Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2972020rdb;
        Mon, 4 Dec 2023 12:41:12 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHdsTr81SJKeNzbJFF/2ln9M5/bActNElkTWoddGMWV3nmwibvRLSzVfoNqT9bloux2O5jn
X-Received: by 2002:a17:902:8a95:b0:1d0:b638:8eee with SMTP id p21-20020a1709028a9500b001d0b6388eeemr1014604plo.64.1701722472370;
        Mon, 04 Dec 2023 12:41:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701722472; cv=none;
        d=google.com; s=arc-20160816;
        b=j+CAkpqmU9Ynkjz0QNdQ34/HQbIjetbX+OUFWHb6m3xrKmx9fuqLOd2y5VMDxx1bcw
         7UFiYre4lr2x/zY2/pXBbAm2mkx8c/exaC+C232gm1s03Lxg5vg7UWt3T8V9IWivXK5N
         5xevwUOn6GQuX4SpcoRSNKiSy1+/ieG7mTIFAVOQxqAi/EtBjr5wEz41i+4G3rHigckk
         oJ86n8mdnPiD2/K7VKUuT05/c9T575XgdfYOuM7nEZJz++Ld8ijeW0yoHzG9lUgj/V9U
         kZ0hguCiM0PteJCa37owydFYe+vp7bSZVl28+FCx7iuD3yxFzk+Zn3tGRcMJ/JxAllJo
         ZeMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=9z5jCdx+T26EZ6+OvAfcMwIiIuYVlZE6gfVJ36qpWH4=;
        fh=sQk6c8YxehNqssarE3Wv6LbZnmL3wy1bw42+WWrXeBc=;
        b=HNbLbqsGKl0dCiv/MCnrw2KrEveXGfPFQkvgD+qBxqnpu3CuQuyYkEe98/OKkELX8A
         FE4hAmrg9gRyFZ78YwwOrCMHtHiBI+Q1hUK1FBJK7w8HidPramR56UCxHTOYGSqd1uJy
         uD3z3g5/uMk6XatBads3jb13D1MJ7b2nGRlyKPk6W14x8kEO4xVidHzjfriUjKvy3nLI
         frZiJVYpPi0a/r46Z2740YVWbRXHVPCecTPXq6P9kU10EzsKZ4vupiDBL/YH0/Ae9Y0Q
         bkmbDJSK4PigXNpAX8gV4dSdHjpiJGl+onJMM6F5+z2w+OzchoiaugVMFOVewVJ3Ehp2
         ubwg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fTt8GQw5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id t6-20020a170902e84600b001cffdccdecdsi4392847plg.135.2023.12.04.12.41.11
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 04 Dec 2023 12:41:12 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fTt8GQw5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id CF6DA80685AE;
	Mon,  4 Dec 2023 12:40:26 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345729AbjLDUi5 (ORCPT <rfc822;a.bouin@gmail.com> + 99 others);
        Mon, 4 Dec 2023 15:38:57 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56154 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1346138AbjLDUiW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 4 Dec 2023 15:38:22 -0500
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA80D387F
        for <linux-kernel@vger.kernel.org>; Mon,  4 Dec 2023 12:36:06 -0800 (PST)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86B45C43397;
        Mon,  4 Dec 2023 20:36:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1701722166;
        bh=xT+cBc7QfYA6bGC+1nskdoROx+HjWk63kF5Ysn7A7/A=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=fTt8GQw56nN4TvKyOvKh9/T0S78ZZW5j8kcUS8UpESkSmmGUzxXR0ir1NG1uwTWjV
         oFcqUJUnBNwbwrSYSKD8o4SBwYUowz2jMh+wWRGkdQA7ibdcSmTVnmAH1UP3Gw7Lod
         Q0vXhFYBwvzk170REKK4/+/KKCUPTTMUI6ziWX4C6xjFp8S1yRLrjUdYCOWsI2S9o/
         66zPlUOU6fo8Y4BWJFeRNOP1ryHCeTGU+NiyjXOiiwqUTkVLaypZrwSu1Q7KIgquG/
         IQebcGONIkRiH+MJFEj3FLmhR50ClZ/xyJlVNN0zietzCAiG3NDBvRwVNMV7Gp9yCT
         HnnhZCtbLT2Zg==
From:   Sasha Levin <sashal@kernel.org>
To:     linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc:     Keith Busch <kbusch@kernel.org>, Jens Axboe <axboe@kernel.dk>,
        Sasha Levin <sashal@kernel.org>, sagi@grimberg.me,
        linux-nvme@lists.infradead.org
Subject: [PATCH AUTOSEL 6.1 17/17] nvme-core: check for too small lba shift
Date:   Mon,  4 Dec 2023 15:35:02 -0500
Message-ID: <20231204203514.2093855-17-sashal@kernel.org>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20231204203514.2093855-1-sashal@kernel.org>
References: <20231204203514.2093855-1-sashal@kernel.org>
MIME-Version: 1.0
X-stable: review
X-Patchwork-Hint: Ignore
X-stable-base: Linux 6.1.65
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 04 Dec 2023 12:40:27 -0800 (PST)

From: Keith Busch <kbusch@kernel.org>

[ Upstream commit 74fbc88e161424b3b96a22b23a8e3e1edab9d05c ]

The block layer doesn't support logical block sizes smaller than 512
bytes. The nvme spec doesn't support that small either, but the driver
isn't checking to make sure the device responded with usable data.
Failing to catch this will result in a kernel bug, either from a
division by zero when stacking, or a zero length bio.

Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/nvme/host/core.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index 0590c0b81fca9..b0db3b54d69a3 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1922,9 +1922,10 @@ static void nvme_update_disk_info(struct gendisk *disk,
 
 	/*
 	 * The block layer can't support LBA sizes larger than the page size
-	 * yet, so catch this early and don't allow block I/O.
+	 * or smaller than a sector size yet, so catch this early and don't
+	 * allow block I/O.
 	 */
-	if (ns->lba_shift > PAGE_SHIFT) {
+	if (ns->lba_shift > PAGE_SHIFT || ns->lba_shift < SECTOR_SHIFT) {
 		capacity = 0;
 		bs = (1 << 9);
 	}
-- 
2.42.0