From: Jens Axboe <axboe@kernel.dk>
To: Caleb Sander Mateos <csander@purestorage.com>
Cc: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org,
Anuj Gupta <anuj20.g@samsung.com>, Christoph Hellwig <hch@lst.de>
Subject: Re: [PATCH v2 0/3] block: zero non-PI portion of auto integrity buffer
Date: Sat, 10 Jan 2026 10:21:51 -0700 [thread overview]
Message-ID: <cf37342e-c2dc-48c9-a63b-e62fe8e791e4@kernel.dk> (raw)
In-Reply-To: <CADUfDZoacSnJz5FOZQov50k4_nP0sxqxDHYOvDqp1_7KKD8z1A@mail.gmail.com>
On 1/9/26 9:29 AM, Caleb Sander Mateos wrote:
> On Fri, Jan 9, 2026 at 5:57 AM Jens Axboe <axboe@kernel.dk> wrote:
>>
>>
>> On Thu, 08 Jan 2026 10:22:09 -0700, Caleb Sander Mateos wrote:
>>> For block devices capable of storing "opaque" metadata in addition to
>>> protection information, ensure the opaque bytes are initialized by the
>>> block layer's auto integrity generation. Otherwise, the contents of
>>> kernel memory can be leaked via the storage device.
>>> Two follow-on patches simplify the bio_integrity_prep() code a bit.
>>>
>>> v2:
>>> - Clarify commit message (Christoph)
>>> - Split gfp_t cleanup into separate patch (Christoph)
>>> - Add patch simplifying bi_offload_capable()
>>> - Add Reviewed-by tag
>>>
>>> [...]
>>
>> Applied, thanks!
>>
>> [1/3] block: zero non-PI portion of auto integrity buffer
>> commit: eaa33937d509197cd53bfbcd14247d46492297a3
>
> Hi Jens,
> I see the patches were applied to for-7.0/block. But I would argue the
> first patch makes sense for 6.19, as being able to leak the contents
> of kernel heap memory is pretty concerning. Block devices that support
> metadata_size > pi_tuple_size aren't super widespread, but they do
> exist (looking at a Samsung NVMe device that supports 64-byte metadata
> right now).
Good point, let me see if I can reshuffle it a bit. In the future, would
be nice with these split, particularly if they don't have any real
dependencies. I'll shift 1/3 to block-6.19.
--
Jens Axboe
next prev parent reply other threads:[~2026-01-10 17:21 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-08 17:22 [PATCH v2 0/3] block: zero non-PI portion of auto integrity buffer Caleb Sander Mateos
2026-01-08 17:22 ` [PATCH v2 1/3] " Caleb Sander Mateos
2026-01-09 5:51 ` Christoph Hellwig
2026-01-08 17:22 ` [PATCH v2 2/3] block: replace gfp_t with bool in bio_integrity_prep() Caleb Sander Mateos
2026-01-08 22:28 ` Anuj gupta
2026-01-09 5:52 ` Christoph Hellwig
2026-01-08 17:22 ` [PATCH v2 3/3] block: use pi_tuple_size in bi_offload_capable() Caleb Sander Mateos
2026-01-08 22:39 ` Anuj gupta
2026-01-09 5:53 ` Christoph Hellwig
2026-01-08 21:37 ` [PATCH v2 0/3] block: zero non-PI portion of auto integrity buffer Martin K. Petersen
2026-01-09 13:57 ` Jens Axboe
2026-01-09 16:29 ` Caleb Sander Mateos
2026-01-10 17:21 ` Jens Axboe [this message]
2026-01-10 17:28 ` Jens Axboe
2026-01-10 20:05 ` Caleb Sander Mateos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cf37342e-c2dc-48c9-a63b-e62fe8e791e4@kernel.dk \
--to=axboe@kernel.dk \
--cc=anuj20.g@samsung.com \
--cc=csander@purestorage.com \
--cc=hch@lst.de \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox