block: validate pi_offset integrity limit

calebsander · gregkh · commit 530ec35c211e · 2026-01-17T16:35:33.000+01:00
[ Upstream commit ccb8a3c ] The PI tuple must be contained within the metadata value, so validate that pi_offset + pi_tuple_size <= metadata_size. This guards against block drivers that report invalid pi_offset values. Signed-off-by: Caleb Sander Mateos <csander@purestorage.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Sasha Levin <sashal@kernel.org>
diff --git a/block/blk-settings.c b/block/blk-settings.c
@@ -148,10 +148,9 @@ static int blk_validate_integrity_limits(struct queue_limits *lim)
 		return -EINVAL;
 	}
 
-	if (bi->pi_tuple_size > bi->metadata_size) {
-		pr_warn("pi_tuple_size (%u) exceeds metadata_size (%u)\n",
-			 bi->pi_tuple_size,
-			 bi->metadata_size);
+	if (bi->pi_offset + bi->pi_tuple_size > bi->metadata_size) {
+		pr_warn("pi_offset (%u) + pi_tuple_size (%u) exceeds metadata_size (%u)\n",
+			bi->pi_offset, bi->pi_tuple_size, bi->metadata_size);
 		return -EINVAL;
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -148,10 +148,9 @@ static int blk_validate_integrity_limits(struct queue_limits *lim)`
`148`	`148`	`return -EINVAL;`
`149`	`149`	`}`
`150`	`150`
`151`		`- if (bi->pi_tuple_size > bi->metadata_size) {`
`152`		`- pr_warn("pi_tuple_size (%u) exceeds metadata_size (%u)\n",`
`153`		`- bi->pi_tuple_size,`
`154`		`- bi->metadata_size);`
	`151`	`+ if (bi->pi_offset + bi->pi_tuple_size > bi->metadata_size) {`
	`152`	`+ pr_warn("pi_offset (%u) + pi_tuple_size (%u) exceeds metadata_size (%u)\n",`
	`153`	`+ bi->pi_offset, bi->pi_tuple_size, bi->metadata_size);`
`155`	`154`	`return -EINVAL;`
`156`	`155`	`}`
`157`	`156`