nvme: reject invalid pr_read_keys() num_keys values - kernel

diff options

author	Stefan Hajnoczi <stefanha@redhat.com>	2025-12-01 16:43:27 -0500
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2026-03-13 17:20:44 +0100
commit	a0167a4984ca0ac4195e869b157f22e2e54d2f68 (patch)
tree	08b9a947fa7ba8f4ce21d67fa446ad2fd0e2b609 /certs
parent	549b68ba830ff0c5bc848179ddf7ccce582842b4 (diff)

nvme: reject invalid pr_read_keys() num_keys values

[ Upstream commit 38ec8469f39e0e96e7dd9b76f05e0f8eb78be681 ] The pr_read_keys() interface has a u32 num_keys parameter. The NVMe Reservation Report command has a u32 maximum length. Reject num_keys values that are too large to fit. This will become important when pr_read_keys() is exposed to untrusted userspace via an <linux/pr.h> ioctl. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Hannes Reinecke <hare@suse.de> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> Stable-dep-of: c3320153769f ("nvme: fix memory allocation in nvme_pr_read_keys()") Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'certs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: