[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 08/17] hw/block/nvme: verify validity of prp lists in the cmb
From: |
Klaus Jensen |
Subject: |
[PATCH 08/17] hw/block/nvme: verify validity of prp lists in the cmb |
Date: |
Mon, 29 Jun 2020 21:50:08 +0200 |
From: Klaus Jensen <k.jensen@samsung.com>
Before this patch the device already supported PRP lists in the CMB, but
it did not check for the validity of it nor announced the support in the
Identify Controller data structure LISTS field.
If some of the PRPs in a PRP list are in the CMB, then ALL entries must
be there. This patch makes sure that requirement is verified as well as
properly announcing support for PRP lists in the CMB.
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
---
hw/block/nvme.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index d236a3cdee54..55b305458152 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -237,6 +237,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList *qsg,
QEMUIOVector *iov,
trans_len = MIN(len, trans_len);
int num_prps = (len >> n->page_bits) + 1;
uint16_t status;
+ bool prp_list_in_cmb = false;
trace_pci_nvme_map_prp(nvme_cid(req), trans_len, len, prp1, prp2,
num_prps);
@@ -264,11 +265,16 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList
*qsg, QEMUIOVector *iov,
status = NVME_INVALID_FIELD | NVME_DNR;
goto unmap;
}
+
if (len > n->page_size) {
uint64_t prp_list[n->max_prp_ents];
uint32_t nents, prp_trans;
int i = 0;
+ if (nvme_addr_is_cmb(n, prp2)) {
+ prp_list_in_cmb = true;
+ }
+
nents = (len + n->page_size - 1) >> n->page_bits;
prp_trans = MIN(n->max_prp_ents, nents) * sizeof(uint64_t);
nvme_addr_read(n, prp2, (void *)prp_list, prp_trans);
@@ -282,6 +288,11 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList *qsg,
QEMUIOVector *iov,
goto unmap;
}
+ if (prp_list_in_cmb != nvme_addr_is_cmb(n, prp_ent)) {
+ status = NVME_INVALID_USE_OF_CMB | NVME_DNR;
+ goto unmap;
+ }
+
i = 0;
nents = (len + n->page_size - 1) >> n->page_bits;
prp_trans = MIN(n->max_prp_ents, nents) * sizeof(uint64_t);
@@ -301,6 +312,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList *qsg,
QEMUIOVector *iov,
if (status) {
goto unmap;
}
+
len -= trans_len;
i++;
}
@@ -2097,7 +2109,7 @@ static void nvme_init_cmb(NvmeCtrl *n, PCIDevice *pci_dev)
NVME_CMBSZ_SET_SQS(n->bar.cmbsz, 1);
NVME_CMBSZ_SET_CQS(n->bar.cmbsz, 0);
- NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 0);
+ NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 1);
NVME_CMBSZ_SET_RDS(n->bar.cmbsz, 1);
NVME_CMBSZ_SET_WDS(n->bar.cmbsz, 1);
NVME_CMBSZ_SET_SZU(n->bar.cmbsz, 2); /* MBs */
--
2.27.0
- [PATCH 00/17] hw/block/nvme: AIO and address mapping refactoring, Klaus Jensen, 2020/06/29
- [PATCH 01/17] hw/block/nvme: memset preallocated requests structures, Klaus Jensen, 2020/06/29
- [PATCH 04/17] hw/block/nvme: remove redundant has_sg member, Klaus Jensen, 2020/06/29
- [PATCH 02/17] hw/block/nvme: add mapping helpers, Klaus Jensen, 2020/06/29
- [PATCH 03/17] hw/block/nvme: replace dma_acct with blk_acct equivalent, Klaus Jensen, 2020/06/29
- [PATCH 10/17] hw/block/nvme: add check for mdts, Klaus Jensen, 2020/06/29
- [PATCH 05/17] hw/block/nvme: refactor dma read/write, Klaus Jensen, 2020/06/29
- [PATCH 06/17] hw/block/nvme: pass request along for tracing, Klaus Jensen, 2020/06/29
- [PATCH 08/17] hw/block/nvme: verify validity of prp lists in the cmb,
Klaus Jensen <=
- [PATCH 07/17] hw/block/nvme: add request mapping helper, Klaus Jensen, 2020/06/29
- [PATCH 09/17] hw/block/nvme: refactor request bounds checking, Klaus Jensen, 2020/06/29
- [PATCH 11/17] hw/block/nvme: be consistent about zeros vs zeroes, Klaus Jensen, 2020/06/29
- [PATCH 13/17] hw/block/nvme: consolidate qsg/iov clearing, Klaus Jensen, 2020/06/29
- [PATCH 16/17] hw/block/nvme: add nvme_check_rw helper, Klaus Jensen, 2020/06/29
- [PATCH 14/17] hw/block/nvme: remove NvmeCmd parameter, Klaus Jensen, 2020/06/29
- [PATCH 17/17] hw/block/nvme: use preallocated qsg/iov in nvme_dma_prp, Klaus Jensen, 2020/06/29
- [PATCH 15/17] hw/block/nvme: allow multiple aios per command, Klaus Jensen, 2020/06/29
- [PATCH 12/17] hw/block/nvme: refactor NvmeRequest clearing, Klaus Jensen, 2020/06/29