zram: fix invalid memory references during disk write

Nitin Gupta ngupta at vflare.org
Thu Dec 20 22:48:00 UTC 2012


On Wed, Dec 19, 2012 at 9:39 AM, Mitch Harder
<mitch.harder at sabayonlinux.org> wrote:
> On Wed, Dec 19, 2012 at 11:21 AM, Nitin Gupta <ngupta at vflare.org> wrote:
>> On 12/19/2012 08:17 AM, Greg KH wrote:
>>> On Wed, Dec 19, 2012 at 07:53:36AM -0800, Nitin Gupta wrote:
>>>> On 12/19/2012 07:08 AM, Greg KH wrote:
>>>>> On Tue, Dec 18, 2012 at 11:21:28PM -0800, Nitin Gupta wrote:
>>>>>> On 12/18/2012 07:49 PM, Greg KH wrote:
>>>>>>> On Tue, Dec 18, 2012 at 01:12:05PM -0800, Nitin Gupta wrote:
>>>>>>>> On Tue, Dec 11, 2012 at 10:27 AM, Greg KH <gregkh at linuxfoundation.org> wrote:
>>>>>>>>> On Thu, Nov 29, 2012 at 10:45:09PM -0800, Nitin Gupta wrote:
>>>>>>>>>> Fixes a bug introduced by commit c8f2f0db1 ("zram: Fix handling
>>>>>>>>>> of incompressible pages") which caused invalid memory references
>>>>>>>>>> during disk write. Invalid references could occur in two cases:
>>>>>>>>>>  - Incoming data expands on compression: In this case, reference was
>>>>>>>>>> made to kunmap()'ed bio page.
>>>>>>>>>>  - Partial (non PAGE_SIZE) write with incompressible data: In this
>>>>>>>>>> case, reference was made to a kfree()'ed buffer.
>>>>>>>>>>
>>>>>>>>>> Fixes bug 50081:
>>>>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=50081
>>>>>>>>>>
>>>>>>>>>> Upstream commit ID: c8f2f0d: zram: Fix handling of incompressible pages
>>>>>>>>>> Apply to versions: 3.6.5, 3.6.6, 3.6.7, 3.6.8
>>>>>>>>>>
>>>>>>>>>> Cc: <stable at vger.kernel.org> # staging-next: 37b51fd: zram: factor-out
>>>>>>>>>>                               # zram_decompress_page() function
>>>>>>>>>> Signed-off-by: Nitin Gupta <ngupta at vflare.org>
>>>>>>>>>> Reported-by: Mihail Kasadjikov <hamer.mk at gmail.com>
>>>>>>>>>> Reported-by: Tomas M <tomas at slax.org>
>>>>>>>>>> Reviewed-by: Minchan Kim <minchan at kernel.org>
>>>>>>>>>> ---
>>>>>>>>>>  drivers/staging/zram/zram_drv.c |   39 ++++++++++++++++++++++++---------------
>>>>>>>>>>  1 file changed, 24 insertions(+), 15 deletions(-)
>>>>>>>>>
>>>>>>>>> This patch fails to apply to 3.6.10:
>>>>>>>>>
>>>>>>>>> patching file drivers/staging/zram/zram_drv.c
>>>>>>>>> Hunk #1 succeeded at 282 (offset 17 lines).
>>>>>>>>> Hunk #2 FAILED at 286.
>>>>>>>>> Hunk #3 succeeded at 319 (offset 17 lines).
>>>>>>>>> Hunk #4 succeeded at 340 (offset 17 lines).
>>>>>>>>> Hunk #5 succeeded at 353 (offset 17 lines).
>>>>>>>>> Hunk #6 succeeded at 368 (offset 17 lines).
>>>>>>>>> Hunk #7 succeeded at 385 (offset 17 lines).
>>>>>>>>> 1 out of 7 hunks FAILED -- saving rejects to file drivers/staging/zram/zram_drv.c.rej
>>>>>>>>>
>>>>>>>>> Please redo this patch and resend it if you wish for it to be applied to
>>>>>>>>> the 3.6-stable tree.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> Please apply this patch to stable tree asap.
>>>>>>>
>>>>>>> 3.6 is now end-of-life, there will not be any more releases for that
>>>>>>> kernel series anymore, sorry.
>>>>>>>
>>>>>>
>>>>>> Then please apply to 3.7.
>>>>>
>>>>> That is impossible to do so, for the obvious reason.
>>>>>
>>>>
>>>> I meant to include it in whatever 3.7.x is released in future. Or put it
>>>> in staging, so it may eventually make it to mainline (by 3.8?).
>>>
>>> {sigh}
>>>
>>> Please think for a moment for how it would be impossible for me to add
>>> this patch to either the 3.7-stable tree, or the 3.8 tree, _again_.
>>>
>>
>> I'm simply not getting it, I'm sorry, I must be missing something
>> obvious -- what's really the problem with this: "whenever 3.8 is
>> released, sometime in the future, just make sure that this fix is
>> included in it" ?  Also, what's stopping it from staging, at least?
>>
>
> Greg:
>
> I think there is still some residual confusion from the mix of patches
> sent out for this issue.
>
> You appear to be saying that this patch as well as "37b51fd: zram:
> factor-out  zram_decompress_page() function" have already been
> applied.
>
> But I do not see either patch in 3.7.0 or in your message for
> "3.7.1-stable review"
>
> I see the "37b51fd: zram: factor-out  zram_decompress_page() function"
> patch in Linus' tree for 3.8_rc, but not the patch discussed in this
> thread.

Yes, both staging and linus' tree HEAD now contains the
"37b51fd: zram: factor-out  zram_decompress_page() function" patch.
So, all that's need to be done is to apply this patch only.

Since this patch is really critical for zram, please let me know how to
move forward and get it included.

Thanks,
Nitin



More information about the devel mailing list