nvme-host: disk corruptions when issuing IDENTIFY commands via ioctl()

[Christoph Hellwig]

On Wed, Mar 09, 2022 at 08:23:03AM -0800, Keith Busch wrote:
> > Combination of a broken application (does what the spec explicitly
> > tells it not do) and broken hardware (does the most stupid thing when
> > fed invalid input), not much the driver can do here.
> 
> There's nothing the hardware can do either to know it was given invalid
> input here if PRP2 is page aligned. There's no way it can tell the
> difference between a PRP List vs PRP destination.

Well, it can know that there must be at most two PRP2 for Identify when
the MPS is set to 4k.  Yes, this is annoying especially with hardware
allerated frontends, but that's what you get for that stupid globally
harmful microptimization that PRPs are.

> > But we really should talk to the nvme working group to ECN the text
> > for the single PRP requirement to spell out the consequence in more
> > detail, and maybe also mandate how it is handled for the next spec
> > version.
> 
> It's not a "single PRP requirement". The spec just says the "data
> structure is 4096 bytes". This can validly span 2 PRPs if the first one
> has a non-zero offset.

Yes.  But even 2 PRPs are not a PRP list given that the data pointer has
two PRP fields.  (completly ingoring the issues with non-4k MPS).