[PATCH AUTOSEL 6.6 32/32] nvme-core: check for too small lba shift

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Keith Busch <kbusch@kernel.org>, Jens Axboe <axboe@kernel.dk>,
	Sasha Levin <sashal@kernel.org>,
	sagi@grimberg.me, linux-nvme@lists.infradead.org
Subject: [PATCH AUTOSEL 6.6 32/32] nvme-core: check for too small lba shift
Date: Mon,  4 Dec 2023 15:32:52 -0500	[thread overview]
Message-ID: <20231204203317.2092321-32-sashal@kernel.org> (raw)
In-Reply-To: <20231204203317.2092321-1-sashal@kernel.org>

From: Keith Busch <kbusch@kernel.org>

[ Upstream commit 74fbc88e161424b3b96a22b23a8e3e1edab9d05c ]

The block layer doesn't support logical block sizes smaller than 512
bytes. The nvme spec doesn't support that small either, but the driver
isn't checking to make sure the device responded with usable data.
Failing to catch this will result in a kernel bug, either from a
division by zero when stacking, or a zero length bio.

Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/nvme/host/core.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index b4521deb1c716..dfc0e02150911 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1890,9 +1890,10 @@ static void nvme_update_disk_info(struct gendisk *disk,
 
 	/*
 	 * The block layer can't support LBA sizes larger than the page size
-	 * yet, so catch this early and don't allow block I/O.
+	 * or smaller than a sector size yet, so catch this early and don't
+	 * allow block I/O.
 	 */
-	if (ns->lba_shift > PAGE_SHIFT) {
+	if (ns->lba_shift > PAGE_SHIFT || ns->lba_shift < SECTOR_SHIFT) {
 		capacity = 0;
 		bs = (1 << 9);
 	}
-- 
2.42.0

     prev parent reply	other threads:[~2023-12-04 20:35 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-04 20:32 [PATCH AUTOSEL 6.6 01/32] pinctrl: s32cc: Avoid possible string truncation Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 02/32] kunit: Warn if tests are slow Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 03/32] kunit: Reset suite counter right before running tests Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 04/32] pinctrl: lochnagar: Don't build on MIPS Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 05/32] ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 06/32] ksmbd: separately allocate ci per dentry Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 07/32] ksmbd: release interim response after sending status pending response Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 08/32] ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 09/32] ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 10/32] mptcp: fix uninit-value in mptcp_incoming_options Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 11/32] wifi: cfg80211: lock wiphy mutex for rfkill poll Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 12/32] wifi: avoid offset calculation on NULL pointer Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 13/32] wifi: mac80211: handle 320 MHz in ieee80211_ht_cap_ie_to_sta_ht_cap Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 14/32] debugfs: fix automount d_fsdata usage Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 15/32] debugfs: annotate debugfs handlers vs. removal with lockdep Sasha Levin
2023-12-04 20:45   ` Johannes Berg
2023-12-05  4:25     ` Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 16/32] debugfs: add API to allow debugfs operations cancellation Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 17/32] wifi: cfg80211: add locked debugfs wrappers Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 18/32] wifi: mac80211: use wiphy locked debugfs helpers for agg_status Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 19/32] ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 20/32] nvme-core: fix a memory leak in nvme_ns_info_from_identify() Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 21/32] io_uring: use fget/fput consistently Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 22/32] block: warn once for each partition in bio_check_ro() Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 23/32] drm/amdgpu: Do not issue gpu reset from nbio v7_9 bif interrupt Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 24/32] drm/amdkfd: Use common function for IP version check Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 25/32] drm/amd/display: update dcn315 lpddr pstate latency Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 26/32] drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 27/32] drm/amdkfd: Free gang_ctx_bo and wptr_bo in pqm_uninit Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 28/32] drm/amdgpu: Use another offset for GC 9.4.3 remap Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 29/32] smb: client, common: fix fortify warnings Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 30/32] Revert "drm/prime: Unexport helpers for fd/handle conversion" Sasha Levin
2023-12-04 20:32 ` [PATCH AUTOSEL 6.6 31/32] blk-mq: don't count completed flush data request as inflight in case of quiesce Sasha Levin
2023-12-04 20:32 ` Sasha Levin [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:b4521deb1c71 dfblob:dfc0e0215091 )
 OR (
bs:"[PATCH AUTOSEL 6.6 32/32] nvme-core: check for too small lba shift" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231204203317.2092321-32-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=axboe@kernel.dk \
    --cc=kbusch@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nvme@lists.infradead.org \
    --cc=sagi@grimberg.me \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox