Commit 66ad2fbc authored by Arnd Bergmann's avatar Arnd Bergmann Committed by Mike Snitzer

dm-integrity, dm-verity: reduce stack usage for recheck

The newly added integrity_recheck() function has another larger stack
allocation, just like its caller integrity_metadata(). When it gets
inlined, the combination of the two exceeds the warning limit for 32-bit
architectures and possibly risks an overflow when this is called from
a deep call chain through a file system:

drivers/md/dm-integrity.c:1767:13: error: stack frame size (1048) exceeds limit (1024) in 'integrity_metadata' [-Werror,-Wframe-larger-than]
 1767 | static void integrity_metadata(struct work_struct *w)

Since the caller at this point is done using its checksum buffer,
just reuse the same buffer in the new function to avoid the double
allocation.

[Mikulas: add "noinline" to integrity_recheck and verity_recheck.
These functions are only called on error, so they shouldn't bloat the
stack frame or code size of the caller.]

Fixes: c88f5e55 ("dm-integrity: recheck the integrity tag after a failure")
Fixes: 9177f3c0 ("dm-verity: recheck the hash after a failure")
Cc: stable@vger.kernel.org
Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
Signed-off-by: default avatarMikulas Patocka <mpatocka@redhat.com>
Signed-off-by: default avatarMike Snitzer <snitzer@kernel.org>
parent 0e0c50e8
...@@ -1691,14 +1691,13 @@ static void integrity_sector_checksum(struct dm_integrity_c *ic, sector_t sector ...@@ -1691,14 +1691,13 @@ static void integrity_sector_checksum(struct dm_integrity_c *ic, sector_t sector
get_random_bytes(result, ic->tag_size); get_random_bytes(result, ic->tag_size);
} }
static void integrity_recheck(struct dm_integrity_io *dio) static noinline void integrity_recheck(struct dm_integrity_io *dio, char *checksum)
{ {
struct bio *bio = dm_bio_from_per_bio_data(dio, sizeof(struct dm_integrity_io)); struct bio *bio = dm_bio_from_per_bio_data(dio, sizeof(struct dm_integrity_io));
struct dm_integrity_c *ic = dio->ic; struct dm_integrity_c *ic = dio->ic;
struct bvec_iter iter; struct bvec_iter iter;
struct bio_vec bv; struct bio_vec bv;
sector_t sector, logical_sector, area, offset; sector_t sector, logical_sector, area, offset;
char checksum_onstack[max_t(size_t, HASH_MAX_DIGESTSIZE, MAX_TAG_SIZE)];
struct page *page; struct page *page;
void *buffer; void *buffer;
...@@ -1734,9 +1733,8 @@ static void integrity_recheck(struct dm_integrity_io *dio) ...@@ -1734,9 +1733,8 @@ static void integrity_recheck(struct dm_integrity_io *dio)
goto free_ret; goto free_ret;
} }
integrity_sector_checksum(ic, logical_sector, buffer, integrity_sector_checksum(ic, logical_sector, buffer, checksum);
checksum_onstack); r = dm_integrity_rw_tag(ic, checksum, &dio->metadata_block,
r = dm_integrity_rw_tag(ic, checksum_onstack, &dio->metadata_block,
&dio->metadata_offset, ic->tag_size, TAG_CMP); &dio->metadata_offset, ic->tag_size, TAG_CMP);
if (r) { if (r) {
if (r > 0) { if (r > 0) {
...@@ -1851,7 +1849,7 @@ static void integrity_metadata(struct work_struct *w) ...@@ -1851,7 +1849,7 @@ static void integrity_metadata(struct work_struct *w)
checksums_ptr - checksums, dio->op == REQ_OP_READ ? TAG_CMP : TAG_WRITE); checksums_ptr - checksums, dio->op == REQ_OP_READ ? TAG_CMP : TAG_WRITE);
if (unlikely(r)) { if (unlikely(r)) {
if (r > 0) { if (r > 0) {
integrity_recheck(dio); integrity_recheck(dio, checksums);
goto skip_io; goto skip_io;
} }
if (likely(checksums != checksums_onstack)) if (likely(checksums != checksums_onstack))
......
...@@ -491,8 +491,8 @@ static int verity_recheck_copy(struct dm_verity *v, struct dm_verity_io *io, ...@@ -491,8 +491,8 @@ static int verity_recheck_copy(struct dm_verity *v, struct dm_verity_io *io,
return 0; return 0;
} }
static int verity_recheck(struct dm_verity *v, struct dm_verity_io *io, static noinline int verity_recheck(struct dm_verity *v, struct dm_verity_io *io,
struct bvec_iter start, sector_t cur_block) struct bvec_iter start, sector_t cur_block)
{ {
struct page *page; struct page *page;
void *buffer; void *buffer;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment