| Message ID | 20240601202351.691952-1-nmi@metaspace.dk (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | null_blk: fix validation of block size | expand |
On 01/06/2024 21:23, Andreas Hindborg wrote: > From: Andreas Hindborg <a.hindborg@samsung.com> > > Block size should be between 512 >and 4096 Or PAGE_SIZE? and be a power of 2. The current > check does not validate this, so update the check. > > Without this patch, null_blk would Oops due to a null pointer deref when > loaded with bs=1536 [1]. > > Link: https://urldefense.com/v3/__https://lore.kernel.org/all/87wmn8mocd.fsf@metaspace.dk/__;!!ACWV5N9M2RV99hQ!OWXI3DGxeIAWvKfM5oVSiA5fTWmiRvUctIdVrcBcKnO_HF-vgkarVfd27jkvQ1-JjNgX5IFIvBWcsUttvg$ > > Signed-off-by: Andreas Hindborg <a.hindborg@samsung.com> > --- > drivers/block/null_blk/main.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/drivers/block/null_blk/main.c b/drivers/block/null_blk/main.c > index eb023d267369..6a26888c52bb 100644 > --- a/drivers/block/null_blk/main.c > +++ b/drivers/block/null_blk/main.c > @@ -1823,8 +1823,10 @@ static int null_validate_conf(struct nullb_device *dev) > dev->queue_mode = NULL_Q_MQ; > } > > - dev->blocksize = round_down(dev->blocksize, 512); > - dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096); > + if ((dev->blocksize < 512 || dev->blocksize > 4096) || > + ((dev->blocksize & (dev->blocksize - 1)) != 0)) { > + return -EINVAL; > + } Looks like blk_validate_block_size(), modulo PAGE_SIZE check > > if (dev->use_per_node_hctx) { > if (dev->submit_queues != nr_online_nodes) > > base-commit: 1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0
On 6/2/24 19:57, John Garry wrote: > On 01/06/2024 21:23, Andreas Hindborg wrote: >> From: Andreas Hindborg <a.hindborg@samsung.com> >> >> Block size should be between 512 > > >> and 4096 > > Or PAGE_SIZE? PAGE_SIZE can be larger than 4096. But most drives are 512 or 4096 LBA-sized. > > and be a power of 2. The current >> check does not validate this, so update the check. >> >> Without this patch, null_blk would Oops due to a null pointer deref when >> loaded with bs=1536 [1]. >> >> Link: https://urldefense.com/v3/__https://lore.kernel.org/all/87wmn8mocd.fsf@metaspace.dk/__;!!ACWV5N9M2RV99hQ!OWXI3DGxeIAWvKfM5oVSiA5fTWmiRvUctIdVrcBcKnO_HF-vgkarVfd27jkvQ1-JjNgX5IFIvBWcsUttvg$ >> >> Signed-off-by: Andreas Hindborg <a.hindborg@samsung.com> >> --- >> drivers/block/null_blk/main.c | 6 ++++-- >> 1 file changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/drivers/block/null_blk/main.c b/drivers/block/null_blk/main.c >> index eb023d267369..6a26888c52bb 100644 >> --- a/drivers/block/null_blk/main.c >> +++ b/drivers/block/null_blk/main.c >> @@ -1823,8 +1823,10 @@ static int null_validate_conf(struct nullb_device *dev) >> dev->queue_mode = NULL_Q_MQ; >> } >> >> - dev->blocksize = round_down(dev->blocksize, 512); >> - dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096); >> + if ((dev->blocksize < 512 || dev->blocksize > 4096) || >> + ((dev->blocksize & (dev->blocksize - 1)) != 0)) { >> + return -EINVAL; >> + } > > Looks like blk_validate_block_size(), modulo PAGE_SIZE check Not PAGE_SIZE... > >> >> if (dev->use_per_node_hctx) { >> if (dev->submit_queues != nr_online_nodes) >> >> base-commit: 1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0 > >
John Garry <john.g.garry@oracle.com> writes: > On 01/06/2024 21:23, Andreas Hindborg wrote: >> From: Andreas Hindborg <a.hindborg@samsung.com> >> Block size should be between 512 > > >>and 4096 > > Or PAGE_SIZE? Right
On 03/06/2024 00:59, Damien Le Moal wrote: > On 6/2/24 19:57, John Garry wrote: >> On 01/06/2024 21:23, Andreas Hindborg wrote: >>> From: Andreas Hindborg<a.hindborg@samsung.com> >>> >>> Block size should be between 512 >> >>> and 4096 >> Or PAGE_SIZE? > PAGE_SIZE can be larger than 4096. But most drives are 512 or 4096 LBA-sized. Sure, but maybe someone wants larger than 4096, like the LBS support. Having said that, is there LBS support for nullb? I don't think so. I assume that PAGE_SIZE or 4096 limit would need to go for that. Cheers, John
On 6/1/24 13:23, Andreas Hindborg wrote:
> + ((dev->blocksize & (dev->blocksize - 1)) != 0)) {
Please use is_power_of_2() instead of open-coding it.
Bart.
On 6/2/24 16:59, Damien Le Moal wrote: > On 6/2/24 19:57, John Garry wrote: >> On 01/06/2024 21:23, Andreas Hindborg wrote: >>> From: Andreas Hindborg <a.hindborg@samsung.com> >>> >>> Block size should be between 512 >>> and 4096 >> >> Or PAGE_SIZE? > > PAGE_SIZE can be larger than 4096. But most drives are 512 or 4096 LBA-sized. null_blk is not a physical device. Hence, why not to use blk_validate_block_size() here? Thanks, Bart.
diff --git a/drivers/block/null_blk/main.c b/drivers/block/null_blk/main.c index eb023d267369..6a26888c52bb 100644 --- a/drivers/block/null_blk/main.c +++ b/drivers/block/null_blk/main.c @@ -1823,8 +1823,10 @@ static int null_validate_conf(struct nullb_device *dev) dev->queue_mode = NULL_Q_MQ; } - dev->blocksize = round_down(dev->blocksize, 512); - dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096); + if ((dev->blocksize < 512 || dev->blocksize > 4096) || + ((dev->blocksize & (dev->blocksize - 1)) != 0)) { + return -EINVAL; + } if (dev->use_per_node_hctx) { if (dev->submit_queues != nr_online_nodes)