From 492f9a8d79f2e815007e985cad8dd73b713722f0 Mon Sep 17 00:00:00 2001 From: Keith Busch Date: Wed, 30 Sep 2020 10:54:05 -0700 Subject: [PATCH] hw/block/nvme: validate command set selected Fail to start the controller if the user requests a command set that the controller does not support. Signed-off-by: Keith Busch Signed-off-by: Klaus Jensen --- hw/block/nvme.c | 6 +++++- hw/block/trace-events | 1 + include/block/nvme.h | 4 ++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/hw/block/nvme.c b/hw/block/nvme.c index 5a9ae699af..94db06cf72 100644 --- a/hw/block/nvme.c +++ b/hw/block/nvme.c @@ -2045,6 +2045,10 @@ static int nvme_start_ctrl(NvmeCtrl *n) trace_pci_nvme_err_startfail_acq_misaligned(n->bar.acq); return -1; } + if (unlikely(!(NVME_CAP_CSS(n->bar.cap) & (1 << NVME_CC_CSS(n->bar.cc))))) { + trace_pci_nvme_err_startfail_css(NVME_CC_CSS(n->bar.cc)); + return -1; + } if (unlikely(NVME_CC_MPS(n->bar.cc) < NVME_CAP_MPSMIN(n->bar.cap))) { trace_pci_nvme_err_startfail_page_too_small( @@ -2746,7 +2750,7 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev) NVME_CAP_SET_MQES(n->bar.cap, 0x7ff); NVME_CAP_SET_CQR(n->bar.cap, 1); NVME_CAP_SET_TO(n->bar.cap, 0xf); - NVME_CAP_SET_CSS(n->bar.cap, 1); + NVME_CAP_SET_CSS(n->bar.cap, NVME_CAP_CSS_NVM); NVME_CAP_SET_MPSMAX(n->bar.cap, 4); n->bar.vs = NVME_SPEC_VER; diff --git a/hw/block/trace-events b/hw/block/trace-events index e56d688b88..7b28091bd6 100644 --- a/hw/block/trace-events +++ b/hw/block/trace-events @@ -132,6 +132,7 @@ pci_nvme_err_startfail_cqent_too_small(uint8_t log2ps, uint8_t maxlog2ps) "nvme_ pci_nvme_err_startfail_cqent_too_large(uint8_t log2ps, uint8_t maxlog2ps) "nvme_start_ctrl failed because the completion queue entry size is too large: log2size=%u, max=%u" pci_nvme_err_startfail_sqent_too_small(uint8_t log2ps, uint8_t maxlog2ps) "nvme_start_ctrl failed because the submission queue entry size is too small: log2size=%u, min=%u" pci_nvme_err_startfail_sqent_too_large(uint8_t log2ps, uint8_t maxlog2ps) "nvme_start_ctrl failed because the submission queue entry size is too large: log2size=%u, max=%u" +pci_nvme_err_startfail_css(uint8_t css) "nvme_start_ctrl failed because invalid command set selected:%u" pci_nvme_err_startfail_asqent_sz_zero(void) "nvme_start_ctrl failed because the admin submission queue size is zero" pci_nvme_err_startfail_acqent_sz_zero(void) "nvme_start_ctrl failed because the admin completion queue size is zero" pci_nvme_err_startfail(void) "setting controller enable bit failed" diff --git a/include/block/nvme.h b/include/block/nvme.h index 868cf53f0b..bc20a2ba5e 100644 --- a/include/block/nvme.h +++ b/include/block/nvme.h @@ -82,6 +82,10 @@ enum NvmeCapMask { #define NVME_CAP_SET_PMRS(cap, val) (cap |= (uint64_t)(val & CAP_PMR_MASK)\ << CAP_PMR_SHIFT) +enum NvmeCapCss { + NVME_CAP_CSS_NVM = 1 << 0, +}; + enum NvmeCcShift { CC_EN_SHIFT = 0, CC_CSS_SHIFT = 4,