On Mon, 2020-03-16 at 07:29 -0700, Klaus Jensen wrote: > From: Klaus Jensen <k.jen...@samsung.com> > > Before this patch the device already supported this, but it did not > check for the validity of it nor announced the support in the LISTS > field. > > If some of the PRPs in a PRP list are in the CMB, then ALL entries must > be there. This patch makes sure that is verified as well as properly > announcing support for PRP lists in the CMB. > > Signed-off-by: Klaus Jensen <k.jen...@samsung.com> > --- > hw/block/nvme.c | 14 +++++++++++++- > 1 file changed, 13 insertions(+), 1 deletion(-) > > diff --git a/hw/block/nvme.c b/hw/block/nvme.c > index 850087aac967..eecfad694bf8 100644 > --- a/hw/block/nvme.c > +++ b/hw/block/nvme.c > @@ -210,6 +210,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList > *qsg, QEMUIOVector *iov, > trans_len = MIN(len, trans_len); > int num_prps = (len >> n->page_bits) + 1; > uint16_t status; > + bool prp_list_in_cmb = false; > > trace_nvme_dev_map_prp(nvme_cid(req), trans_len, len, prp1, prp2, > num_prps); > @@ -237,11 +238,16 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList > *qsg, QEMUIOVector *iov, > status = NVME_INVALID_FIELD | NVME_DNR; > goto unmap; > } > + > if (len > n->page_size) { > uint64_t prp_list[n->max_prp_ents]; > uint32_t nents, prp_trans; > int i = 0; > > + if (nvme_addr_is_cmb(n, prp2)) { > + prp_list_in_cmb = true; > + } > + > nents = (len + n->page_size - 1) >> n->page_bits; > prp_trans = MIN(n->max_prp_ents, nents) * sizeof(uint64_t); > nvme_addr_read(n, prp2, (void *)prp_list, prp_trans); > @@ -255,6 +261,11 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList > *qsg, QEMUIOVector *iov, > goto unmap; > } > > + if (prp_list_in_cmb != nvme_addr_is_cmb(n, prp_ent)) { > + status = NVME_INVALID_USE_OF_CMB | NVME_DNR; > + goto unmap; > + } > + > i = 0; > nents = (len + n->page_size - 1) >> n->page_bits; > prp_trans = MIN(n->max_prp_ents, nents) * > sizeof(uint64_t); > @@ -274,6 +285,7 @@ static uint16_t nvme_map_prp(NvmeCtrl *n, QEMUSGList > *qsg, QEMUIOVector *iov, > if (status) { > goto unmap; > } > + > len -= trans_len; > i++; > } > @@ -1931,7 +1943,7 @@ static void nvme_init_cmb(NvmeCtrl *n, PCIDevice > *pci_dev) > > NVME_CMBSZ_SET_SQS(n->bar.cmbsz, 1); > NVME_CMBSZ_SET_CQS(n->bar.cmbsz, 0); > - NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 0); > + NVME_CMBSZ_SET_LISTS(n->bar.cmbsz, 1); > NVME_CMBSZ_SET_RDS(n->bar.cmbsz, 1); > NVME_CMBSZ_SET_WDS(n->bar.cmbsz, 1); > NVME_CMBSZ_SET_SZU(n->bar.cmbsz, 2);
Reviewed-by: Maxim Levitsky <mlevi...@redhat.com> Best regards, Maxim Levitsky