[PATCH v2 4/4] nvme: code command_id with a genctr for use-after-free validation
Daniel Wagner
dwagner at suse.de
Wed May 19 23:49:14 PDT 2021
Hi Sagi,
On Wed, May 19, 2021 at 10:43:40AM -0700, Sagi Grimberg wrote:
> +static inline struct request *nvme_find_rq(struct blk_mq_tags *tags,
> + u16 command_id)
> +{
> + u8 genctr = nvme_genctr_from_cid(command_id);
> + u16 tag = nvme_tag_from_cid(command_id);
> + struct request *rq;
> +
> + rq = blk_mq_tag_to_rq(tags, tag);
> + if (unlikely(!rq)) {
> + pr_err("could not locate request for tag %#x\n",
> + tag);
> + return NULL;
> + }
> + if (unlikely(nvme_genctr_mask(nvme_req(rq)->genctr) != genctr)) {
> + dev_err(nvme_req(rq)->ctrl->device,
> + "request %#x genctr mismatch (got %#x expected %#x)\n",
> + tag, genctr, nvme_req(rq)->genctr);
'nvme_genctr_mask(nvme_req(rq)->genctr)' for the expected value too?
Thanks,
Daniel
More information about the Linux-nvme
mailing list