[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PULL v2 36/38] hw/block/nvme: support namespace attachment command
|
From: |
Peter Maydell |
|
Subject: |
Re: [PULL v2 36/38] hw/block/nvme: support namespace attachment command |
|
Date: |
Fri, 12 Mar 2021 13:12:35 +0000 |
On Tue, 9 Mar 2021 at 11:46, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Minwoo Im <minwoo.im.dev@gmail.com>
>
> This patch supports Namespace Attachment command for the pre-defined
> nvme-ns device nodes. Of course, attach/detach namespace should only be
> supported in case 'subsys' is given. This is because if we detach a
> namespace from a controller, somebody needs to manage the detached, but
> allocated namespace in the NVMe subsystem.
>
> As command effect for the namespace attachment command is registered,
> the host will be notified that namespace inventory is changed so that
> host will rescan the namespace inventory after this command. For
> example, kernel driver manages this command effect via passthru IOCTL.
> diff --git a/hw/block/nvme.h b/hw/block/nvme.h
> index 85a7b5a14f4e..1287bc2cd17a 100644
> --- a/hw/block/nvme.h
> +++ b/hw/block/nvme.h
> @@ -235,6 +235,11 @@ static inline void nvme_ns_attach(NvmeCtrl *n,
> NvmeNamespace *ns)
> n->namespaces[nvme_nsid(ns) - 1] = ns;
> }
>
> +static inline void nvme_ns_detach(NvmeCtrl *n, NvmeNamespace *ns)
> +{
> + n->namespaces[nvme_nsid(ns) - 1] = NULL;
> +}
Hi; Coverity complains about a possible array overflow both here
in nvme_ns_detach() (CID 1450757) and in nvme_ns_attach() (CID 1450758):
nvme_nsid() can return -1, but this code does not check for that.
If these functions both assume that their ns argument is non-NULL,
then adding an "assert(ns)" would probably placate Coverity and also
would mean that any bugs elsewhere resulting in accidentally passing
a NULL pointer would result in a clean assertion failure rather than
memory corruption. (Or you could directly assert that the array index
is in-bounds, I guess.)
thanks
-- PMM
- [PULL v2 22/38] hw/block/nvme: fix potential compilation error, (continued)
- [PULL v2 22/38] hw/block/nvme: fix potential compilation error, Klaus Jensen, 2021/03/09
- [PULL v2 24/38] hw/block/nvme: report non-mdts command size limit for dsm, Klaus Jensen, 2021/03/09
- [PULL v2 23/38] hw/block/nvme: add trace event for zone read check, Klaus Jensen, 2021/03/09
- [PULL v2 26/38] hw/block/nvme: remove block accounting for write zeroes, Klaus Jensen, 2021/03/09
- [PULL v2 25/38] hw/block/nvme: remove redundant len member in compare context, Klaus Jensen, 2021/03/09
- [PULL v2 31/38] hw/block/nvme: support namespace detach, Klaus Jensen, 2021/03/09
- [PULL v2 27/38] hw/block/nvme: fix strerror printing, Klaus Jensen, 2021/03/09
- [PULL v2 35/38] hw/block/nvme: refactor nvme_select_ns_iocs, Klaus Jensen, 2021/03/09
- [PULL v2 32/38] hw/block/nvme: fix namespaces array to 1-based, Klaus Jensen, 2021/03/09
- [PULL v2 36/38] hw/block/nvme: support namespace attachment command, Klaus Jensen, 2021/03/09
- Re: [PULL v2 36/38] hw/block/nvme: support namespace attachment command,
Peter Maydell <=
- [PULL v2 37/38] hw/block/nvme: support changed namespace asynchronous event, Klaus Jensen, 2021/03/09
- [PULL v2 38/38] hw/block/nvme: support Identify NS Attached Controller List, Klaus Jensen, 2021/03/09
- [PULL v2 33/38] hw/block/nvme: fix allocated namespace list to 256, Klaus Jensen, 2021/03/09
- [PULL v2 34/38] hw/block/nvme: support allocated namespace type, Klaus Jensen, 2021/03/09
- Re: [PULL v2 00/38] emulated nvme device updates, Peter Maydell, 2021/03/11