[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3 11/17] hw/block/nvme: harden cmb access
From: |
Klaus Jensen |
Subject: |
[PATCH v3 11/17] hw/block/nvme: harden cmb access |
Date: |
Tue, 22 Sep 2020 10:45:27 +0200 |
From: Klaus Jensen <k.jensen@samsung.com>
Since the controller has only supported PRPs so far it has not been
required to check the ending address (addr + len - 1) of the CMB access
for validity since it has been guaranteed to be in range of the CMB.
This changes when the controller adds support for SGLs (next patch), so
add that check.
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
---
hw/block/nvme.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 7c9ea792483c..3b901efd1ec0 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -142,7 +142,12 @@ static inline void *nvme_addr_to_cmb(NvmeCtrl *n, hwaddr
addr)
static int nvme_addr_read(NvmeCtrl *n, hwaddr addr, void *buf, int size)
{
- if (n->bar.cmbsz && nvme_addr_is_cmb(n, addr)) {
+ hwaddr hi = addr + size - 1;
+ if (hi < addr) {
+ return 1;
+ }
+
+ if (n->bar.cmbsz && nvme_addr_is_cmb(n, addr) && nvme_addr_is_cmb(n, hi)) {
memcpy(buf, nvme_addr_to_cmb(n, addr), size);
return 0;
}
--
2.28.0
- [PATCH v3 05/17] hw/block/nvme: alignment style fixes, (continued)
- [PATCH v3 05/17] hw/block/nvme: alignment style fixes, Klaus Jensen, 2020/09/22
- [PATCH v3 02/17] pci: pass along the return value of dma_memory_rw, Klaus Jensen, 2020/09/22
- [PATCH v3 04/17] hw/block/nvme: commonize nvme_rw error handling, Klaus Jensen, 2020/09/22
- [PATCH v3 01/17] hw/block/nvme: fix typo in trace event, Klaus Jensen, 2020/09/22
- [PATCH v3 06/17] hw/block/nvme: add a lba to bytes helper, Klaus Jensen, 2020/09/22
- [PATCH v3 08/17] hw/block/nvme: add symbolic command name to trace events, Klaus Jensen, 2020/09/22
- [PATCH v3 10/17] hw/block/nvme: default request status to success, Klaus Jensen, 2020/09/22
- [PATCH v3 03/17] hw/block/nvme: handle dma errors, Klaus Jensen, 2020/09/22
- [PATCH v3 07/17] hw/block/nvme: fix endian conversion, Klaus Jensen, 2020/09/22
- [PATCH v3 09/17] hw/block/nvme: refactor aio submission, Klaus Jensen, 2020/09/22
- [PATCH v3 11/17] hw/block/nvme: harden cmb access,
Klaus Jensen <=
- [PATCH v3 12/17] hw/block/nvme: add support for scatter gather lists, Klaus Jensen, 2020/09/22
- [PATCH v3 14/17] hw/block/nvme: refactor identify active namespace id list, Klaus Jensen, 2020/09/22
- [PATCH v3 13/17] hw/block/nvme: add support for sgl bit bucket descriptor, Klaus Jensen, 2020/09/22
- [PATCH v3 16/17] pci: allocate pci id for nvme, Klaus Jensen, 2020/09/22
- [PATCH v3 15/17] hw/block/nvme: support multiple namespaces, Klaus Jensen, 2020/09/22
- [PATCH v3 17/17] hw/block/nvme: change controller pci id, Klaus Jensen, 2020/09/22
- Re: [PATCH v3 00/17] hw/block/nvme: multiple namespaces support, Keith Busch, 2020/09/22
- Re: [PATCH v3 00/17] hw/block/nvme: multiple namespaces support, Klaus Jensen, 2020/09/23