Re: [PATCH -next v2] blk-throttle: Set BIO_THROTTLED when bio has been throttled

From: QiuLaibin
Date: Tue May 17 2022 - 20:39:27 EST

Next message: Michael Ellerman: "Re: [PATCH] net: unexport csum_and_copy_{from,to}_user"
Previous message: Sean Christopherson: "[PATCH] KVM: Free new dirty bitmap if creating a new memslot fails"
Next in thread: Jens Axboe: "Re: [PATCH -next v2] blk-throttle: Set BIO_THROTTLED when bio has been throttled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

friendly ping....

在 2022/3/2 21:51, Ming Lei 写道:

On Tue, Mar 01, 2022 at 08:39:19PM +0800, Laibin Qiu wrote:

1.In current process, all bio will set the BIO_THROTTLED flag
after __blk_throtl_bio().

2.If bio needs to be throttled, it will start the timer and
stop submit bio directly. Bio will submit in
blk_throtl_dispatch_work_fn() when the timer expires.But in
the current process, if bio is throttled. The BIO_THROTTLED
will be set to bio after timer start. If the bio has been
completed, it may cause use-after-free blow.

BUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70
Read of size 2 at addr ffff88801b8902d4 by task fio/26380

After the queue lock is released, the bio can be dispatched & completed,
so it shouldn't be touched after lock release:

Reviewed-by: Ming Lei <ming.lei@xxxxxxxxxx>

Thanks,
Ming

.

Next message: Michael Ellerman: "Re: [PATCH] net: unexport csum_and_copy_{from,to}_user"
Previous message: Sean Christopherson: "[PATCH] KVM: Free new dirty bitmap if creating a new memslot fails"
Next in thread: Jens Axboe: "Re: [PATCH -next v2] blk-throttle: Set BIO_THROTTLED when bio has been throttled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]