[PATCH 1/2] nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length
Keith Busch
kbusch at kernel.org
Thu Dec 21 09:42:22 PST 2023
On Thu, Dec 21, 2023 at 05:31:53PM +0100, Maurizio Lombardi wrote:
> @@ -1002,6 +1003,13 @@ static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue)
> }
>
> cmd->pdu_len = le32_to_cpu(data->data_length);
> + if (unlikely(cmd->pdu_len == 0 ||
> + cmd->pdu_len > NVMET_TCP_MAXH2CDATA)) {
> + pr_err("H2CData PDU len out of range\n");
Please add the 'pdu_len' to the pr_err since that info sounds useful to
knowing which type of target error we're dealing with.
Otherwise looks good!
Reviewed-by: Keith Busch <kbusch at kernel.org>
> + /* FIXME: use proper transport errors */
> + nvmet_tcp_fatal_error(queue);
> + return -EPROTO;
> + }
> cmd->pdu_recv = 0;
> nvmet_tcp_build_pdu_iovec(cmd);
> queue->cmd = cmd;
More information about the Linux-nvme
mailing list