On 6/27/23 02:10, Min Li wrote:
> Before calling add partition or resize partition, there is no check
> on whether the length is aligned with the logical block size.
> If the logical block size of the disk is larger than 512 bytes,
> then the partition size maybe not the multiple of the logical block size,
> and when the last sector is read, bio_truncate() will adjust the bio size,
> resulting in an IO error if the size of the read command is smaller than
> the logical block size.If integrity data is supported, this will also
> result in a null pointer dereference when calling bio_integrity_free.
>
> Signed-off-by: Min Li <min15.li@xxxxxxxxxxx>
> ---
> block/ioctl.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/block/ioctl.c b/block/ioctl.c
> index 9c5f637ff153..aa95b5561169 100644
> --- a/block/ioctl.c
> +++ b/block/ioctl.c
> @@ -35,6 +35,9 @@ static int blkpg_do_ioctl(struct block_device *bdev,
>
> start = p.start >> SECTOR_SHIFT;
> length = p.length >> SECTOR_SHIFT;
> + /*check if length is aligned to blocksize*/
Please add a space after /* and before */.
> + if (p.length & (bdev_logical_block_size(bdev) - 1))
> + return -EINVAL;
I would move this check before the "start = ...;" And while at it, I would also
move the check for p.start being aligned out of the "case BLKPG_ADD_PARTITION:"
together with this length alignment check. The p.start check is not needed for
BLKPG_RESIZE_PARTITION, but it will not hurt either.
>
> switch (op) {
> case BLKPG_ADD_PARTITION:
--
Damien Le Moal
Western Digital Research
