Re: [PATCH v2] nvme-tcp: Check if request has started before processing it

From: Sagi Grimberg
Date: Fri Mar 05 2021 - 14:58:17 EST

Next message: Lizhi Hou: "Re: [PATCH V3 XRT Alveo 10/18] fpga: xrt: VSEC platform driver"
Previous message: Sedat Dilek: "Re: [xhci] usb 4-1: reset SuperSpeed Gen 1 USB device number 2 using xhci_hcd"
In reply to: Daniel Wagner: "[PATCH v2] nvme-tcp: Check if request has started before processing it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

blk_mq_tag_to_rq() always returns a request if the tag id is in a
valid range [0...max_tags). If the target replies with a tag for which
we don't have a request but it's not started, the host will likely
corrupt data or simply crash.

Add an additional check if the a request has been started if not
reset the connection.

This addition check will not protected against an invalid tag which
maps to a request which has been started. There is nothing we can do
about this. Though it will at a least protect from crashing the host,
which generally thought to be the right thing to do.

Daniel, again, there is nothing specific about this to nvme-tcp,
this is a safeguard against a funky controller (or a different
bug that is hidden by this). The same can happen in any other
transport so I would suggest that if this is a safeguard we
want to put in place, we should make it a generic one.

i.e. nvme_tag_to_rq() that _all_ transports call consistently.

Next message: Lizhi Hou: "Re: [PATCH V3 XRT Alveo 10/18] fpga: xrt: VSEC platform driver"
Previous message: Sedat Dilek: "Re: [xhci] usb 4-1: reset SuperSpeed Gen 1 USB device number 2 using xhci_hcd"
In reply to: Daniel Wagner: "[PATCH v2] nvme-tcp: Check if request has started before processing it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]