[Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint chec

qemu-commits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint chec

From:	Peter Maydell
Subject:	[Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint check
Date:	Wed, 07 Apr 2021 00:45:06 -0700
  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 5ad7d0174e8e5f3e5af27719d4fc5f6a93efa1f2
      
https://github.com/qemu/qemu/commit/5ad7d0174e8e5f3e5af27719d4fc5f6a93efa1f2
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme-ns.c

  Log Message:
  -----------
  hw/block/nvme: fix pi constraint check

Protection Information can only be enabled if there is at least 8 bytes
of metadata.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: 349bf41d592cf59e0438ad79e247395b1af04c4f
      
https://github.com/qemu/qemu/commit/349bf41d592cf59e0438ad79e247395b1af04c4f
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme.h

  Log Message:
  -----------
  hw/block/nvme: fix missing string representation for ns attachment

Add the missing nvme_adm_opc_str entry for the Namespace Attachment
command.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: dae8be368e7b9ad36bc8af1cd365d28b199a6502
      
https://github.com/qemu/qemu/commit/dae8be368e7b9ad36bc8af1cd365d28b199a6502
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme-ns.h

  Log Message:
  -----------
  hw/block/nvme: fix the nsid 'invalid' value

The `nvme_nsid()` function returns '-1' (FFFFFFFFh) when the given
namespace is NULL. Since FFFFFFFFh is actually a valid namespace
identifier (the "broadcast" value), change this to be '0' since that
actually *is* the invalid value.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: cb431f8b5c7f426c0b451bf44df45d2846def6cf
      
https://github.com/qemu/qemu/commit/cb431f8b5c7f426c0b451bf44df45d2846def6cf
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme.c
    M hw/block/nvme.h

  Log Message:
  -----------
  hw/block/nvme: fix warning about legacy namespace configuration

Remove the unused BlockConf from the controller structure and fix the
constraint checking to actually check the right BlockConf and issue the
warning.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: e38e4c304ed5f9a5cbb7fe592b3751cb410e1995
      
https://github.com/qemu/qemu/commit/e38e4c304ed5f9a5cbb7fe592b3751cb410e1995
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme.c

  Log Message:
  -----------
  hw/block/nvme: update dmsrl limit on namespace detachment

The Non-MDTS DMSRL limit must be recomputed when namespaces are
detached.

Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command")
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: ce21dfdb6dd7060d8614d12c24e965a2301e9592
      
https://github.com/qemu/qemu/commit/ce21dfdb6dd7060d8614d12c24e965a2301e9592
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme-ns.c
    M hw/block/nvme-ns.h
    M hw/block/nvme-subsys.c
    M hw/block/nvme-subsys.h
    M hw/block/nvme.c
    M hw/block/nvme.h
    M hw/block/trace-events
    M include/block/nvme.h

  Log Message:
  -----------
  hw/block/nvme: fix handling of private namespaces

Prior to this patch, if a private nvme-ns device (that is, a namespace
that is not linked to a subsystem) is wired up to an nvme-subsys linked
nvme controller device, the device fails to verify that the namespace id
is unique within the subsystem. NVM Express v1.4b, Section 6.1.6 ("NSID
and Namespace Usage") states that because the device supports Namespace
Management, "NSIDs *shall* be unique within the NVM subsystem".

Additionally, prior to this patch, private namespaces are not known to
the subsystem and the namespace is considered exclusive to the
controller with which it is initially wired up to. However, this is not
the definition of a private namespace; per Section 1.6.33 ("private
namespace"), a private namespace is just a namespace that does not
support multipath I/O or namespace sharing, which means "that it is only
able to be attached to one controller at a time".

Fix this by always allocating namespaces in the subsystem (if one is
linked to the controller), regardless of the shared/private status of
the namespace. Whether or not the namespace is shareable is controlled
by a new `shared` nvme-ns parameter.

Finally, this fix allows the nvme-ns `subsys` parameter to be removed,
since the `shared` parameter now serves the purpose of attaching the
namespace to all controllers in the subsystem upon device realization.
It is invalid to have an nvme-ns namespace device with a linked
subsystem without the parent nvme controller device also being linked to
one and since the nvme-ns devices will unconditionally be "attached" (in
QEMU terms that is) to an nvme controller device through an NvmeBus, the
nvme-ns namespace device can always get a reference to the subsystem of
the controller it is explicitly (using 'bus=' parameter) or implicitly
attaching to.

Fixes: e570768566b3 ("hw/block/nvme: support for shared namespace in subsystem")
Cc: Minwoo Im <minwoo.im.dev@gmail.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>


  Commit: 9553f8deebe0e443a0b006aa9d881269fd251a2c
      
https://github.com/qemu/qemu/commit/9553f8deebe0e443a0b006aa9d881269fd251a2c
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-06 (Tue, 06 Apr 2021)

  Changed paths:
    M hw/block/nvme-dif.c
    M hw/block/nvme-dif.h

  Log Message:
  -----------
  hw/block/nvme: add missing copyright headers

Add missing license/copyright headers to the nvme-dif.{c,h} files.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>


  Commit: 68adbc81c2243ac0e55f11210e138f720b4bbfac
      
https://github.com/qemu/qemu/commit/68adbc81c2243ac0e55f11210e138f720b4bbfac
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-07 (Wed, 07 Apr 2021)

  Changed paths:
    M hw/block/nvme.c

  Log Message:
  -----------
  hw/block/nvme: fix ns attachment out-of-bounds read

nvme_ns_attachment() does not verify the contents of the host-supplied
16 bit "Number of Identifiers" field in the command payload.

Make sure the value is capped at 2047 and fix the out-of-bounds read.

Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command")
Cc: Minwoo Im <minwoo.im.dev@gmail.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>


  Commit: ba6219ccef23389ce1756003f4f2fccb54ab6d32
      
https://github.com/qemu/qemu/commit/ba6219ccef23389ce1756003f4f2fccb54ab6d32
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-07 (Wed, 07 Apr 2021)

  Changed paths:
    M hw/block/nvme-subsys.h

  Log Message:
  -----------
  hw/block/nvme: fix assert crash in nvme_subsys_ns

nvme_subsys_ns() is used in contexts where the namespace identifier is
taken from an untrusted source. Commit 3921756dee6d ("hw/block/nvme:
assert namespaces array indices") tried to guard against this by
introducing an assert on the namespace identifier.

This is wrong since it is perfectly valid to call the function with an
invalid namespace identifier and like nvme_ns(), nvme_subsys_ns() should
simply return NULL.

Fixes: 3921756dee6d ("hw/block/nvme: assert namespaces array indices")
Fixes: 94d8d6d16781 ("hw/block/nvme: support allocated namespace type")
Cc: Minwoo Im <minwoo.im.dev@gmail.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>


  Commit: 5dd79300df47f07d0e9d6a7bda43b23ff26001dc
      
https://github.com/qemu/qemu/commit/5dd79300df47f07d0e9d6a7bda43b23ff26001dc
  Author: Klaus Jensen <k.jensen@samsung.com>
  Date:   2021-04-07 (Wed, 07 Apr 2021)

  Changed paths:
    M hw/block/nvme-subsys.h

  Log Message:
  -----------
  hw/block/nvme: fix out-of-bounds read in nvme_subsys_ctrl

nvme_subsys_ctrl() is used in contexts where the given controller
identifier is from an untrusted source. Like its friends nvme_ns() and
nvme_subsys_ns(), nvme_subsys_ctrl() should just return NULL if an
invalid identifier is given.

Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command")
Cc: Minwoo Im <minwoo.im.dev@gmail.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>


  Commit: 6afa42140676bd85cd8e1f671e7cd6d419af1a59
      
https://github.com/qemu/qemu/commit/6afa42140676bd85cd8e1f671e7cd6d419af1a59
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2021-04-07 (Wed, 07 Apr 2021)

  Changed paths:
    M hw/block/nvme-dif.c
    M hw/block/nvme-dif.h
    M hw/block/nvme-ns.c
    M hw/block/nvme-ns.h
    M hw/block/nvme-subsys.c
    M hw/block/nvme-subsys.h
    M hw/block/nvme.c
    M hw/block/nvme.h
    M hw/block/trace-events
    M include/block/nvme.h

  Log Message:
  -----------
  Merge remote-tracking branch 
'remotes/nvme/tags/nvme-fixes-2021-04-07-pull-request' into staging

emulated nvme fixes for -rc3

v2:
  - added missing patches

# gpg: Signature made Wed 07 Apr 2021 06:42:51 BST
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* remotes/nvme/tags/nvme-fixes-2021-04-07-pull-request:
  hw/block/nvme: fix out-of-bounds read in nvme_subsys_ctrl
  hw/block/nvme: fix assert crash in nvme_subsys_ns
  hw/block/nvme: fix ns attachment out-of-bounds read
  hw/block/nvme: add missing copyright headers
  hw/block/nvme: fix handling of private namespaces
  hw/block/nvme: update dmsrl limit on namespace detachment
  hw/block/nvme: fix warning about legacy namespace configuration
  hw/block/nvme: fix the nsid 'invalid' value
  hw/block/nvme: fix missing string representation for ns attachment
  hw/block/nvme: fix pi constraint check

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/d5be106cfdb5...6afa42140676
[Prev in Thread]
Current Thread
[Next in Thread]
[Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint check, Peter Maydell <=
- [Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint check, Peter Maydell, 2021/04/07
- [Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint check, Peter Maydell, 2021/04/08
Prev by Date: [Qemu-commits] [qemu/qemu] d0d3dd: Update version for v6.0.0-rc2 release
Next by Date: [Qemu-commits] [qemu/qemu] 99c3ac: virtiofsd: Fix security.capability comparison
Previous by thread: [Qemu-commits] [qemu/qemu] d0d3dd: Update version for v6.0.0-rc2 release
Next by thread: [Qemu-commits] [qemu/qemu] 5ad7d0: hw/block/nvme: fix pi constraint check
Index(es):
- Date
- Thread