[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6 28/42] nvme: verify validity of prp lists in the cmb
From: |
Maxim Levitsky |
Subject: |
Re: [PATCH v6 28/42] nvme: verify validity of prp lists in the cmb |
Date: |
Wed, 25 Mar 2020 12:56:29 +0200 |
On Mon, 2020-03-16 at 07:29 -0700, Klaus Jensen wrote:
> From: Klaus Jensen <address@hidden>
>
> Before this patch the device already supported this, but it did not
> check for the validity of it nor announced the support in the LISTS
> field.
>
> If some of the PRPs in a PRP list are in the CMB, then ALL entries must
> be there. This patch makes sure that is verified as well as properly
> announcing support for PRP lists in the CMB.
>
> Signed-off-by: Klaus Jensen <address@hidden>
> ---
> hw/block/nvme.c | 14 +++++++++++++-
> 1 file changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/hw/block/nvme.c b/hw/block/nvme.c
> index 850087aac967..eecfad694bf8 100644
> --- a/hw/block/nvme.c
> +++ b/hw/block/nvme.c
> @@ -210,6 +210,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList
> *qsg, QEMUIOVector *iov,
> trans_len = MIN(len, trans_len);
> int num_prps = (len >> n->page_bits) + 1;
> uint16_t status;
> + bool prp_list_in_cmb = false;
>
> trace_nvme_dev_map_prp(nvme_cid(req), trans_len, len, prp1, prp2,
> num_prps);
> @@ -237,11 +238,16 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList
> *qsg, QEMUIOVector *iov,
> status = NVME_INVALID_FIELD | NVME_DNR;
> goto unmap;
> }
> +
> if (len > n->page_size) {
> uint64_t prp_list[n->max_prp_ents];
> uint32_t nents, prp_trans;
> int i = 0;
>
> + if (nvme_addr_is_cmb(n, prp2)) {
> + prp_list_in_cmb = true;
> + }
> +
> nents = (len + n->page_size - 1) >> n->page_bits;
> prp_trans = MIN(n->max_prp_ents, nents) * sizeof(uint64_t);
> nvme_addr_read(n, prp2, (void *)prp_list, prp_trans);
> @@ -255,6 +261,11 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList
> *qsg, QEMUIOVector *iov,
> goto unmap;
> }
>
> + if (prp_list_in_cmb != nvme_addr_is_cmb(n, prp_ent)) {
> + status = NVME_INVALID_USE_OF_CMB | NVME_DNR;
> + goto unmap;
> + }
> +
> i = 0;
> nents = (len + n->page_size - 1) >> n->page_bits;
> prp_trans = MIN(n->max_prp_ents, nents) *
> sizeof(uint64_t);
> @@ -274,6 +285,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList
> *qsg, QEMUIOVector *iov,
> if (status) {
> goto unmap;
> }
> +
> len -= trans_len;
> i++;
> }
> @@ -1931,7 +1943,7 @@ static void nvme_init_cmb(NvmeCtrl *n, PCIDevice
> *pci_dev)
>
> NVME_CMBSZ_SET_SQS(n->bar.cmbsz, 1);
> NVME_CMBSZ_SET_CQS(n->bar.cmbsz, 0);
> - NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 0);
> + NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 1);
> NVME_CMBSZ_SET_RDS(n->bar.cmbsz, 1);
> NVME_CMBSZ_SET_WDS(n->bar.cmbsz, 1);
> NVME_CMBSZ_SET_SZU(n->bar.cmbsz, 2);
Reviewed-by: Maxim Levitsky <address@hidden>
Best regards,
Maxim Levitsky
- Re: [PATCH v6 24/42] nvme: remove redundant has_sg member, (continued)
- [PATCH v6 23/42] nvme: add mapping helpers, Klaus Jensen, 2020/03/16
- [PATCH v6 29/42] nvme: refactor request bounds checking, Klaus Jensen, 2020/03/16
- [PATCH v6 27/42] nvme: add request mapping helper, Klaus Jensen, 2020/03/16
- [PATCH v6 28/42] nvme: verify validity of prp lists in the cmb, Klaus Jensen, 2020/03/16
- Re: [PATCH v6 28/42] nvme: verify validity of prp lists in the cmb,
Maxim Levitsky <=
- [PATCH v6 34/42] pci: pass along the return value of dma_memory_rw, Klaus Jensen, 2020/03/16
- [PATCH v6 30/42] nvme: add check for mdts, Klaus Jensen, 2020/03/16
- [PATCH v6 26/42] nvme: pass request along for tracing, Klaus Jensen, 2020/03/16
- [PATCH v6 33/42] nvme: use preallocated qsg/iov in nvme_dma_prp, Klaus Jensen, 2020/03/16
- [PATCH v6 31/42] nvme: add check for prinfo, Klaus Jensen, 2020/03/16