leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
b59ea3efba4889ece81056883193d78b51db11d1
linux/drivers/scsi
History
Quinn Tran 921d439c67 qla2xxx: Fix stale pointer access. 
commit cb43285ff7 upstream.

[ Upstream Commit 84e32a06f4 ]

Commit 84e32a0 ("qla2xxx: Use pci_enable_msix_range() instead of
pci_enable_msix()") introduced a regression when target mode is enabled.
In qla24xx_enable_msix(), ha->max_rsp_queues was incorrectly set
to a value higher than the number of response queues allocated causing
an invalid dereference. Specifically here in qla2x00_init_rings():
    *rsp->in_ptr = 0;

Add additional check to make sure the pointer is valid. following
call stack will be seen

---- 8< ----
RIP: 0010:[<ffffffffa02ccadc>]  [<ffffffffa02ccadc>] qla2x00_init_rings+0xdc/0x320 [qla2xxx]
RSP: 0018:ffff880429447dd8  EFLAGS: 00010082
....
Call Trace:
[<ffffffffa02ceb40>] qla2x00_abort_isp+0x170/0x6b0 [qla2xxx]
[<ffffffffa02c6f77>] qla2x00_do_dpc+0x357/0x7f0 [qla2xxx]
[<ffffffffa02c6c20>] ? qla2x00_relogin+0x260/0x260 [qla2xxx]
[<ffffffff8107d2c9>] kthread+0xc9/0xe0
[<ffffffff8107d200>] ? flush_kthread_worker+0x90/0x90
[<ffffffff8172cc6f>] ret_from_fork+0x3f/0x70
[<ffffffff8107d200>] ? flush_kthread_worker+0x90/0x90
---- 8< ----

