[PATCH] nvme-tcp: fix incorrect h2cdata pdu offset accounting
Sagi Grimberg
sagi at grimberg.me
Mon Sep 20 03:11:16 PDT 2021
>>> Fixes: 825619b09ad3 ("nvme-tcp: fix possible use-after-completion")
>>> Reported-by: Nowak, Lukasz <Lukasz.Nowak at Dell.com>
>>> Tested-by: Nowak, Lukasz <Lukasz.Nowak at Dell.com>
>>> Signed-off-by: Sagi Grimberg <sagi at grimberg.me>
>>> ---
>>> - Keith, can you ask the WD team to test this as well?
>>>
>>> drivers/nvme/host/tcp.c | 13 ++++++++++---
>>> 1 file changed, 10 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c
>>> index 645025620154..87b73eb94041 100644
>>> --- a/drivers/nvme/host/tcp.c
>>> +++ b/drivers/nvme/host/tcp.c
>>> @@ -607,7 +607,7 @@ static int nvme_tcp_setup_h2c_data_pdu(struct
>>> nvme_tcp_request *req,
>>> cpu_to_le32(data->hdr.hlen + hdgst + req->pdu_len + ddgst);
>>> data->ttag = pdu->ttag;
>>> data->command_id = nvme_cid(rq);
>>> - data->data_offset = cpu_to_le32(req->data_sent);
>>> + data->data_offset = pdu->r2t_offset;
>>
>> Shouldn't this be "le32_to_cpu(pdu->r2t_offset)"?
>
> No, data is a wire payload, so it is le32
Keith, if/when you are OK with this, it should go 5.15
and stable.
More information about the Linux-nvme
mailing list