Commit ccb8a3c0 authored by Caleb Sander Mateos's avatar Caleb Sander Mateos Committed by Jens Axboe
Browse files

block: validate pi_offset integrity limit 



The PI tuple must be contained within the metadata value, so validate
that pi_offset + pi_tuple_size <= metadata_size. This guards against
block drivers that report invalid pi_offset values.

Signed-off-by: default avatarCaleb Sander Mateos <csander@purestorage.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent c9b5645f

block/blk-settings.c

+3 −4
Original line number Diff line number Diff line
@@ -161,10 +161,9 @@ static int blk_validate_integrity_limits(struct queue_limits *lim) 
		return -EINVAL;

	}



	if (bi->pi_tuple_size > bi->metadata_size) {

		pr_warn("pi_tuple_size (%u) exceeds metadata_size (%u)\n",

			 bi->pi_tuple_size,

			 bi->metadata_size);

	if (bi->pi_offset + bi->pi_tuple_size > bi->metadata_size) {

		pr_warn("pi_offset (%u) + pi_tuple_size (%u) exceeds metadata_size (%u)\n",

			bi->pi_offset, bi->pi_tuple_size, bi->metadata_size);

		return -EINVAL;

	}