From nobody Fri Aug  4 23:43:07 2023
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RHj2N0zMZz4mFc7;
	Fri,  4 Aug 2023 23:43:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RHj2M6z4Rz3LX4;
	Fri,  4 Aug 2023 23:43:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1691192588;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iqyPQ7U4u8pnFqthmNlwjmGp/vpNF9nVDlmFc+aU9kM=;
	b=MJs1EWlOSqp+ijHXFP9qnrO0Vk3xsLzm/i/gPvRt58YhieDYIQp1fXEQmpwEMyv4adaL6i
	nKrDcHmmooeJ1k1mzkSbDVSQMp8wR+EKhtNMNG5ljuVwV2CsEDPPPPKJcTfr9jr1Uif8t7
	D+GZj8yXwiQ8hubjqLh2lTe+DqDxQbY1eLYx2MqPcjJxNO7AaI/ojjU1vQTPQUC6weohmo
	kChU889Cz+FEUblypqDASieh+QYsZXuBeZ8/YShAwG+P9aO9Xfcq6QyZZ2HScc7fFLAoGA
	AxXLmVqpjYX0DTILGeUilHRYX87nKtr6UMWhuPldlHxu8xX0gwQ+Lt0LsXLCZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1691192588;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iqyPQ7U4u8pnFqthmNlwjmGp/vpNF9nVDlmFc+aU9kM=;
	b=naJYG8SkIUMI/y4MfeXWU+6sSbVX/1Al9p5gCKzNx89Uf1O0GBGofhC3YAxRu1ivYDtElK
	OCkfXFA0ca95haLuud/Fg1reB5Woy3hvzz0DTUVeL7HWUtmmHsp9oW5chcu8CjvSQR1Ya2
	fsEZP7GUc/+WrIVWqL6rqLTjQvNzup1NfcnxsC8MHqC479AkyTj8I9BjClvRm0BzAlzPiA
	hMVQy6eDe/YcD+2QVxvYjGb9ks0Sqx1blGAAqd93zZ0LzsPWtQIpobRWGGjTcM2d4OEv79
	wGnBAV2BY0cbxlgaGTdAW4sJ6ghlKZLUJUkn4aTZ9jEsaGdt8UAPxh82XRLkSQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1691192588; a=rsa-sha256; cv=none;
	b=noIrniTHgycz8x6cwk+WmKv7XoOwU+5tzwFckb4fl5ICgD0RW8PKAqM++j9KF5iSmyrqmQ
	opgd50tEcXRzqpqymDnZYYWk6mw9w2PP7QqUQXx2Rty4aYgMcBQmdcDnZDtRN9ixf6bLbV
	a/CcjHfQmV06mohVM9svKIYH6byTFZTRqw9nxATEJNqEu0NkuS0djM2OaGTtzKDhYxl5TJ
	qBxqyym80bat8bdIFwFUpHSu+uOCADDNsasmClxfSalmjUSFbmho37u8rp4QsEYSaTnUwJ
	2KnScxyP9G58KKHyYpVcRaQyL6VGITlzacm57KcxvIBw2R3c9MsMGGtscb5tbQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RHj2M5ml0z1M09;
	Fri,  4 Aug 2023 23:43:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 374Nh7jT059183;
	Fri, 4 Aug 2023 23:43:07 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 374Nh7OR059182;
	Fri, 4 Aug 2023 23:43:07 GMT
	(envelope-from git)
Date: Fri, 4 Aug 2023 23:43:07 GMT
Message-Id: <202308042343.374Nh7OR059182@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 4c89c0127dca - main - g_raid concat: Fail requests to read beyond the end of the volume
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 4c89c0127dcadaa0d337c23d028f3fea5e76317a
Auto-Submitted: auto-generated

The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=4c89c0127dcadaa0d337c23d028f3fea5e76317a

commit 4c89c0127dcadaa0d337c23d028f3fea5e76317a
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2023-08-04 23:41:05 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2023-08-04 23:41:05 +0000

    g_raid concat: Fail requests to read beyond the end of the volume
    
    Previously a debug kernel would trigger an assertion failure if an I/O
    request attempted to read off the end of a concat volume, but a
    non-debug kernel would use an invalid sub-disk to try to complete the
    request eventually resulting in some sort of fault in the kernel.
    
    Instead, turn the assertions into explicit checks that fail requests
    beyond the end of the volume with EIO.  For requests which run over
    the end of the volume, return a short request.
    
    PR:             257838
    Reported by:    Robert Morris <rtm@lcs.mit.edu>
    Reviewed by:    emaste
    MFC after:      1 week
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D41222
---
 sys/geom/raid/tr_concat.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/sys/geom/raid/tr_concat.c b/sys/geom/raid/tr_concat.c
index eac62b3171d2..632501f323cd 100644
--- a/sys/geom/raid/tr_concat.c
+++ b/sys/geom/raid/tr_concat.c
@@ -240,8 +240,10 @@ g_raid_tr_iostart_concat(struct g_raid_tr_object *tr, struct bio *bp)
 		offset -= vol->v_subdisks[no].sd_size;
 		no++;
 	}
-	KASSERT(no < vol->v_disks_count,
-	    ("Request starts after volume end (%ju)", bp->bio_offset));
+	if (no >= vol->v_disks_count) {
+		g_raid_iodone(bp, EIO);
+		return;
+	}
 	bioq_init(&queue);
 	do {
 		sd = &vol->v_subdisks[no];
@@ -267,10 +269,8 @@ g_raid_tr_iostart_concat(struct g_raid_tr_object *tr, struct bio *bp)
 			addr += length;
 		offset = 0;
 		no++;
-		KASSERT(no < vol->v_disks_count || remain == 0,
-		    ("Request ends after volume end (%ju, %ju)",
-			bp->bio_offset, bp->bio_length));
-	} while (remain > 0);
+	} while (remain > 0 && no < vol->v_disks_count);
+	bp->bio_completed = bp->bio_length - remain;
 	while ((cbp = bioq_takefirst(&queue)) != NULL) {
 		sd = cbp->bio_caller1;
 		cbp->bio_caller1 = NULL;
@@ -308,8 +308,8 @@ g_raid_tr_kerneldump_concat(struct g_raid_tr_object *tr, void *virtual,
 		offset -= vol->v_subdisks[no].sd_size;
 		no++;
 	}
-	KASSERT(no < vol->v_disks_count,
-	    ("Request starts after volume end (%ju)", boffset));
+	if (no >= vol->v_disks_count)
+		return (EIO);
 	do {
 		sd = &vol->v_subdisks[no];
 		length = MIN(sd->sd_size - offset, remain);
@@ -321,10 +321,9 @@ g_raid_tr_kerneldump_concat(struct g_raid_tr_object *tr, void *virtual,
 		addr += length;
 		offset = 0;
 		no++;
-		KASSERT(no < vol->v_disks_count || remain == 0,
-		    ("Request ends after volume end (%ju, %zu)",
-			boffset, blength));
-	} while (remain > 0);
+	} while (remain > 0 && no < vol->v_disks_count);
+	if (remain > 0)
+		return (EIO);
 	return (0);
 }
 
@@ -340,7 +339,6 @@ g_raid_tr_iodone_concat(struct g_raid_tr_object *tr,
 	g_destroy_bio(bp);
 	pbp->bio_inbed++;
 	if (pbp->bio_children == pbp->bio_inbed) {
-		pbp->bio_completed = pbp->bio_length;
 		g_raid_iodone(pbp, pbp->bio_error);
 	}
 }