2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-07 21:24:00 +08:00
linux-next/drivers/block
Paul Durrant d75e7f63b7 xen-blkback: fix compatibility bug with single page rings
Prior to commit 4a8c31a1c6 ("xen/blkback: rework connect_ring() to avoid
inconsistent xenstore 'ring-page-order' set by malicious blkfront"), the
behaviour of xen-blkback when connecting to a frontend was:

- read 'ring-page-order'
- if not present then expect a single page ring specified by 'ring-ref'
- else expect a ring specified by 'ring-refX' where X is between 0 and
  1 << ring-page-order

This was correct behaviour, but was broken by the afforementioned commit to
become:

- read 'ring-page-order'
- if not present then expect a single page ring (i.e. ring-page-order = 0)
- expect a ring specified by 'ring-refX' where X is between 0 and
  1 << ring-page-order
- if that didn't work then see if there's a single page ring specified by
  'ring-ref'

This incorrect behaviour works most of the time but fails when a frontend
that sets 'ring-page-order' is unloaded and replaced by one that does not
because, instead of reading 'ring-ref', xen-blkback will read the stale
'ring-ref0' left around by the previous frontend will try to map the wrong
grant reference.

This patch restores the original behaviour.

Fixes: 4a8c31a1c6 ("xen/blkback: rework connect_ring() to avoid inconsistent xenstore 'ring-page-order' set by malicious blkfront")
Signed-off-by: Paul Durrant <pdurrant@amazon.com>
Reviewed-by: Dongli Zhang <dongli.zhang@oracle.com>
Reviewed-by: "Roger Pau Monné" <roger.pau@citrix.com>
Link: https://lore.kernel.org/r/20210202175659.18452-1-paul@xen.org
Signed-off-by: Juergen Gross <jgross@suse.com>
2021-04-23 09:34:07 +02:00
..
aoe block: Replace lkml.org links with lore 2021-02-10 20:07:21 -07:00
drbd block: rename BIO_MAX_PAGES to BIO_MAX_VECS 2021-03-11 07:47:48 -07:00
mtip32xx mtip32xx: prefer pcie_capability_read_word() 2021-01-26 13:09:39 -07:00
null_blk null_blk: fix command timeout completion handling 2021-04-01 07:03:46 -06:00
paride block: remove unnecessary argument from blk_execute_rq 2021-01-24 21:52:39 -07:00
rnbd block/rnbd-clt: avoid module unload race with close confirmation 2021-01-08 08:19:18 -07:00
rsxx block: rsxx: fix error return code of rsxx_pci_probe() 2021-03-10 08:25:37 -07:00
xen-blkback xen-blkback: fix compatibility bug with single page rings 2021-04-23 09:34:07 +02:00
zram zram: fix broken page writeback 2021-03-13 11:27:31 -08:00
amiflop.c amiflop: use separate gendisks for Amiga vs MS-DOS mode 2020-11-16 08:14:30 -07:00
ataflop.c ataflop: use a separate gendisk for each media format 2020-11-16 08:14:31 -07:00
brd.c block: store a block_device pointer in struct bio 2021-01-24 18:17:20 -07:00
cryptoloop.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 30 2019-05-24 17:27:10 +02:00
floppy.c module: remove never implemented MODULE_SUPPORTED_DEVICE 2021-03-17 13:16:18 -07:00
Kconfig - added n64 block driver 2021-02-25 12:18:21 -08:00
loop.c block-5.12-2021-02-27 2021-02-28 11:23:38 -08:00
loop.h loop: scale loop device by introducing per device lock 2021-01-26 13:08:54 -07:00
Makefile - added n64 block driver 2021-02-25 12:18:21 -08:00
n64cart.c n64: store dev instance into disk private data 2021-02-21 23:37:52 +01:00
nbd.c nbd: handle device refs for DESTROY_ON_DISCONNECT properly 2021-02-22 13:17:23 -07:00
pktcdvd.c block: remove unnecessary argument from blk_execute_rq 2021-01-24 21:52:39 -07:00
ps3disk.c powerpc/ps3: make system bus's remove and shutdown callbacks return void 2020-12-04 01:01:22 +11:00
ps3vram.c block: store a block_device pointer in struct bio 2021-01-24 18:17:20 -07:00
rbd_types.h libceph, rbd: replace zero-length array with flexible-array 2020-06-01 13:22:53 +02:00
rbd.c rbd: remove the ->set_read_only method 2021-01-24 18:15:57 -07:00
sunvdc.c compat_ioctl: block: handle cdrom compat ioctl in non-cdrom drivers 2020-01-03 09:33:15 +01:00
swim3.c swim3: use bdev_check_media_changed 2020-09-10 09:32:31 -06:00
swim_asm.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
swim.c swim: don't call blk_register_region 2020-11-16 08:14:30 -07:00
sx8.c block: remove unnecessary argument from blk_execute_rq_nowait 2021-01-24 21:52:39 -07:00
umem.c umem: fix error return code in mm_pci_probe() 2021-03-09 13:56:05 -07:00
umem.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 348 2019-06-05 17:37:08 +02:00
virtio_blk.c virtio: features, fixes 2021-02-25 12:21:08 -08:00
xen-blkfront.c xen: branch for v5.11-rc6 2021-01-28 10:08:08 -08:00
xsysace.c xsysace: use platform_get_resource() and platform_get_irq_optional() 2020-10-29 08:22:33 -06:00
z2ram.c z2ram: use separate gendisk for the different modes 2020-11-16 08:14:31 -07:00