[PATCH v3] nvme: Fix handling of large MDTS values

Damien Le Moal Damien.LeMoal at wdc.com
Fri Apr 2 06:00:58 BST 2021


On 2021/04/02 10:47, Bart Van Assche wrote:
> Instead of triggering an integer overflow and undefined behavior if MDTS is
> large, set max_hw_sectors to UINT_MAX.
> 
> Cc: Christoph Hellwig <hch at lst.de>
> Cc: Sagi Grimberg <sagi at grimberg.me>
> Cc: Keith Busch <kbusch at kernel.org>
> Signed-off-by: Bart Van Assche <bvanassche at acm.org>
> ---
> 
> Changes compared to v2: reduced the two max_hw_sectors = UINT_MAX statements into a single assignment.
> Changes compared to v1: removed a dev_err() call.
> 
>  drivers/nvme/host/core.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
> index 40215a0246e4..87d43309742b 100644
> --- a/drivers/nvme/host/core.c
> +++ b/drivers/nvme/host/core.c
> @@ -3123,10 +3123,10 @@ static int nvme_init_identify(struct nvme_ctrl *ctrl)
>  
>  	atomic_set(&ctrl->abort_limit, id->acl + 1);
>  	ctrl->vwc = id->vwc;
> -	if (id->mdts)
> -		max_hw_sectors = 1 << (id->mdts + page_shift - 9);
> -	else
> +	if (!id->mdts || check_shl_overflow(1U, id->mdts + page_shift - 9,
> +					    &max_hw_sectors)) {
>  		max_hw_sectors = UINT_MAX;
> +	}

Nit: this could be rewritten as:

	if (!id->mdts ||
	    check_shl_overflow(1U, id->mdts + page_shift - 9, &max_hw_sectors))
		max_hw_sectors = UINT_MAX;

More readable and no unneeded brackets. No ?

>  	ctrl->max_hw_sectors =
>  		min_not_zero(ctrl->max_hw_sectors, max_hw_sectors);
>  
> 
> _______________________________________________
> Linux-nvme mailing list
> Linux-nvme at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-nvme
> 


-- 
Damien Le Moal
Western Digital Research



More information about the Linux-nvme mailing list