From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Andreas Hindborg <a.hindborg@samsung.com>,
Ming Lei <ming.lei@redhat.com>, Jens Axboe <axboe@kernel.dk>,
Sasha Levin <sashal@kernel.org>,
dlemoal@kernel.org, hare@suse.de, kch@nvidia.com,
johannes.thumshirn@wdc.com, zhouchengming@bytedance.com,
yanjun.zhu@linux.dev, yukuai3@huawei.com,
shinichiro.kawasaki@wdc.com, linux-block@vger.kernel.org
Subject: [PATCH AUTOSEL 5.10 11/13] null_blk: fix validation of block size
Date: Tue, 18 Jun 2024 08:42:22 -0400 [thread overview]
Message-ID: <20240618124231.3304308-11-sashal@kernel.org> (raw)
In-Reply-To: <20240618124231.3304308-1-sashal@kernel.org>
From: Andreas Hindborg <a.hindborg@samsung.com>
[ Upstream commit c462ecd659b5fce731f1d592285832fd6ad54053 ]
Block size should be between 512 and PAGE_SIZE and be a power of 2. The current
check does not validate this, so update the check.
Without this patch, null_blk would Oops due to a null pointer deref when
loaded with bs=1536 [1].
Link: https://lore.kernel.org/all/87wmn8mocd.fsf@metaspace.dk/
Signed-off-by: Andreas Hindborg <a.hindborg@samsung.com>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Link: https://lore.kernel.org/r/20240603192645.977968-1-nmi@metaspace.dk
[axboe: remove unnecessary braces and != 0 check]
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/block/null_blk/main.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/block/null_blk/main.c b/drivers/block/null_blk/main.c
index 35b390a785dd4..37beb94352728 100644
--- a/drivers/block/null_blk/main.c
+++ b/drivers/block/null_blk/main.c
@@ -1743,8 +1743,8 @@ static int null_validate_conf(struct nullb_device *dev)
return -EINVAL;
}
- dev->blocksize = round_down(dev->blocksize, 512);
- dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096);
+ if (blk_validate_block_size(dev->blocksize))
+ return -EINVAL;
if (dev->queue_mode == NULL_Q_MQ && dev->use_per_node_hctx) {
if (dev->submit_queues != nr_online_nodes)
--
2.43.0
next prev parent reply other threads:[~2024-06-18 12:42 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-18 12:42 [PATCH AUTOSEL 5.10 01/13] scsi: qedf: Set qed_slowpath_params to zero before use Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 02/13] ACPI: EC: Abort address space access upon error Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 03/13] ACPI: EC: Avoid returning AE_OK on errors in address space handler Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 04/13] wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 05/13] wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 06/13] selftests/openat2: Fix build warnings on ppc64 Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 07/13] Input: silead - Always support 10 fingers Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 08/13] net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 09/13] ila: block BH in ila_output() Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 10/13] arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process Sasha Levin
2024-06-18 12:42 ` Sasha Levin [this message]
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 12/13] kconfig: gconf: give a proper initial state to the Save button Sasha Levin
2024-06-18 12:42 ` [PATCH AUTOSEL 5.10 13/13] kconfig: remove wrong expr_trans_bool() Sasha Levin
-- strict thread matches above, loose matches on Subject: below --
2024-06-17 13:26 [PATCH AUTOSEL 5.10 01/13] scsi: qedf: Set qed_slowpath_params to zero before use Sasha Levin
2024-06-17 13:27 ` [PATCH AUTOSEL 5.10 11/13] null_blk: fix validation of block size Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240618124231.3304308-11-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=a.hindborg@samsung.com \
--cc=axboe@kernel.dk \
--cc=dlemoal@kernel.org \
--cc=hare@suse.de \
--cc=johannes.thumshirn@wdc.com \
--cc=kch@nvidia.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ming.lei@redhat.com \
--cc=shinichiro.kawasaki@wdc.com \
--cc=stable@vger.kernel.org \
--cc=yanjun.zhu@linux.dev \
--cc=yukuai3@huawei.com \
--cc=zhouchengming@bytedance.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.