From patchwork Thu Jan 19 20:51:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Farman X-Patchwork-Id: 717316 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3v4GJt4B21z9s65 for ; Fri, 20 Jan 2017 07:53:34 +1100 (AEDT) Received: from localhost ([::1]:50878 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cUJi7-0005l9-4X for incoming@patchwork.ozlabs.org; Thu, 19 Jan 2017 15:53:31 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59537) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cUJgQ-0004WY-K8 for qemu-devel@nongnu.org; Thu, 19 Jan 2017 15:51:47 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cUJgM-000840-ML for qemu-devel@nongnu.org; Thu, 19 Jan 2017 15:51:46 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:57469 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cUJgM-00083E-Gx for qemu-devel@nongnu.org; Thu, 19 Jan 2017 15:51:42 -0500 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v0JKhwGv081857 for ; Thu, 19 Jan 2017 15:51:41 -0500 Received: from e06smtp15.uk.ibm.com (e06smtp15.uk.ibm.com [195.75.94.111]) by mx0a-001b2d01.pphosted.com with ESMTP id 2832af5yts-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 19 Jan 2017 15:51:41 -0500 Received: from localhost by e06smtp15.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 19 Jan 2017 20:51:40 -0000 Received: from d06dlp02.portsmouth.uk.ibm.com (9.149.20.14) by e06smtp15.uk.ibm.com (192.168.101.145) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 19 Jan 2017 20:51:36 -0000 Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by d06dlp02.portsmouth.uk.ibm.com (Postfix) with ESMTP id 88DAF219004D; Thu, 19 Jan 2017 20:50:42 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v0JKpaYX7209236; Thu, 19 Jan 2017 20:51:36 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C00ED42042; Thu, 19 Jan 2017 20:51:35 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AEB584203F; Thu, 19 Jan 2017 20:51:35 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Thu, 19 Jan 2017 20:51:35 +0000 (GMT) Received: by tuxmaker.boeblingen.de.ibm.com (Postfix, from userid 4958) id 7F58E20F5CF; Thu, 19 Jan 2017 21:51:35 +0100 (CET) From: Eric Farman To: qemu-devel@nongnu.org, qemu-block@nongnu.org Date: Thu, 19 Jan 2017 21:51:33 +0100 X-Mailer: git-send-email 2.8.4 In-Reply-To: <20170119205134.50112-1-farman@linux.vnet.ibm.com> References: <20170119205134.50112-1-farman@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Content-Scanned: Fidelis XPS MAILER x-cbid: 17011920-0020-0000-0000-000002F645BD X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17011920-0021-0000-0000-0000401925E0 Message-Id: <20170119205134.50112-3-farman@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-01-19_08:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000 definitions=main-1701190254 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 Subject: [Qemu-devel] [PATCH v2 2/3] block: Fix target variable of BLKSECTGET ioctl X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eric Farman , kwolf@redhat.com, mreitz@redhat.com Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Commit 6f607174 introduced a routine to call the kernel BLKSECTGET ioctl, which stores the result back to user space. However, the size of the data returned depends on the routine handling the ioctl. The (compat_)blkdev_ioctl returns a short, while sg_ioctl returns an int. Thus, on big-endian systems, we can find ourselves accidentally shifting the result to a much larger value. (On s390x, a short is 16 bits while an int is 32 bits.) Signed-off-by: Eric Farman --- block/file-posix.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/block/file-posix.c b/block/file-posix.c index 28b47d9..2115155 100644 --- a/block/file-posix.c +++ b/block/file-posix.c @@ -651,12 +651,15 @@ static void raw_reopen_abort(BDRVReopenState *state) state->opaque = NULL; } -static int hdev_get_max_transfer_length(int fd) +static int hdev_get_max_transfer_length(BlockDriverState *bs, int fd) { #ifdef BLKSECTGET int max_sectors = 0; - if (ioctl(fd, BLKSECTGET, &max_sectors) == 0) { + short max_sectors_short = 0; + if (bs->sg && ioctl(fd, BLKSECTGET, &max_sectors) == 0) { return max_sectors; + } else if (!bs->sg && ioctl(fd, BLKSECTGET, &max_sectors_short) == 0) { + return max_sectors_short; } else { return -errno; } @@ -672,7 +675,7 @@ static void raw_refresh_limits(BlockDriverState *bs, Error **errp) if (!fstat(s->fd, &st)) { if (S_ISBLK(st.st_mode)) { - int ret = hdev_get_max_transfer_length(s->fd); + int ret = hdev_get_max_transfer_length(bs, s->fd); if (ret > 0 && ret <= BDRV_REQUEST_MAX_SECTORS) { bs->bl.max_transfer = pow2floor(ret << BDRV_SECTOR_BITS); }