From: Francis Pravin Antony Michael Raj <francis.michael@solidigm.com>
Date: Wed, 2 Nov 2022 08:06:00 +0000 (+0100)
Subject: hw/nvme: Abort copy command when format is one while pif
X-Git-Tag: nvme-next-pull-request~104^2
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=632cb6cf07122b330d8ef419ec2f4aab561a9fba;p=qemu-nvme.git

hw/nvme: Abort copy command when format is one while pif

As per the NVMe Command Set specification Section 3.2.2, if

  i)  The namespace is formatted to use 16b Guard Protection
      Information (i.e., pif = 0) and
  ii) The Descriptor Format is not cleared to 0h

Then the copy command should be aborted with the status code of Invalid
Namespace or Format

Fixes: 44219b6029fc ("hw/nvme: 64-bit pi support")
Signed-off-by: Francis Pravin Antony Michael Raj <francis.michael@solidigm.com>
Signed-off-by: Jonathan Derrick <jonathan.derrick@solidigm.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---

diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 73c870a429..9a9857ccf8 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -3034,7 +3034,8 @@ static uint16_t nvme_copy(NvmeCtrl *n, NvmeRequest *req)
         goto invalid;
     }
 
-    if (ns->pif && format != 0x1) {
+    if ((ns->pif == 0x0 && format != 0x0) ||
+        (ns->pif != 0x0 && format != 0x1)) {
         status = NVME_INVALID_FORMAT | NVME_DNR;
         goto invalid;
     }