[Bug]: NvmeDxe::NvmExpressMediaClear: off-by-one skips last LBA

[spbrogan]

Is there an existing issue for this?

• I have searched existing issues

Current Behavior

NvmExpressMediaClear: off-by-one skips last LBA

Why this is a real bug:

Media->LastBlock is the 0-based index of the last valid LBA. The < operator excludes it. The loop writes sectors 0 through LastBlock - 1, missing the final sector.

Consequence:
The final sector of the namespace is not overwritten during a media clear. For security-sensitive sanitization, this leaves residual data on media.

Expected Behavior

Last block should be cleared

Steps To Reproduce

Trigger path:

Namespace has Nsze = 100 → Media->LastBlock = 99.
Loop: SectorOffset from 0 to 98 → sector 99 is never written.
Why this is NOT a false positive:
The NVMe spec and EFI_BLOCK_IO_MEDIA specification define LastBlock as the LBA of the last block (inclusive). Correct iteration would use <=.

Build Environment

NA

Version Information

all

Urgency

Medium

Are you going to fix this?

I will fix it

Do you need maintainer feedback?

No maintainer feedback needed

Anything else?

No response