Keith Busch <kbusch@xxxxxxxxxx> writes:
> On Sat, Jun 01, 2024 at 05:36:20PM +0200, Andreas Hindborg wrote:
>> Keith Busch <kbusch@xxxxxxxxxx> writes:
>>
>> > On Sat, Jun 01, 2024 at 03:40:04PM +0200, Andreas Hindborg wrote:
>> >> +impl kernel::Module for NullBlkModule {
>> >> + fn init(_module: &'static ThisModule) -> Result<Self> {
>> >> + pr_info!("Rust null_blk loaded\n");
>> >> + let tagset = Arc::pin_init(TagSet::try_new(1, 256, 1), flags::GFP_KERNEL)?;
>> >> +
>> >> + let disk = {
>> >> + let block_size: u16 = 4096;
>> >> + if block_size % 512 != 0 || !(512..=4096).contains(&block_size) {
>> >> + return Err(kernel::error::code::EINVAL);
>> >> + }
>> >
>> > You've set block_size to the literal 4096, then validate its value
>> > immediately after? Am I missing some way this could ever be invalid?
>>
>> Good catch. It is because I have a patch in the outbound queue that allows setting
>> the block size via a module parameter. The module parameter patch is not
>> upstream yet. Once I have that up, I will send the patch with the block
>> size config.
>>
>> Do you think it is OK to have this redundancy? It would only be for a
>> few cycles.
>
> It's fine, just wondering why it's there. But it also allows values like
> 1536 and 3584, which are not valid block sizes, so I think you want the
> check to be:
>
> if !(512..=4096).contains(&block_size) || ((block_size & (block_size - 1)) != 0)
Right, that makes sense. I modeled it after the C null_blk validation
code in `null_validate_conf`. It contains this:
dev->blocksize = round_down(dev->blocksize, 512);
dev->blocksize = clamp_t(unsigned int, dev->blocksize, 512, 4096);
That would have the same semantics, right? I guess I'll try to make a
device with a 1536 block size and see what happens.
BR Andreas
