Message ID | 1670183564-76254-1-git-send-email-mikelley@microsoft.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp1920387wrr; Sun, 4 Dec 2022 11:59:46 -0800 (PST) X-Google-Smtp-Source: AA0mqf7JgQ1yOaPD8WnvebcgB2RCV7ze7naFGEwo1hulqoB5GGGEZC98v0VAcLGGRbZ4vhNJhXPQ X-Received: by 2002:a05:6402:1f85:b0:462:2410:9720 with SMTP id c5-20020a0564021f8500b0046224109720mr26644557edc.84.1670183986505; Sun, 04 Dec 2022 11:59:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1670183986; cv=pass; d=google.com; s=arc-20160816; b=o/MjfTjgelKq9o4q0VTRVwaYaV+GlYu4lHWikRnYrURqjtbRVa2oVJqV9MKPZ4LyuZ sXHwes6H1MDsYCv1ImJ28N+tA/2QiWwPbVzkCe9qpnpPkh/y8ftN6Ea1P3E3w/I8CRpD gNIeQ/4LE26rM8jMBvJMEZWh/IBW/P1iujjAQFk7IR8J6wKAZMkbsh0QhY9v4JdOmuWT Zv4ppWhANWqtSxlyS8ni7hnSNs9SHh5iWG/kZgy2y5VSD1cFQGH5s5hneBvgrGXp2fvT O+nG28Gn3wG/UkCTVgvHOVlgF4KG8TMP3CGv+YpfssSggG+NBD3AOQ30J4jYshezbCX9 Qtqw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:subject:cc:to:from :dkim-signature; bh=zTmxjx4xcwcuYJEz0sqBD/y2s7ZYVVtD+XeJD+G5JTo=; b=BdL9sHCNjugRb/oS32OZn3nCMH2hKiiZI0mwD5t5ZEmpppEAFBn79jtr9QYf8ZKhZj /DoslGHTswEHtUVqOTQ+29CTuZ4hIHl1M+96jwoIFb1o4UHc0/S3DMWAz0P7EI6drejI JrEDlkV/QzFMz+vqxO4yOJ2uyLoVcwmeDNkBl9o0N2xvoLU/NPnfk3IM0274eTMpVeNu SxnBTby98FS7Y5cEDYgmQwpawjNsnH3J9NMYYiO9CbN6xtba4jgJo9ZHF9IlkjQiHMjH JTiMCeLxVrUcmRkteTQc06y7TtPbrqK7pFt33oIUGnT3IYTy+MfereZSH33PfnBKpGGJ nXGA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=d0IKc25Z; arc=pass (i=1 spf=pass spfdomain=microsoft.com dkim=pass dkdomain=microsoft.com dmarc=pass fromdomain=microsoft.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bb8-20020a1709070a0800b0078df1c345dcsi11096912ejc.535.2022.12.04.11.59.17; Sun, 04 Dec 2022 11:59:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=d0IKc25Z; arc=pass (i=1 spf=pass spfdomain=microsoft.com dkim=pass dkdomain=microsoft.com dmarc=pass fromdomain=microsoft.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230315AbiLDTyX (ORCPT <rfc822;jaysivo@gmail.com> + 99 others); Sun, 4 Dec 2022 14:54:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230236AbiLDTyP (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Sun, 4 Dec 2022 14:54:15 -0500 Received: from CO1PR02CU002-vft-obe.outbound.protection.outlook.com (mail-westus2azon11020022.outbound.protection.outlook.com [52.101.46.22]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D374A10FC3; Sun, 4 Dec 2022 11:54:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ljOMk3vhwmALLyy3clSW/TKvzZdrl54kQ0n22j75Y02bMlzMPqiPFMIrJWd2i6JptYvlbKNA0PekFZ8pYukZDSR2H6MEyFZZgrlTyWy1TCKTzFvx/NL3MbEQj/XstCExuxwg+qNdKq+3yL2Axru6l+vjnjdhbL2+0x5B4JTRSpA9QQkpbb2F9DVSZG2KwhMSVPhYANT0ffJVzo9fnEkPVyjv8htNTsaeNYH0Z+N4cF8D2JDvjsmrnhDp8ZJKzh0B2UfzRr/20QWDOF+DCkAQobcPshql1ixDJl3YCWXQPy0nIczmNrmwxHM/AymLAEzg1Eo0rssHr4FEw2juTinIJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zTmxjx4xcwcuYJEz0sqBD/y2s7ZYVVtD+XeJD+G5JTo=; b=HeAuPJQ27opI0tUJ0hEtj/oJVCkXdodunyiKbXWIo6ItAeoK9T2lW+A359vc4AvotMY31lzjW8t0wUsVOKRKI/h4iL125izPRE6CpJdz6v9Gc7oECpF+4VdOADAXA0pBkQEN1SwcA/pmhfsmGvNACP7ekNsoYlKecsamxvQl+aYOkqyMh9YIrTbhmFDRQbyAUt01c22wheIM2QDydXP7UcTvAygKfUHbNCZJCtrRf+NDPe1bsoJoj6QztmhAdKD44H3z8gG75JiYvzaCT1wldYxE2ASDdten3Tfel4vfi6/gnUPgCxnSB0rsvfIp4nnzQDA4U8tCK1muOzUKvcFdPg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zTmxjx4xcwcuYJEz0sqBD/y2s7ZYVVtD+XeJD+G5JTo=; b=d0IKc25ZUU7RPvNeGO0xwgseEFZ6oThsVfjfiRkDnaRjV2iFcCDRxnS81UHeDnzdn/3eePvmoimgPbqT5ZmUz0Hx627UQXtTpF2w3S+KhQwna4Sv+Flm6ZL78DIUroDpXbYhUnZSrbniohYk9RIU1PZhrH5U7bipi8v37TcQDg4= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from DM6PR21MB1370.namprd21.prod.outlook.com (2603:10b6:5:16b::28) by CY5PR21MB3756.namprd21.prod.outlook.com (2603:10b6:930:d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.3; Sun, 4 Dec 2022 19:54:12 +0000 Received: from DM6PR21MB1370.namprd21.prod.outlook.com ([fe80::c3e3:a6ef:232c:299b]) by DM6PR21MB1370.namprd21.prod.outlook.com ([fe80::c3e3:a6ef:232c:299b%8]) with mapi id 15.20.5924.004; Sun, 4 Dec 2022 19:54:12 +0000 From: Michael Kelley <mikelley@microsoft.com> To: kys@microsoft.com, martin.petersen@oracle.com, longli@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, jejb@linux.ibm.com, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, linux-scsi@vger.kernel.org Cc: mikelley@microsoft.com Subject: [PATCH 1/1] scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM Date: Sun, 4 Dec 2022 11:52:44 -0800 Message-Id: <1670183564-76254-1-git-send-email-mikelley@microsoft.com> X-Mailer: git-send-email 1.8.3.1 Content-Type: text/plain X-ClientProxiedBy: MW4PR04CA0390.namprd04.prod.outlook.com (2603:10b6:303:81::35) To DM6PR21MB1370.namprd21.prod.outlook.com (2603:10b6:5:16b::28) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6PR21MB1370:EE_|CY5PR21MB3756:EE_ X-MS-Office365-Filtering-Correlation-Id: 6cbcc5a5-bfe9-4945-62f0-08dad6315045 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: WRAyWa3WZYPCW8jutXcH3AlrqMk/4Wm/dmc43lNKDYb/FOR+MbwpxkDiSEeSc8DRUlFCnKjsv5zjrFBJTSnyMJ+NudK23L7R+eJ0JYzgXUySGxVLoflgd3eE/8D/7poCE9h4yc91MFNXr906+Vmeb/Oln9ryj586Px44+sls54KGYYvJdE9EUojajafOvlH/vRhubVi0Ud7mT4SK5RnHUB55NW4xjs/VB5PUOmOfN2ejW7ulAQAMQaqXSRflI6hKkTS9N7kw4x72UcB4UYWTL+xik6RBROuf59je/e6WPQwyI6fCHAM7Gtm8D4d0o5cbVoUuqm3PFJFRPl8NMRzHVjryPVooKizwr58S+BsdV8iMKkDBDzhjj/R74FYi3t6opzvmrd3ESMBU3oSatQY1uh6bzQc+a3Yjs8zigaHR80HmpXIPTrwfZAZTDe94wlTvSd6A5jGsxkJuuFTdH60iKi6XHWgyt19YLLYSCP+yrjTpE9sQJpHXjk26MdtVQC/+sCgGHaaw7BGcuL33k5k0xgUOvapGPZeUiZZtJsKABU92msGt1lXV6wsPjYcnwORjZe9/fi2ag7zVK0/40ZRjFt3vIWANOr56fD6+4OapniKFnTih1PkLx/kcAUWNCbT3STNsUWOkOkx4qg+U0zih53Jd6nXYoU80/JCopOSJQnwLqeq1Hby1TcIdwFzUJ36pQhn5yovhxoqKo/7mnecLUlyj0CD79QKb2YOu0Gx2KfxH0N5A7VyFQirO3e6XDvPF X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR21MB1370.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(366004)(376002)(39860400002)(136003)(396003)(346002)(451199015)(2906002)(82950400001)(5660300002)(82960400001)(38100700002)(38350700002)(86362001)(83380400001)(186003)(26005)(6512007)(478600001)(107886003)(6666004)(6506007)(10290500003)(6486002)(52116002)(8676002)(66556008)(316002)(4326008)(66476007)(41300700001)(8936002)(2616005)(36756003)(66946007);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: rW6vaa10sCVG+Edgj9tSsRM1nV0oEk7/0j5oIrLyZQ2tAOfk3f5NyXWuGnX8PfkqGCz2IMDKHc6F638CTFuN2phWQ1k67+IpY1AbO7CCLtxD+eBFrdM1pcI7mRRyqofhbQw7pqX/PQ6YuGfdI+74j0GvUkXtV3SWADlnGq9hWTAOKuxyJKZwXl7iie0ri5ZGyL1SCFe7gpD23QPmKxr+zoIl9IQy2lIRKKxyL4WK2SommypMCjGt1nRECvonoQB+ziQoLqA7Ukd1vuEyGmLFhrAUdKwq3gYuzMCWWxKflp5PRwn5cg7lWv5oarm+B4tsgGc47Gf02gkJe2oUlEWS/I1h9YQg4jL343agMh/MCuRInfksnW2MnXaeFN/lMUumlQFoQrRgGMQ5BJElYEgbiJtE7Hqm4oDZUqYTZTBJfDwZr3H/utmZ97HpZJmvF/kUiczyuRHN2IHsDcCbiph5vNo++MW0jrJ/fjZfdyFVWMXnXP+LwuOMaNMXYkglTKAqnp4fT07mcBU1MCX+t7DW0YvlVKLdx0ByYPX0UEBV3thJqJDzC+3YRbEeAY2GmhwTQ3ZJpaF2Kq7r1TrKjRlunN4IvFc6voeWqRfANiaPXEJH8s7ejYP9eqkqdf0n/MMfK45ZYCYKsfyZl20A+vvc3u5kvJvMzhDzcWKQkxJ/5J0j78tYetZBR+WRXKLywoyArp52okHN4cqZD2qDqpsDz76uWvOfjo1iWovZ97JCy0wwUJ+lRusVoN3DvFsRikTWJKnYJuU4SpRXb8aPBdY0EhxyjvFjU02Xi0itu6iXi7aiWIETuTQxbB7+o+K6dkOIvE/+Lz0n9AFD1I0dRyhNSWlw6UrwOTXz5odrIfygarfLPZyqj1lCSix6v48Nm7UU7u7VKjUSzuI3aG0LxUwUr8+BONhWCbyCQK3+/S2PRcumktvlHGcaJW4do4vtHvCTesHtA6b+bfx5LcZLT2MX50qY36tW/XSiim2/VjD1UjnRwSs31Wb9eDWeH1l9YNBZCF8GxZqlAxEG8us/0LcADyIJy0lbwTnuNapSg7qLyR2Br81E98lWOEXvDee19jGQsFAvlkTVfy06XLSoqNDbCvUJSEleOu4G5Mx9Yzyo8WHmuAN676rZ4W/0mI6H/QG95Sak3/A3hDa32/6XQPybEURB004zC1DItrYmAXxL/ysqBbYl+Od7oY0HQk38Eo8LYTxNt1Jo9N4I4LcGmy9N0oF/5TjWnLA1FDVD1i7x2ogaF9vMgx66hwEsV5PSOd4zQsdaZxMy/TjZ97Anj3t01TXBY+f8Wn0V0LfLWipo6EnXB8KVSe9XEnae89L1p/gwuVyC6uFhiTMZX5Wzpc0tdSDYA2/rqr6WdkqY/5tpfU43S0r1ln4fQ9b9aQumKdKVBudZ4urdO2SwzHLbDRZbGq68NmUiGmp6y08UzaZGpf2QFTXUx/ceopBmUuZNjX0n9Re6fTJG893lrYLsIrX5y4vjRDO94MgU9/cWiJ225o4cc/ZzJrpruCjEKeTp+ymjTcucE65kqdf4ua++jorX5Fv7IGqfCsybecIpe5Yz0u+DHsBqRzjqwz3bV44tAKT9 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6cbcc5a5-bfe9-4945-62f0-08dad6315045 X-MS-Exchange-CrossTenant-AuthSource: DM6PR21MB1370.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Dec 2022 19:54:11.7781 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: J3e8OZeyadT5Hl5Dyh29gJENMfmOvKeh/iWJa/BdDmLDWZLxSXORi11uT5TtaaWYr89+OOclBuGmlDyYRpY1dQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR21MB3756 X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1751314843900177951?= X-GMAIL-MSGID: =?utf-8?q?1751314843900177951?= |
Series |
[1/1] scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
|
|
Commit Message
Michael Kelley (LINUX)
Dec. 4, 2022, 7:52 p.m. UTC
storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(),
which in a confidential VM allocates swiotlb bounce buffers. If the
I/O submission fails in storvsc_do_io(), the I/O is typically retried
by higher level code, but the bounce buffer memory is never freed.
