summary refs log tree commit diff
path: root/seccomp/arm
diff options
context:
space:
mode:
authorDaniel Verkamp <dverkamp@chromium.org>2019-01-31 10:20:30 -0800
committerchrome-bot <chrome-bot@chromium.org>2019-01-31 22:33:03 -0800
commit5329be3634547fe383aff7981854484088e6a622 (patch)
tree7742cae71e195b5a93292275647dea76c44adc67 /seccomp/arm
parentc14f2ec270156af82d2093995444c2ac7f70baaa (diff)
downloadcrosvm-5329be3634547fe383aff7981854484088e6a622.tar
crosvm-5329be3634547fe383aff7981854484088e6a622.tar.gz
crosvm-5329be3634547fe383aff7981854484088e6a622.tar.bz2
crosvm-5329be3634547fe383aff7981854484088e6a622.tar.lz
crosvm-5329be3634547fe383aff7981854484088e6a622.tar.xz
crosvm-5329be3634547fe383aff7981854484088e6a622.tar.zst
crosvm-5329be3634547fe383aff7981854484088e6a622.zip
devices: block: add bounds checks
As reported by the Firecracker team, the block device model doesn't
check if an I/O request starts before the end of the disk but extends
beyond it.  For writes to disks backed by raw files, this could end up
unintentionally extending the size of the disk.

Add bounds checks to the request execution path to catch these
out-of-bounds I/Os and fail them.  While we're here, fix a few other
minor issues: only seek for read and write requests (the 'sector' field
of the request should be ignored for flush, write zeroes, and discard),
and check for overflow when performing the shifts to convert from
sectors to bytes.

BUG=chromium:927393
TEST=cargo test -p devices block

Change-Id: I0dd19299d03a4f0716093091f173a5c507529963
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1448852
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'seccomp/arm')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-23 20:29:46 +0000