nvdimm, btt: fix LBA masking during 'free list' population

Message ID	20190225214931.27928-1-vishal.l.verma@intel.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <linux-nvdimm-bounces@lists.01.org> Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=vishal.l.verma@intel.com; receiver=linux-nvdimm@lists.01.org From: Vishal Verma <vishal.l.verma@intel.com> To: <linux-nvdimm@lists.01.org> Subject: [PATCH] nvdimm, btt: fix LBA masking during 'free list' population Date: Mon, 25 Feb 2019 14:49:31 -0700 Message-Id: <20190225214931.27928-1-vishal.l.verma@intel.com> MIME-Version: 1.0 Precedence: list Cc: Pedro d'Aquino Filocre F S Barbuda <pbarbuda@microsoft.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: linux-nvdimm-bounces@lists.01.org Sender: "Linux-nvdimm" <linux-nvdimm-bounces@lists.01.org>
Series	nvdimm, btt: fix LBA masking during 'free list' population \| expand nvdimm, btt: fix LBA masking during 'free list' population

Message ID

20190225214931.27928-1-vishal.l.verma@intel.com (mailing list archive)

State

Superseded

Headers

Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.43; helo=mga05.intel.com;
 envelope-from=vishal.l.verma@intel.com; receiver=linux-nvdimm@lists.01.org
From: Vishal Verma <vishal.l.verma@intel.com>
To: <linux-nvdimm@lists.01.org>
Subject: [PATCH] nvdimm, btt: fix LBA masking during 'free list' population
Date: Mon, 25 Feb 2019 14:49:31 -0700
Message-Id: <20190225214931.27928-1-vishal.l.verma@intel.com>
MIME-Version: 1.0
Precedence: list
Cc: Pedro d'Aquino Filocre F S Barbuda <pbarbuda@microsoft.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: linux-nvdimm-bounces@lists.01.org
Sender: "Linux-nvdimm" <linux-nvdimm-bounces@lists.01.org>

Series

nvdimm, btt: fix LBA masking during 'free list' population | expand

Commit Message

Verma, Vishal L Feb. 25, 2019, 9:49 p.m. UTC

The Linux BTT implementation assumes that log entries will never have
the 'zero' flag set, and indeed it never sets that flag for log entries
itself.

However, the UEFI spec is ambiguous on the exact format of the LBA field
of a log entry, specifically as to whether it should include the
additional flag bits or not. While a zero bit doesn't make sense in the
context of a log entry, other BTT implementations might still have it set.

If an implementation does happen to have it set, we would happily read
it in as the next block to write to for writes. Since a high bit is set,
it pushes the block number out of the range of an 'arena', and we fail
such a write with an EIO.

Follow the robustness principle, and tolerate such implementations by
stripping out the zero flag when populating the free list during
initialization.

Cc: Dan Williams <dan.j.williams@intel.com>
Reported-by: Dexuan Cui <decui@microsoft.com>
Reported-by: Pedro d'Aquino Filocre F S Barbuda <pbarbuda@microsoft.com>
Tested-by: Dexuan Cui <decui@microsoft.com>
Signed-off-by: Vishal Verma <vishal.l.verma@intel.com>
---
 drivers/nvdimm/btt.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/nvdimm/btt.c b/drivers/nvdimm/btt.c
index b123b0dcf274..1c5447ac1e39 100644
--- a/drivers/nvdimm/btt.c
+++ b/drivers/nvdimm/btt.c
@@ -562,13 +562,15 @@  static int btt_freelist_init(struct arena_info *arena)
 		/* sub points to the next one to be overwritten */
 		arena->freelist[i].sub = 1 - new;
 		arena->freelist[i].seq = nd_inc_seq(le32_to_cpu(log_new.seq));
-		arena->freelist[i].block = le32_to_cpu(log_new.old_map);
+		arena->freelist[i].block =
+				le32_to_cpu(ent_lba(log_new.old_map));
 
 		/*
 		 * FIXME: if error clearing fails during init, we want to make
 		 * the BTT read-only
 		 */
 		if (ent_e_flag(log_new.old_map)) {
+			set_e_flag(arena->freelist[i].block);
 			ret = arena_clear_freelist_error(arena, i);
 			if (ret)
 				dev_err_ratelimited(to_dev(arena),

nvdimm, btt: fix LBA masking during 'free list' population

Commit Message

Patch