This is a note to let you know that I've just added the patch titled nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns() to the 6.1-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: nvmet-fix-error-handling-in-nvmet_execute_identify_c.patch and it can be found in the queue-6.1 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit 2d0db9f5eb478f6e92093a242f262a858e7488d7 Author: Damien Le Moal <damien.lemoal@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 14 15:20:36 2023 +0900 nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns() [ Upstream commit ab76e7206b672b2e8818cb121a04506956d6b223 ] Nvme specifications state that: If the I/O Command Set associated with the namespace identified by the NSID field does not support the Identify Namespace data structure specified by the CSI field, the controller shall abort the command with a status code of Invalid Field in Command. In other words, if nvmet_execute_identify_cns_cs_ns() is called for a target with a block device that is not zoned, we should not return any data and set the status to NVME_SC_INVALID_FIELD. While at it, it is also better to revalidate the ns block devie *before* checking if the block device is zoned, to ensure that nvmet_execute_identify_cns_cs_ns() operates against updated device characteristics. Fixes: aaf2e048af27 ("nvmet: add ZBD over ZNS backend support") Signed-off-by: Damien Le Moal <damien.lemoal@xxxxxxxxxxxxxxxxxx> Reviewed-by: Keith Busch <kbusch@xxxxxxxxxx> Reviewed-by: Sagi Grimberg <sagi@xxxxxxxxxxx> Reviewed-by: Chaitanya Kulkarni <kch@xxxxxxxxxx> Signed-off-by: Christoph Hellwig <hch@xxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/drivers/nvme/target/zns.c b/drivers/nvme/target/zns.c index 1254cf57e008d..017c13f8bef14 100644 --- a/drivers/nvme/target/zns.c +++ b/drivers/nvme/target/zns.c @@ -97,7 +97,7 @@ void nvmet_execute_identify_cns_cs_ctrl(struct nvmet_req *req) void nvmet_execute_identify_cns_cs_ns(struct nvmet_req *req) { - struct nvme_id_ns_zns *id_zns; + struct nvme_id_ns_zns *id_zns = NULL; u64 zsze; u16 status; u32 mar, mor; @@ -118,16 +118,18 @@ void nvmet_execute_identify_cns_cs_ns(struct nvmet_req *req) if (status) goto done; - if (!bdev_is_zoned(req->ns->bdev)) { - req->error_loc = offsetof(struct nvme_identify, nsid); - goto done; - } - if (nvmet_ns_revalidate(req->ns)) { mutex_lock(&req->ns->subsys->lock); nvmet_ns_changed(req->ns->subsys, req->ns->nsid); mutex_unlock(&req->ns->subsys->lock); } + + if (!bdev_is_zoned(req->ns->bdev)) { + status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; + req->error_loc = offsetof(struct nvme_identify, nsid); + goto out; + } + zsze = (bdev_zone_sectors(req->ns->bdev) << 9) >> req->ns->blksize_shift; id_zns->lbafe[0].zsze = cpu_to_le64(zsze); @@ -148,8 +150,8 @@ void nvmet_execute_identify_cns_cs_ns(struct nvmet_req *req) done: status = nvmet_copy_to_sgl(req, 0, id_zns, sizeof(*id_zns)); - kfree(id_zns); out: + kfree(id_zns); nvmet_req_complete(req, status); }