| Message ID | 1464173965-9694-1-git-send-email-eblake@redhat.com |
|---|---|
| State | New |
| Headers | show |
On 05/25/2016 04:59 AM, Eric Blake wrote: > Similar to commit df7b97ff, we are mishandling clients that > give an unaligned NBD_CMD_TRIM request, and potentially > trimming bytes that occur before their request; which in turn > can cause potential unintended data loss (unlikely in > practice, since most clients are sane and issue aligned trim > requests). However, while we fixed read and write by switching > to the byte interfaces of blk_, we don't yet have a byte > interface for discard. On the other hand, trim is advisory, so > rounding the user's request to simply ignore the first and last > unaligned sectors (or the entire request, if it is sub-sector > in length) is just fine. > > CC: qemu-stable@nongnu.org > Signed-off-by: Eric Blake <eblake@redhat.com> > --- > > v2: don't underflow request.len on sub-sector requests > > nbd/server.c | 20 ++++++++++++++------ > 1 file changed, 14 insertions(+), 6 deletions(-) > > diff --git a/nbd/server.c b/nbd/server.c > index fa862cd..b2cfeb9 100644 > --- a/nbd/server.c > +++ b/nbd/server.c > @@ -1153,12 +1153,20 @@ static void nbd_trip(void *opaque) > break; > case NBD_CMD_TRIM: > TRACE("Request type is TRIM"); > - ret = blk_co_discard(exp->blk, (request.from + exp->dev_offset) > - / BDRV_SECTOR_SIZE, > - request.len / BDRV_SECTOR_SIZE); > - if (ret < 0) { > - LOG("discard failed"); > - reply.error = -ret; > + /* Ignore unaligned head or tail, until block layer adds byte > + * interface */ > + if (request.len >= BDRV_SECTOR_SIZE) { > + request.len -= (request.from + request.len) % BDRV_SECTOR_SIZE; > + ret = blk_co_discard(exp->blk, > + DIV_ROUND_UP(request.from + exp->dev_offset, > + BDRV_SECTOR_SIZE), > + request.len / BDRV_SECTOR_SIZE); This can end up calling blk_co_discard(, , 0) - do we need to audit whether all underlying drivers handle a 0-length request, and/or special-case this in blk_co_discard() to be an explicit no-op?
Am 25.05.2016 um 13:25 hat Eric Blake geschrieben: > On 05/25/2016 04:59 AM, Eric Blake wrote: > > + /* Ignore unaligned head or tail, until block layer adds byte > > + * interface */ > > + if (request.len >= BDRV_SECTOR_SIZE) { > > + request.len -= (request.from + request.len) % BDRV_SECTOR_SIZE; > > + ret = blk_co_discard(exp->blk, > > + DIV_ROUND_UP(request.from + exp->dev_offset, > > + BDRV_SECTOR_SIZE), > > + request.len / BDRV_SECTOR_SIZE); > > This can end up calling blk_co_discard(, , 0) - do we need to audit > whether all underlying drivers handle a 0-length request, and/or > special-case this in blk_co_discard() to be an explicit no-op? Auditing shouldn't be too hard as we don't have many drivers that support the operation in the first place. In any case, it might be useful to add a qemu-iotest case that tries all kinds of operations with a zero length. Kevin
diff --git a/nbd/server.c b/nbd/server.c index fa862cd..b2cfeb9 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -1153,12 +1153,20 @@ static void nbd_trip(void *opaque) break; case NBD_CMD_TRIM: TRACE("Request type is TRIM"); - ret = blk_co_discard(exp->blk, (request.from + exp->dev_offset) - / BDRV_SECTOR_SIZE, - request.len / BDRV_SECTOR_SIZE); - if (ret < 0) { - LOG("discard failed"); - reply.error = -ret; + /* Ignore unaligned head or tail, until block layer adds byte + * interface */ + if (request.len >= BDRV_SECTOR_SIZE) { + request.len -= (request.from + request.len) % BDRV_SECTOR_SIZE; + ret = blk_co_discard(exp->blk, + DIV_ROUND_UP(request.from + exp->dev_offset, + BDRV_SECTOR_SIZE), + request.len / BDRV_SECTOR_SIZE); + if (ret < 0) { + LOG("discard failed"); + reply.error = -ret; + } + } else { + TRACE("trim request too small, ignoring"); } if (nbd_co_send_reply(req, &reply, 0) < 0) { goto out;
Similar to commit df7b97ff, we are mishandling clients that give an unaligned NBD_CMD_TRIM request, and potentially trimming bytes that occur before their request; which in turn can cause potential unintended data loss (unlikely in practice, since most clients are sane and issue aligned trim requests). However, while we fixed read and write by switching to the byte interfaces of blk_, we don't yet have a byte interface for discard. On the other hand, trim is advisory, so rounding the user's request to simply ignore the first and last unaligned sectors (or the entire request, if it is sub-sector in length) is just fine. CC: qemu-stable@nongnu.org Signed-off-by: Eric Blake <eblake@redhat.com> --- v2: don't underflow request.len on sub-sector requests nbd/server.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-)