summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKlaus Jensen2020-07-06 08:13:00 +0200
committerKlaus Jensen2020-09-02 08:48:50 +0200
commit38a58e7ce38cf73f25e5242f5f1abcfcbd250a6d (patch)
treeb4268fade32e05cfcca65697cbd88eab07810b2f
parenthw/block/nvme: support identify namespace descriptor list (diff)
downloadqemu-38a58e7ce38cf73f25e5242f5f1abcfcbd250a6d.tar.gz
qemu-38a58e7ce38cf73f25e5242f5f1abcfcbd250a6d.tar.xz
qemu-38a58e7ce38cf73f25e5242f5f1abcfcbd250a6d.zip
hw/block/nvme: reject invalid nsid values in active namespace id list
Reject the nsid broadcast value (0xffffffff) and 0xfffffffe in the Active Namespace ID list. Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Dmitry Fomichev <dmitry.fomichev@wdc.com> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com> Message-Id: <20200706061303.246057-16-its@irrelevant.dk>
-rw-r--r--hw/block/nvme.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 35103dac89..d884ac14a7 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -1007,6 +1007,16 @@ static uint16_t nvme_identify_nslist(NvmeCtrl *n, NvmeIdentify *c)
trace_pci_nvme_identify_nslist(min_nsid);
+ /*
+ * Both 0xffffffff (NVME_NSID_BROADCAST) and 0xfffffffe are invalid values
+ * since the Active Namespace ID List should return namespaces with ids
+ * *higher* than the NSID specified in the command. This is also specified
+ * in the spec (NVM Express v1.3d, Section 5.15.4).
+ */
+ if (min_nsid >= NVME_NSID_BROADCAST - 1) {
+ return NVME_INVALID_NSID | NVME_DNR;
+ }
+
list = g_malloc0(data_len);
for (i = 0; i < n->num_namespaces; i++) {
if (i < min_nsid) {