aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/block
diff options
context:
space:
mode:
authorAlex Elder <elder@inktank.com>2012-10-20 23:17:27 -0400
committerAlex Elder <elder@inktank.com>2012-10-26 18:18:08 -0400
commitdb2388b6ee40a949084e4cdddc3b0a4357068a62 (patch)
treed73ade991884c9d60a04cb3953e632964ac20fce /drivers/block
parent4634246db8cb2e5117ef7c682efcc383fa3354f8 (diff)
rbd: verify rbd image order value
This adds a verification that an rbd image's object order is within the upper and lower bounds supported by this implementation. It must be at least 9 (SECTOR_SHIFT), because the Linux bio system assumes that minimum granularity. It also must be less than 32 (at the moment anyway) because there exist spots in the code that store the size of a "segment" (object backing an rbd image) in a signed int variable, which can be 32 bits including the sign. We should be able to relax this limit once we've verified the code uses 64-bit types where needed. Note that the CLI tool already limits the order to the range 12-25. Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Diffstat (limited to 'drivers/block')
-rw-r--r--drivers/block/rbd.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
index d0328835bbd9..4734446c3b5b 100644
--- a/drivers/block/rbd.c
+++ b/drivers/block/rbd.c
@@ -533,6 +533,16 @@ static bool rbd_dev_ondisk_valid(struct rbd_image_header_ondisk *ondisk)
533 if (memcmp(&ondisk->text, RBD_HEADER_TEXT, sizeof (RBD_HEADER_TEXT))) 533 if (memcmp(&ondisk->text, RBD_HEADER_TEXT, sizeof (RBD_HEADER_TEXT)))
534 return false; 534 return false;
535 535
536 /* The bio layer requires at least sector-sized I/O */
537
538 if (ondisk->options.order < SECTOR_SHIFT)
539 return false;
540
541 /* If we use u64 in a few spots we may be able to loosen this */
542
543 if (ondisk->options.order > 8 * sizeof (int) - 1)
544 return false;
545
536 /* 546 /*
537 * The size of a snapshot header has to fit in a size_t, and 547 * The size of a snapshot header has to fit in a size_t, and
538 * that limits the number of snapshots. 548 * that limits the number of snapshots.