linux

mirror of https://github.com/torvalds/linux.git synced 2026-03-13 22:36:17 +01:00

History

Robert Richter ef1d3455bb libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm driver: Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm] Code and flow: 1) CXL Command 4000h returns LSA size = 0 2) config_size is assigned to zero LSA size (CXL pmem driver): drivers/cxl/pmem.c: .config_size = mds->lsa_size, 3) max_xfer is set to zero (nvdimm driver): drivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd->nsarea.max_xfer, config_size); 4) A subsequent DIV_ROUND_UP() causes a division by zero: drivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size / drivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) max_xfer, drivers/nvdimm/label.c- config_size); Fix this by checking the config size parameter by extending an existing check. Signed-off-by: Robert Richter <rrichter@amd.com> Reviewed-by: Pankaj Gupta <pankaj.gupta@amd.com> Reviewed-by: Ira Weiny <ira.weiny@intel.com> Link: https://patch.msgid.link/20250320112223.608320-1-rrichter@amd.com Signed-off-by: Ira Weiny <ira.weiny@intel.com>		2025-03-20 16:54:27 -05:00
..
badrange.c	libnvdimm: remove kernel-doc warnings:	2023-10-18 09:48:05 -07:00
btt.c	6.11 updates for libnvdimm	2024-07-20 11:26:02 -07:00
btt.h	nvdimm-btt: convert to blk_alloc_disk/blk_cleanup_disk	2021-06-01 07:42:23 -06:00
btt_devs.c	nvdimm: Remove usage of the deprecated ida_simple_xx() API	2024-01-03 12:21:36 -08:00
bus.c	driver core: Constify API device_find_child() and adapt for various usages	2025-01-03 11:19:35 +01:00
claim.c	libnvdimm: Remove unused nd_attach_ndns	2025-03-03 08:03:43 -06:00
core.c	nvdimm: add missing MODULE_DESCRIPTION() macros	2024-06-17 18:41:48 -05:00
dax_devs.c	nvdimm: rectify the illogical code within nd_dax_probe()	2024-11-13 12:58:37 -06:00
dimm.c	libnvdimm: Make remove callback return void	2021-02-16 19:35:29 -08:00
dimm_devs.c	nvdimm/dimm_devs: fix kernel-doc for function params	2024-01-03 12:21:36 -08:00
e820.c	Get rid of 'remove_new' relic from platform driver struct	2024-12-01 15:12:43 -08:00
Kconfig	libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help	2024-02-12 14:32:25 -07:00
label.c	libnvdimm/labels: Fix divide error in nd_label_data_init()	2025-03-20 16:54:27 -05:00
label.h	nvdimm/region: Delete nd_blk_region infrastructure	2022-03-11 15:53:13 -08:00
Makefile	drivers/nvdimm: Fix build failure when CONFIG_PERF_EVENTS is not set	2022-03-23 12:17:36 -07:00
namespace_devs.c	nvdimm: Remove dead code for ENODEV checking in scan_labels()	2024-08-21 16:06:43 -05:00
nd-core.h	libnvdimm: Remove unused nd_attach_ndns	2025-03-03 08:03:43 -06:00
nd.h	nvdimm: rectify the illogical code within nd_dax_probe()	2024-11-13 12:58:37 -06:00
nd_perf.c	nvdimm: Fix dereference after free in register_nvdimm_pmu()	2023-08-17 09:34:03 -07:00
nd_virtio.c	nvdimm: Correct some typos in comments	2024-11-13 12:32:57 -06:00
of_pmem.c	Get rid of 'remove_new' relic from platform driver struct	2024-12-01 15:12:43 -08:00
pfn.h	libnvdimm/namespace: Enforce memremap_compat_align()	2020-03-17 12:23:21 -07:00
pfn_devs.c	nvdimm: Correct some typos in comments	2024-11-13 12:32:57 -06:00
pmem.c	nvdimm: Correct some typos in comments	2024-11-13 12:32:57 -06:00
pmem.h	dax: introduce DAX_RECOVERY_WRITE dax access mode	2022-05-16 13:35:56 -07:00
region.c	nvdimm/region: Move cache management to the region driver	2022-12-02 23:52:32 -08:00
region_devs.c	libnvdimm: Remove unused nd_region_conflict	2025-03-03 08:03:43 -06:00
security.c	nvdimm/region: Move cache management to the region driver	2022-12-02 23:52:32 -08:00
virtio_pmem.c	virtio_pmem: Add freeze/restore callbacks	2024-11-12 18:07:24 -05:00
virtio_pmem.h	virtio-pmem: Add virtio pmem driver	2019-07-05 15:19:10 -07:00