On Sat, Apr 12, 2025 at 08:14:28PM +0900, Rin Okuyama wrote:
> Hi Michael, thanks for kind review!
Hi rin,
> PS
> For ld_sdmmc.c, IIUC, check for ld_sdmmc_dump() yields
>
> ```
> if (blkno + blkcnt - 1 > sc->sc_sf->csd.capacity)
> return EIO;
capacity is the block count, not the last block number. So there
you need to check
if (blkno + blkcnt > sc->sc_sf->csd.capacity)
return EIO;
or
if (blkno + blkcnt - 1 >= sc->sc_sf->csd.capacity)
return EIO;
> If so, shouldn't we take into account b_bcount for ld_sdmmc_dobio()?
> https://nxr.netbsd.org/xref/src/sys/dev/sdmmc/ld_sdmmc.c#458
Yes. It needs to take into account b_bcount.
However, all I/O is already validated before it reaches the driver,
the condition in ld_sdmmc.c will never be met.
Almost all disk drivers use helper routines in sys/dev/dksubr.c.
dk_translate does the validation for regular I/O by calling
bounds_check_with_mediasize() or bounds_check_with_label().
dk_dump does the validation for a dump operation directly
against the disk_geom data.
Greetings,
--
Michael van Elst
Internet: mlel...@serpens.de
"A potential Snark may lurk in every tree."
