mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-16 07:35:14 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/nvme
History
Keith Busch c89a529e82 nvme-pci: fix mempool alloc size 
Convert the max size to bytes to match the units of the divisor that
calculates the worst-case number of PRP entries.

The result is used to determine how many PRP Lists are required. The
code was previously rounding this to 1 list, but we can require 2 in the
worst case. In that scenario, the driver would corrupt memory beyond the
size provided by the mempool.

While unlikely to occur (you'd need a 4MB in exactly 127 phys segments
on a queue that doesn't support SGLs), this memory corruption has been
observed by kfence.

Cc: Jens Axboe <axboe@kernel.dk>
Fixes: 943e942e62 ("nvme-pci: limit max IO size and segments to avoid high order allocations")
Signed-off-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jens Axboe <axboe@kernel.dk>
Reviewed-by: Kanchan Joshi <joshi.k@samsung.com>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
2022-12-21 09:17:25 +01:00
..
common treewide: use get_random_u32() when possible 2022-10-11 17:42:58 -06:00
host nvme-pci: fix mempool alloc size 2022-12-21 09:17:25 +01:00
target for-6.2/block-2022-12-08 2022-12-13 10:43:59 -08:00
Kconfig nvme: implement In-Band authentication 2022-08-02 17:14:49 -06:00
Makefile nvme: implement In-Band authentication 2022-08-02 17:14:49 -06:00