Re: [PATCH] dm pcache: reject mappings larger than backing

Mon, 08 Dec 2025 03:45:10 -0800 


在 12/8/2025 7:25 PM, Li Chen 写道:

Reject pcache targets whose logical size exceeds the backing device.
Prevent oversized tables from issuing IO past the end of the backing,
which may corrupt memory and cause kernel crash.

Signed-off-by: Li Chen <[email protected]>
---
  drivers/md/dm-pcache/dm_pcache.c | 15 +++++++++++++++
  1 file changed, 15 insertions(+)

diff --git a/drivers/md/dm-pcache/dm_pcache.c b/drivers/md/dm-pcache/dm_pcache.c
index e5f5936fa6f0..f72d1ba4b740 100644
--- a/drivers/md/dm-pcache/dm_pcache.c
+++ b/drivers/md/dm-pcache/dm_pcache.c
@@ -199,6 +199,8 @@ static int parse_cache_opts(struct dm_pcache *pcache, 
struct dm_arg_set *as,
  static int pcache_start(struct dm_pcache *pcache, char **error)
  {
        int ret;
+       struct dm_target *ti = pcache->ti;
+       struct pcache_backing_dev *backing_dev;

  
  	ret = cache_dev_start(pcache);

        if (ret) {
@@ -212,6 +214,19 @@ static int pcache_start(struct dm_pcache *pcache, char 
**error)
                goto stop_cache;
        }

  
+	/* Sanity-check: logical size must not exceed backing device size */

+       backing_dev = &pcache->backing_dev;
+       if (ti->len > backing_dev->dev_size) {
+               pcache_dev_err(
+                       pcache,
+                       "backing device too small: logical=%llu sectors, 
backing=%llu sectors",
+                       (unsigned long long)ti->len,
+                       (unsigned long long)backing_dev->dev_size);
+               *error = "Requested mapping exceeds backing device size";
+               ret = -EINVAL;
+               goto stop_backing;
+       }
+




Thanx for your patch, When developing dm-pcache, I considered whether to 
add a check there (for target size vs backing device size). But after 
looking at other existing targets, it seems none of them implement such 
a check, so I wasn't sure there is a requirement; hence I didn't add it 
at that time.



On the other hand, given that the “target size” parameter in the mapping 
table is a generic parameter, if we want such a check, it would be 
better to implement a generic mechanism in the Device-Mapper core 
construction path — provide a hook that allows every target to return a 
“maximum creatable target size”, and then in the core path validate the 
user-provided target size against that max size before creation.



That is just my personal idea; I hope Mikulas can provide more 
information about it.



Thanx


        ret = pcache_cache_start(pcache);
        if (ret) {
                *error = "Failed to start pcache";
























					Reply via email to