Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2970576rdb;
        Mon, 4 Dec 2023 12:37:37 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEo1tX7wKqwskR+XF6YPZUx5f8CmfVQ6YGZEu4em/OXU0uPRc3Yowdlds1nXGjKZuZJns+R
X-Received: by 2002:a17:902:e890:b0:1d0:1f49:16f with SMTP id w16-20020a170902e89000b001d01f49016fmr5136501plg.0.1701722257233;
        Mon, 04 Dec 2023 12:37:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701722257; cv=none;
        d=google.com; s=arc-20160816;
        b=Limd36fQxYPQUpY5ZL/i1Jg+8oLXPAFdWf8vs/upOC3dRqk0iBH2FTGLMDi5AWvBiG
         5wPxqnyxZKHRKi5FVhN/UUO02nuYtqFLGUZa/tFtj8aFq0yoSffTcAAUxhTCjIHT226z
         7N1dedL/HznVoMXrFhFej4WMrGE8Nrfn7ewgygx0KQ0RfxmUSHBEcib9AQTfsU15fHIt
         657fJWz49QBQTYjcc4dmSQ72tfGTlKWjR72YiMNBqGIf6tIZeFBlp3PDW/oLlnCurB2p
         hfAfo2j5+KFBnN2D3wrDdpuAMEzDIut/1OgYK8gmW1Ms/UqlJxQQL3eR0GHfMX9o7IUN
         re/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=iw0AHWMoK+o/4UNYZfyzhcV6doIIOPEHyZTUESaAJh4=;
        fh=sQk6c8YxehNqssarE3Wv6LbZnmL3wy1bw42+WWrXeBc=;
        b=mHCb/acDrli+L4pSkZuhUKptsbCfQeoP+co/puxu+Asrb/LHQ+oJKE2pgpmBB6eVLF
         HHE166PWUcyVExAOd3DR/fZOaBITmu1AFDz0ppcIurqz4l2UTpRlmHWAacig4EEpZ3t1
         AJVZ9ErPXiUKE0o7kaY/7EZz7JCCflPnKe85g+ZBsND90hhmY1/98wDgIxsjYOXD0uam
         Pn9tGK51z/KEX7HjvkZDvDv4/0AaqXjaFVitXrgCfSMwPagaY4oSnyciTk8tfIDXN9hd
         qDcNGAyMeUgLfjlVaWKqXQ8g1mGsd3Y3Gkcr/xA7z6KFAbWk/a4vxDYauERXcVPKcS3A
         a4DQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=iVXk2owo;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8])
        by mx.google.com with ESMTPS id z6-20020a63d006000000b0057745d87b53si8180889pgf.686.2023.12.04.12.37.36
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 04 Dec 2023 12:37:37 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=iVXk2owo;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by fry.vger.email (Postfix) with ESMTP id 55654809C939;
	Mon,  4 Dec 2023 12:37:34 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1346134AbjLDUhD (ORCPT <rfc822;a.bouin@gmail.com> + 99 others);
        Mon, 4 Dec 2023 15:37:03 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36980 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1346297AbjLDUgm (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 4 Dec 2023 15:36:42 -0500
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 120CE30C3
        for <linux-kernel@vger.kernel.org>; Mon,  4 Dec 2023 12:35:01 -0800 (PST)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 77FDDC433CC;
        Mon,  4 Dec 2023 20:34:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1701722100;
        bh=eGm+sBvt0gdj+0zTu3T2RywpCFcezynjcVTWXyJLyW4=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=iVXk2owoS/1lAMxzsrTb8Vvzoc0KNIez8bAtw79bv0ZhaDpsgFVg1Hwkas8lCZP0I
         ZEN3vYcWvKktIOtDbZ8UCeKDBfO1FJzBMK8OBtiIkn03By01jKLclQUHKXo883KqgI
         ZpHvVC1Vo5nrlnkHwcoAMl2T2WGaYyiRmHpM/wPi5uvGZzI5t8RwzChlU09iFIhSGO
         aZMpk0WRRPyZQtvcAl6iVazG5f8vdUxXg8If317wIA142M47puQPZwO5K/+YkbH0Vy
         k8wWp1+Nrt6c2SZkUBCxoKPG7YKTr6Id3DQQ+dH3C0EuJBr7s+Xhqx7nPI9FtD1t2m
         8pN70Gfbw1BeA==
From:   Sasha Levin <sashal@kernel.org>
To:     linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc:     Keith Busch <kbusch@kernel.org>, Jens Axboe <axboe@kernel.dk>,
        Sasha Levin <sashal@kernel.org>, sagi@grimberg.me,
        linux-nvme@lists.infradead.org
Subject: [PATCH AUTOSEL 6.6 32/32] nvme-core: check for too small lba shift
Date:   Mon,  4 Dec 2023 15:32:52 -0500
Message-ID: <20231204203317.2092321-32-sashal@kernel.org>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20231204203317.2092321-1-sashal@kernel.org>
References: <20231204203317.2092321-1-sashal@kernel.org>
MIME-Version: 1.0
X-stable: review
X-Patchwork-Hint: Ignore
X-stable-base: Linux 6.6.4
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Mon, 04 Dec 2023 12:37:34 -0800 (PST)

From: Keith Busch <kbusch@kernel.org>

[ Upstream commit 74fbc88e161424b3b96a22b23a8e3e1edab9d05c ]

The block layer doesn't support logical block sizes smaller than 512
bytes. The nvme spec doesn't support that small either, but the driver
isn't checking to make sure the device responded with usable data.
Failing to catch this will result in a kernel bug, either from a
division by zero when stacking, or a zero length bio.

Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/nvme/host/core.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index b4521deb1c716..dfc0e02150911 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1890,9 +1890,10 @@ static void nvme_update_disk_info(struct gendisk *disk,
 
 	/*
 	 * The block layer can't support LBA sizes larger than the page size
-	 * yet, so catch this early and don't allow block I/O.
+	 * or smaller than a sector size yet, so catch this early and don't
+	 * allow block I/O.
 	 */
-	if (ns->lba_shift > PAGE_SHIFT) {
+	if (ns->lba_shift > PAGE_SHIFT || ns->lba_shift < SECTOR_SHIFT) {
 		capacity = 0;
 		bs = (1 << 9);
 	}
-- 
2.42.0