[PATCH] nvme-tcp: fix incorrect h2cdata pdu offset accounting

Sagi Grimberg sagi at grimberg.me
Mon Sep 20 03:11:16 PDT 2021


>>> Fixes: 825619b09ad3 ("nvme-tcp: fix possible use-after-completion")
>>> Reported-by: Nowak, Lukasz <Lukasz.Nowak at Dell.com>
>>> Tested-by: Nowak, Lukasz <Lukasz.Nowak at Dell.com>
>>> Signed-off-by: Sagi Grimberg <sagi at grimberg.me>
>>> ---
>>> - Keith, can you ask the WD team to test this as well?
>>>
>>>   drivers/nvme/host/tcp.c | 13 ++++++++++---
>>>   1 file changed, 10 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c
>>> index 645025620154..87b73eb94041 100644
>>> --- a/drivers/nvme/host/tcp.c
>>> +++ b/drivers/nvme/host/tcp.c
>>> @@ -607,7 +607,7 @@ static int nvme_tcp_setup_h2c_data_pdu(struct 
>>> nvme_tcp_request *req,
>>>           cpu_to_le32(data->hdr.hlen + hdgst + req->pdu_len + ddgst);
>>>       data->ttag = pdu->ttag;
>>>       data->command_id = nvme_cid(rq);
>>> -    data->data_offset = cpu_to_le32(req->data_sent);
>>> +    data->data_offset = pdu->r2t_offset;
>>
>> Shouldn't this be "le32_to_cpu(pdu->r2t_offset)"?
> 
> No, data is a wire payload, so it is le32

Keith, if/when you are OK with this, it should go 5.15
and stable.



More information about the Linux-nvme mailing list