nvme: check the PRINFO bit before deciding the host buffer length

BugLink: https://bugs.launchpad.net/bugs/1916061
[ Upstream commit 4d6b1c95b974761c01cbad92321b82232b66d2a2 ]

According to NVMe spec v1.4, section 8.3.1, the PRINFO bit and
the metadata size play a vital role in deteriming the host buffer size.

If PRIFNO bit is set and MS==8, the host doesn't add the metadata buffer,
instead the controller adds it.

Signed-off-by: Revanth Rajashekar <revanth.rajashekar@intel.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index 7a964271959d859011a3f4484b2eb000e72de4e2..c2cabd77884bfa7103e0aba34632cf89bb9a68ef 100644 (file)
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1295,8 +1295,21 @@ static int nvme_submit_io(struct nvme_ns *ns, struct nvme_user_io __user *uio)
        }
 
        length = (io.nblocks + 1) << ns->lba_shift;
-       meta_len = (io.nblocks + 1) * ns->ms;
-       metadata = nvme_to_user_ptr(io.metadata);
+
+       if ((io.control & NVME_RW_PRINFO_PRACT) &&
+           ns->ms == sizeof(struct t10_pi_tuple)) {
+               /*
+                * Protection information is stripped/inserted by the
+                * controller.
+                */
+               if (nvme_to_user_ptr(io.metadata))
+                       return -EINVAL;
+               meta_len = 0;
+               metadata = NULL;
+       } else {
+               meta_len = (io.nblocks + 1) * ns->ms;
+               metadata = nvme_to_user_ptr(io.metadata);
+       }
 
        if (ns->ext) {
                length += meta_len;