[PATCH-part-2 0/9] nvme support for sgl mptr, safe passthrough

[Keith Busch <kbusch@meta.com>]

From: Keith Busch <kbusch@kernel.org>

NVMe's implicit memory lengths is a danger to buffer overflows. It's
been know for a long time this vulnerability exists.

The nvme protocol provides sgl with explicit lengths, so if the hardware
is capable, let's use that.

This patch series sets up the driver to always prefer SGL
representations on user passthrough requests. An added bonus to using
SGL for MPTR is that we can support multi-segment integrity buffers,
allowing merging once again. Request merging with metadata, though, is
kind of broken, so that functionality depends on this block patchset
(hence the "part-2" subject prefix):

  https://lore.kernel.org/linux-nvme/20240904152605.4055570-1-kbusch@meta.com/

I currently don't have real hardware that supports sgl mptr, but I
believe that's coming to me soon. But in the meantime, if you're like
me, you can use the emulated device. Support for MPTR SGL is provided in
this currently unmerged (but very simple) patch to qemu:

  https://lists.nongnu.org/archive/html/qemu-block/2024-08/msg00332.html

Keith Busch (9):
  nvme-pci: use sgl capable helper function
  nvme-pci: provide prp selection helper
  nvme-pci: split out the simple dma mapping
  nvme-pci: remove "dma_len" from nvme_iod
  nvme-pci: simplify io setup function parameters
  nvme-pci: common dma pool alloc helper
  nvme-pci: provide a sgl mapping helper
  nvme-pci: add support for sgl metadata
  nvme: force sgls on user passthrough if possible

 drivers/nvme/host/core.c  |   4 +-
 drivers/nvme/host/ioctl.c |  17 ++
 drivers/nvme/host/nvme.h  |   7 +
 drivers/nvme/host/pci.c   | 319 ++++++++++++++++++++++++++------------
 include/linux/nvme.h      |   1 +
 5 files changed, 246 insertions(+), 102 deletions(-)

-- 
2.43.5