If io command result is bigger than request bytes, truncate it to request bytes. This way is more reliable, and avoids potential risk, even though both blk_update_request() and ublk_copy_user_pages() works fine in this way. Signed-off-by: Ming Lei <ming.lei@xxxxxxxxxx> --- drivers/block/ublk_drv.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c index 6fa1384c6436..acb6aed7be75 100644 --- a/drivers/block/ublk_drv.c +++ b/drivers/block/ublk_drv.c @@ -1071,6 +1071,10 @@ static inline void __ublk_complete_rq(struct request *req) goto exit; } + /* truncate result in case it is bigger than request bytes */ + if (io->res > blk_rq_bytes(req)) + io->res = blk_rq_bytes(req); + /* * FLUSH, DISCARD or WRITE_ZEROES usually won't return bytes returned, so end them * directly. -- 2.47.0
