Skip to content

Commit

Permalink
tree: Allocate aligned payloads for ns scan
Browse files Browse the repository at this point in the history 
libnvme is actually doing some namespace identification
during tree scan, leading to stack smash on some systems.

Signed-off-by: Tomas Bzatek <[email protected]>
  • Loading branch information
@tbzatek
tbzatek committed Oct 10, 2023
1 parent 8bb25da commit a0b7cf4
Showing 1 changed file with 18 additions and 11 deletions.
29 changes: 18 additions & 11 deletions src/nvme/tree.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2404,26 +2404,33 @@ static void nvme_ns_parse_descriptors(struct nvme_ns *n,

static int nvme_ns_init(struct nvme_ns *n)
{
struct nvme_id_ns ns = { };
uint8_t buffer[NVME_IDENTIFY_DATA_SIZE] = { };
struct nvme_ns_id_desc *descs = (void *)buffer;
struct nvme_id_ns *ns;
struct nvme_ns_id_desc *descs;
uint8_t flbas;
int ret;

ret = nvme_ns_identify(n, &ns);
if (ret)
ns = __nvme_alloc(sizeof(*ns));
if (!ns)
return 0;
ret = nvme_ns_identify(n, ns);
if (ret) {
free(ns);
return ret;
}

nvme_id_ns_flbas_to_lbaf_inuse(ns.flbas, &flbas);
n->lba_shift = ns.lbaf[flbas].ds;
nvme_id_ns_flbas_to_lbaf_inuse(ns->flbas, &flbas);
n->lba_shift = ns->lbaf[flbas].ds;
n->lba_size = 1 << n->lba_shift;
n->lba_count = le64_to_cpu(ns.nsze);
n->lba_util = le64_to_cpu(ns.nuse);
n->meta_size = le16_to_cpu(ns.lbaf[flbas].ms);
n->lba_count = le64_to_cpu(ns->nsze);
n->lba_util = le64_to_cpu(ns->nuse);
n->meta_size = le16_to_cpu(ns->lbaf[flbas].ms);

if (!nvme_ns_identify_descs(n, descs))
descs = __nvme_alloc(NVME_IDENTIFY_DATA_SIZE);
if (descs && !nvme_ns_identify_descs(n, descs))
nvme_ns_parse_descriptors(n, descs);

free(ns);
free(descs);
return 0;
}

Expand Down

0 comments on commit a0b7cf4

Please sign in to comment.