RE: [RFC PATCH 1/3] mmc: core: validate user input for RPMB block count

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
> For RPMB, block count is a non-zero 16 bit wide number. Reject invalid
Actually this is not what limits the number of rpmb frames to be read,
As those are not indicated in the block_count field of the rpmb frame,
But in CMD23.
While it is true that by eMMCv52 RPMB_SIZE_MULT max value is 0x80,
Which limits the RPMB are to 16M, or 65535 rpmb frames,
I don't think that it is up to the host to validate the rpmb frame content - 
The device will return the appropriate error should such an error occur.
Also, specs are changing from time to time, so hard-coding 65535 is less appropriate.

> values from userspace instead of just masking the unneeded bits. Tested
> with a modified 'mmc-utils' package.
> 
> Signed-off-by: Wolfram Sang <wsa+renesas@xxxxxxxxxxxxxxxxxxxx>
> ---
>  drivers/mmc/core/block.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c
> index c35b5b08bb33..9e0f7e4aa8c6 100644
> --- a/drivers/mmc/core/block.c
> +++ b/drivers/mmc/core/block.c
> @@ -550,6 +550,9 @@ static int __mmc_blk_ioctl_cmd(struct mmc_card
> *card, struct mmc_blk_data *md,
>  	}
> 
>  	if (idata->rpmb) {
> +		if (data.blocks > 65535 || !data.blocks)
> +			return -EINVAL;
> +

Other than my comment above, this series looks fine to me.

Thanks,
Avri




[Index of Archives]     [Linux Memonry Technology]     [Linux USB Devel]     [Linux Media]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux