[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-8.0.5 10/43] hw/nvme: fix null pointer access in directive recei
From: |
Michael Tokarev |
Subject: |
[Stable-8.0.5 10/43] hw/nvme: fix null pointer access in directive receive |
Date: |
Sat, 9 Sep 2023 15:59:36 +0300 |
From: Klaus Jensen <k.jensen@samsung.com>
nvme_directive_receive() does not check if an endurance group has been
configured (set) prior to testing if flexible data placement is enabled
or not.
Fix this.
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1815
Fixes: 73064edfb864 ("hw/nvme: flexible data placement emulation")
Reviewed-by: Jesper Wendel Devantier <j.devantier@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
(cherry picked from commit 6c8f8456cb0b239812dee5211881426496da7b98)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 353e9e71db..861635609b 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -6875,7 +6875,7 @@ static uint16_t nvme_directive_receive(NvmeCtrl *n,
NvmeRequest *req)
case NVME_DIRECTIVE_IDENTIFY:
switch (doper) {
case NVME_DIRECTIVE_RETURN_PARAMS:
- if (ns->endgrp->fdp.enabled) {
+ if (ns->endgrp && ns->endgrp->fdp.enabled) {
id.supported |= 1 << NVME_DIRECTIVE_DATA_PLACEMENT;
id.enabled |= 1 << NVME_DIRECTIVE_DATA_PLACEMENT;
id.persistent |= 1 << NVME_DIRECTIVE_DATA_PLACEMENT;
--
2.39.2
- [Stable-8.0.5 00/43] Patch Round-up for stable 8.0.5, freeze on 2023-09-19, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 01/43] machine: Add helpers to get cores/threads per socket, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 02/43] hw/smbios: Fix smbios_smp_sockets caculation, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 03/43] hw/smbios: Fix thread count in type4, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 05/43] hw/i2c: Fix bitbang_i2c_data trace event, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 04/43] hw/smbios: Fix core count in type4, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 06/43] dump: kdump-zlib data pages not dumped with pvtime/aarch64, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 07/43] hw/nvme: fix oob memory read in fdp events log, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 08/43] hw/nvme: fix compliance issue wrt. iosqes/iocqes, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 09/43] hw/nvme: fix CRC64 for guard tag, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 10/43] hw/nvme: fix null pointer access in directive receive,
Michael Tokarev <=
- [Stable-8.0.5 11/43] hw/nvme: fix null pointer access in ruh update, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 12/43] linux-user/elfload: Set V in ELF_HWCAP for RISC-V, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 13/43] include/exec/user: Set ABI_LLONG_ALIGNMENT to 4 for microblaze, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 14/43] include/exec/user: Set ABI_LLONG_ALIGNMENT to 4 for nios2, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 15/43] Fixed incorrect LLONG alignment for openrisc and cris, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 16/43] hw/sd/sdhci: Do not force sdhci_mmio_*_ops onto all SD controllers, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 19/43] target/s390x: Fix VSTL with a large length, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 20/43] target/s390x: Check reserved bits of VFMIN/VFMAX's M5, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 17/43] target/s390x: Fix the "ignored match" case in VSTRS, Michael Tokarev, 2023/09/09
- [Stable-8.0.5 18/43] target/s390x: Use a 16-bit immediate in VREP, Michael Tokarev, 2023/09/09