tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'nvme-6.2-2022-12-22' of git://git.infradead.org/nvme into block-6.2
Pull NVMe fixes from Christoph:
"nvme fixes for Linux 6.2
- fix doorbell buffer value endianness (Klaus Jensen)
- fix Linux vs NVMe page size mismatch (Keith Busch)
- fix a potential use memory access beyong the allocation limit
(Keith Busch)
- fix a multipath vs blktrace NULL pointer dereference
(Yanjun Zhang)"
* tag 'nvme-6.2-2022-12-22' of git://git.infradead.org/nvme:
nvme: fix multipath crash caused by flush request when blktrace is enabled
nvme-pci: fix page size checks
nvme-pci: fix mempool alloc size
nvme-pci: fix doorbell buffer value endianness
+20
-19
+1
-1
drivers/nvme/host/nvme.h
+1
-1
drivers/nvme/host/nvme.h
+19
-18
drivers/nvme/host/pci.c
+19
-18
drivers/nvme/host/pci.c
···
36
36
#define SQ_SIZE(q) ((q)->q_depth << (q)->sqes)
37
37
#define CQ_SIZE(q) ((q)->q_depth * sizeof(struct nvme_completion))
38
38
39
-
#define SGES_PER_PAGE (PAGE_SIZE / sizeof(struct nvme_sgl_desc))
39
+
#define SGES_PER_PAGE (NVME_CTRL_PAGE_SIZE / sizeof(struct nvme_sgl_desc))
40
40
41
41
/*
42
42
* These can be higher, but we need to ensure that any command doesn't
···
144
144
mempool_t *iod_mempool;
145
145
146
146
/* shadow doorbell buffer support: */
147
-
u32 *dbbuf_dbs;
147
+
__le32 *dbbuf_dbs;
148
148
dma_addr_t dbbuf_dbs_dma_addr;
149
-
u32 *dbbuf_eis;
149
+
__le32 *dbbuf_eis;
150
150
dma_addr_t dbbuf_eis_dma_addr;
151
151
152
152
/* host memory buffer support: */
···
208
208
#define NVMEQ_SQ_CMB 1
209
209
#define NVMEQ_DELETE_ERROR 2
210
210
#define NVMEQ_POLLED 3
211
-
u32 *dbbuf_sq_db;
212
-
u32 *dbbuf_cq_db;
213
-
u32 *dbbuf_sq_ei;
214
-
u32 *dbbuf_cq_ei;
211
+
__le32 *dbbuf_sq_db;
212
+
__le32 *dbbuf_cq_db;
213
+
__le32 *dbbuf_sq_ei;
214
+
__le32 *dbbuf_cq_ei;
215
215
struct completion delete_done;
216
216
};
217
217
···
343
343
}
344
344
345
345
/* Update dbbuf and return true if an MMIO is required */
346
-
static bool nvme_dbbuf_update_and_check_event(u16 value, u32 *dbbuf_db,
347
-
volatile u32 *dbbuf_ei)
346
+
static bool nvme_dbbuf_update_and_check_event(u16 value, __le32 *dbbuf_db,
347
+
volatile __le32 *dbbuf_ei)
348
348
{
349
349
if (dbbuf_db) {
350
-
u16 old_value;
350
+
u16 old_value, event_idx;
351
351
352
352
/*
353
353
* Ensure that the queue is written before updating
···
355
355
*/
356
356
wmb();
357
357
358
-
old_value = *dbbuf_db;
359
-
*dbbuf_db = value;
358
+
old_value = le32_to_cpu(*dbbuf_db);
359
+
*dbbuf_db = cpu_to_le32(value);
360
360
361
361
/*
362
362
* Ensure that the doorbell is updated before reading the event
···
366
366
*/
367
367
mb();
368
368
369
-
if (!nvme_dbbuf_need_event(*dbbuf_ei, value, old_value))
369
+
event_idx = le32_to_cpu(*dbbuf_ei);
370
+
if (!nvme_dbbuf_need_event(event_idx, value, old_value))
370
371
return false;
371
372
}
372
373
···
381
380
*/
382
381
static int nvme_pci_npages_prp(void)
383
382
{
384
-
unsigned nprps = DIV_ROUND_UP(NVME_MAX_KB_SZ + NVME_CTRL_PAGE_SIZE,
385
-
NVME_CTRL_PAGE_SIZE);
386
-
return DIV_ROUND_UP(8 * nprps, PAGE_SIZE - 8);
383
+
unsigned max_bytes = (NVME_MAX_KB_SZ * 1024) + NVME_CTRL_PAGE_SIZE;
384
+
unsigned nprps = DIV_ROUND_UP(max_bytes, NVME_CTRL_PAGE_SIZE);
385
+
return DIV_ROUND_UP(8 * nprps, NVME_CTRL_PAGE_SIZE - 8);
387
386
}
388
387
389
388
/*
···
393
392
static int nvme_pci_npages_sgl(void)
394
393
{
395
394
return DIV_ROUND_UP(NVME_MAX_SEGS * sizeof(struct nvme_sgl_desc),
396
-
PAGE_SIZE);
395
+
NVME_CTRL_PAGE_SIZE);
397
396
}
398
397
399
398
static int nvme_admin_init_hctx(struct blk_mq_hw_ctx *hctx, void *data,
···
709
708
sge->length = cpu_to_le32(entries * sizeof(*sge));
710
709
sge->type = NVME_SGL_FMT_LAST_SEG_DESC << 4;
711
710
} else {
712
-
sge->length = cpu_to_le32(PAGE_SIZE);
711
+
sge->length = cpu_to_le32(NVME_CTRL_PAGE_SIZE);
713
712
sge->type = NVME_SGL_FMT_SEG_DESC << 4;
714
713
}
715
714
}