The mostly like cause of I/O submission failure is a full VMBus
channel ring buffer, which is not uncommon under high I/O loads.
Eventually enough bounce buffer memory leaks that the confidential
VM can't do any I/O. The same problem can arise in a non-confidential
VM with kernel boot parameter swiotlb=force.
Fix this by doing scsi_dma_unmap() in the case of an I/O submission
error, which frees the bounce buffer memory.
Fixes: 743b237c3a7b ("scsi: storvsc: Add Isolation VM support for storvsc driver")
Signed-off-by: Michael Kelley <mikelley@microsoft.com>
---
drivers/scsi/storvsc_drv.c | 3 +++
1 file changed, 3 insertions(+)
Comments
> From: Michael Kelley (LINUX) <mikelley@microsoft.com> > Sent: Sunday, December 4, 2022 11:53 AM > > storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(), > which in a confidential VM allocates swiotlb bounce buffers. If the > I/O submission fails in storvsc_do_io(), the I/O is typically retried > by higher level code, but the bounce buffer memory is never freed. > The mostly like cause of I/O submission failure is a full VMBus > channel ring buffer, which is not uncommon under high I/O loads. > Eventually enough bounce buffer memory leaks that the confidential > VM can't do any I/O. The same problem can arise in a non-confidential > VM with kernel boot parameter swiotlb=force. > > Fix this by doing scsi_dma_unmap() in the case of an I/O submission > error, which frees the bounce buffer memory. > > Fixes: 743b237c3a7b ("scsi: storvsc: Add Isolation VM support for storvsc > driver") > Signed-off-by: Michael Kelley <mikelley@microsoft.com> > --- Reviewed-by: Dexuan Cui <decui@microsoft.com> Tested-by: Dexuan Cui <decui@microsoft.com> I hope this fix can be included in v6.1.
On 12/5/2022 3:52 AM, Michael Kelley wrote: > storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(), > which in a confidential VM allocates swiotlb bounce buffers. If the > I/O submission fails in storvsc_do_io(), the I/O is typically retried > by higher level code, but the bounce buffer memory is never freed. > The mostly like cause of I/O submission failure is a full VMBus > channel ring buffer, which is not uncommon under high I/O loads. > Eventually enough bounce buffer memory leaks that the confidential > VM can't do any I/O. The same problem can arise in a non-confidential > VM with kernel boot parameter swiotlb=force. > > Fix this by doing scsi_dma_unmap() in the case of an I/O submission > error, which frees the bounce buffer memory. > > Fixes: 743b237c3a7b ("scsi: storvsc: Add Isolation VM support for storvsc driver") > Signed-off-by: Michael Kelley<mikelley@microsoft.com> Nice catch! Thanks to fix this. Reviewed-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
Michael, > storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(), > which in a confidential VM allocates swiotlb bounce buffers. If the > I/O submission fails in storvsc_do_io(), the I/O is typically retried > by higher level code, but the bounce buffer memory is never freed. > The mostly like cause of I/O submission failure is a full VMBus > channel ring buffer, which is not uncommon under high I/O loads. > Eventually enough bounce buffer memory leaks that the confidential > VM can't do any I/O. The same problem can arise in a non-confidential > VM with kernel boot parameter swiotlb=force. Applied to 6.2/scsi-staging, thanks!
diff --git a/drivers/scsi/storvsc_drv.c b/drivers/scsi/storvsc_drv.c index 3c5b7e4..55d6fb4 100644 --- a/drivers/scsi/storvsc_drv.c +++ b/drivers/scsi/storvsc_drv.c @@ -1823,6 +1823,9 @@ static int storvsc_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *scmnd) ret = storvsc_do_io(dev, cmd_request, get_cpu()); put_cpu(); + if (ret) + scsi_dma_unmap(scmnd); + if (ret == -EAGAIN) { /* no more space */ ret = SCSI_MLQUEUE_DEVICE_BUSY;