git: 7e4ac11b6076 - main - getblkx(9): be more tolerant but also strict with the buffer size checks

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Sat, 02 Mar 2024 05:03:11 UTC
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=7e4ac11b6076e6a9bf7341ddeae22784284ed733

commit 7e4ac11b6076e6a9bf7341ddeae22784284ed733
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-03-02 04:58:57 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-03-02 05:02:55 +0000

    getblkx(9): be more tolerant but also strict with the buffer size checks
    
    It is possible that on-disk filesystem format causes allocation of
    buffers of size larger than maxbcachebuf.  Currently, getblkx() and
    indirectly bufkva_alloc() panic in that situation.
    
    It is more useful to return an error instead, allowing the system to
    continue running.
    
    PR:     277414
    Reported by:    Robert Morris <rtm@lcs.mit.edu>
    MFC after:      1 week
    Sponsored by:   The FreeBSD Foundation
---
 sys/kern/vfs_bio.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/sys/kern/vfs_bio.c b/sys/kern/vfs_bio.c
index 4e0832475c3e..b5466fb2cd53 100644
--- a/sys/kern/vfs_bio.c
+++ b/sys/kern/vfs_bio.c
@@ -3985,9 +3985,11 @@ getblkx(struct vnode *vp, daddr_t blkno, daddr_t dblkno, int size, int slpflag,
 	    ("GB_KVAALLOC only makes sense with GB_UNMAPPED"));
 	if (vp->v_type != VCHR)
 		ASSERT_VOP_LOCKED(vp, "getblk");
-	if (size > maxbcachebuf)
-		panic("getblk: size(%d) > maxbcachebuf(%d)\n", size,
+	if (size > maxbcachebuf) {
+		printf("getblkx: size(%d) > maxbcachebuf(%d)\n", size,
 		    maxbcachebuf);
+		return (EIO);
+	}
 	if (!unmapped_buf_allowed)
 		flags &= ~(GB_UNMAPPED | GB_KVAALLOC);
 
@@ -4161,6 +4163,12 @@ newbuf_unlocked:
 		vmio = vp->v_object != NULL;
 		if (vmio) {
 			maxsize = size + (offset & PAGE_MASK);
+			if (maxsize > maxbcachebuf) {
+				printf(
+			    "getblkx: maxsize(%d) > maxbcachebuf(%d)\n",
+				    maxsize, maxbcachebuf);
+				return (EIO);
+			}
 		} else {
 			maxsize = size;
 			/* Do not allow non-VMIO notmapped buffers. */