>>> latter page with an offset) that refer to the same physical sector on 
>>> disk. This page list
>>> is then assembled for the SCSI generic driver.
>>>
>>> In the above scenario, when the block I/O request sizes are 512 
>>> bytes, the Azure LIS driver
>>> (hv_storvsc module) is not able to correctly parse the page array 
>>> from the SCSI generic
>>> driver due to this bug in Linux block layer and creates a potential 
>>> overflow of
>>> offset I/O requests and corruption of data on disk.
>>>
>>> Mitigation of data loss is proven with filesystems with block size 
>>> 4k. When block
>>> I/O requests are of sizes 4k or multiples of 4k, they are the page 
>>> aligned in the
>>> memory and are not affected by the block I/O merging algorithm 
>>> introduced in Linux
>>> 5.1. Most modern file systems use 4k I/O block size by default, thus 
>>> mitigating
>>> this problem.
>>>
>>> An upstream patch fixes this bug: commit 
>>> c9c9762d4d44dcb1b2ba90cfb4122dc11ceebf31
>>> ("block: return the correct bvec when checking for gaps")
>>>
>>> Please include this patch in any supported kernels that are 5.1 or 
>>> later.
>>>
>>> [Test Plan]
>>>
>>> stress-ng --sequential 8 --class io -t 5m --times
>>>
>>> [Where problems could occur]
>>>
>>> Different incorrect pages could be wriiten to disk.
>>>
>>> [Other Info]
>>>
>>> This patch has already been released in all [FGHI] Azure kernels.
>>>
>>
> 

-- 
-----------
Tim Gardner
Canonical, Inc

More information about the kernel-team mailing list