Signed-off-by: Quinn Tran <quinn.tran@qlogic.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-03-03 15:07:27 -08:00
..
aacraid
aacraid: Update driver version
2015-11-09 16:12:56 -08:00
aic7xxx
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
aic94xx
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
arcmsr
Merge tag 'libnvdimm-for-4.3' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
2015-09-08 14:35:59 -07:00
arm
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
be2iscsi
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
bfa
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
bnx2fc
bnx2fc: Update version number to 2.9.6.
2015-11-09 17:32:34 -08:00
bnx2i
bnx2i: Fix call trace while device reset
2015-06-02 17:15:24 -07:00
csiostor
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
cxgbi
drivers/scsi/cxgbi: fix build with EXTRA_CFLAGS
2015-11-09 15:11:24 -08:00
cxlflash
cxlflash: Fix to avoid bypassing context cleanup
2015-10-30 17:25:34 +09:00
device_handler
scsi_dh_rdac: always retry MODE SELECT on command lock violation
2016-02-25 12:01:16 -08:00
dpt
esas2r
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
fcoe
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
fnic
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
ibmvscsi
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
isci
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
libfc
libfc: Use the correct function name in kernel-doc comment.
2015-11-09 17:15:52 -08:00
libsas
Merge branch 'for-4.0-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata
2015-03-24 17:08:29 -07:00
lpfc
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
megaraid
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
mpt3sas
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
mvsas
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
osd
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2015-04-14 09:50:27 -07:00
pcmcia
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
pm8001
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
qla2xxx
qla2xxx: Fix stale pointer access.
2016-03-03 15:07:27 -08:00
qla4xxx
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
2015-11-13 20:35:54 -08:00
snic
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
2015-11-13 20:35:54 -08:00
sym53c8xx_2
scsi: drop reason argument from ->change_queue_depth
2014-11-24 14:45:27 +01:00
ufs
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
.gitignore
3w-9xxx.c
3w-9xxx: don't unmap bounce buffered commands
2015-10-07 10:24:48 -07:00
3w-9xxx.h
3w-9xxx: fix command completion race
2015-04-27 10:10:19 -07:00
3w-sas.c
3w-sas: fix command completion race
2015-04-27 10:04:39 -07:00
3w-sas.h
3w-sas: fix command completion race
2015-04-27 10:04:39 -07:00
3w-xxxx.c
3w-xxxx: fix command completion race
2015-04-27 10:05:55 -07:00
3w-xxxx.h
3w-xxxx: fix command completion race
2015-04-27 10:05:55 -07:00
53c700_d.h_shipped
53c700.c
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
53c700.h
53c700.scr
a100u2w.c
scsi: a100u2w: trivial typo in printk
2015-08-07 15:03:42 +02:00
a100u2w.h
a2091.c
zorro: ZTWO_VADDR() should return "void __iomem *"
2013-11-26 11:09:07 +01:00
a2091.h
a3000.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
a3000.h
a4000t.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
advansys.c
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
aha152x.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
aha152x.h
aha1542.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
aha1542.h
aha1542: fix include guard and remove useless changelog
2015-04-09 18:08:31 -07:00
aha1740.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
aha1740.h
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
am53c974.c
am53c974: Fix crash during modprobe
2015-04-17 10:13:56 -07:00
atari_NCR5380.c
ncr5380: Harmonize jiffies conversion with msecs_to_jiffies
2015-03-09 10:45:26 -04:00
atari_scsi.c
ncr5380: Drop owner assignment from platform_drivers
2015-03-09 07:18:14 -04:00
atp870u.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
atp870u.h
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
BusLogic.c
scsi: replace seq_printf with seq_puts
2015-02-02 09:57:45 -08:00
BusLogic.h
[SCSI] BusLogic: Port driver to 64-bit.
2013-06-26 18:32:47 -07:00
bvme6000_scsi.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
ch.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2015-04-14 09:50:27 -07:00
constants.c
scsi: Conditionally compile in constants.c
2015-01-09 15:44:31 +01:00
dc395x.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
dc395x.h
dmx3191d.c
dmx3191d: Use NO_IRQ
2014-11-20 09:11:11 +01:00
dpt_i2o.c
x86/vm86: Clean up vm86.h includes
2015-07-31 13:31:10 +02:00
dpti.h
scsi: use 64-bit LUNs
2014-07-17 22:07:37 +02:00
dtc.c
ncr5380: Drop legacy scsi.h include
2014-11-20 09:11:10 +01:00
dtc.h
ncr5380: Remove *_RELEASE macros
2014-11-20 09:11:10 +01:00
eata_generic.h
eata_pio.c
scsi: replace seq_printf with seq_puts
2015-02-02 09:57:45 -08:00
eata_pio.h
eata.c
scsi: drop reason argument from ->change_queue_depth
2014-11-24 14:45:27 +01:00
esp_scsi.c
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
esp_scsi.h
esp_scsi: correctly detect am53c974
2014-11-24 16:13:16 +01:00
fdomain.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
fdomain.h
FlashPoint.c
FlashPoint: fix build warning
2015-11-09 16:32:14 -08:00
g_NCR5380_mmio.c
g_NCR5380.c
ncr5380: Harmonize jiffies conversion with msecs_to_jiffies
2015-03-09 10:45:26 -04:00
g_NCR5380.h
ncr5380: Remove *_RELEASE macros
2014-11-20 09:11:10 +01:00
gdth_ioctl.h
gdth_proc.c
scsi: replace seq_printf with seq_puts
2015-02-02 09:57:45 -08:00
gdth_proc.h
gdth.c
scsi: rename SERVICE_ACTION_IN to SERVICE_ACTION_IN_16
2014-11-24 20:01:40 +01:00
gdth.h
gvp11.c
zorro: ZTWO_VADDR() should return "void __iomem *"
2013-11-26 11:09:07 +01:00
gvp11.h
hosts.c
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
hpsa_cmd.h
hpsa: add in sas transport class
2015-11-09 12:39:28 -05:00
hpsa.c
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
hpsa.h
hpsa: add in sas transport class
2015-11-09 12:39:28 -05:00
hptiop.c
hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer
2015-08-12 13:14:57 -07:00
hptiop.h
hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer
2015-08-12 13:14:57 -07:00
imm.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
imm.h
in2000.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
in2000.h
initio.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
initio.h
ipr.c
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
ipr.h
ipr: Driver version 2.6.3.
2015-11-09 19:32:41 -05:00
ips.c
ips: remove pointless #warning
2015-06-02 17:24:54 -07:00
ips.h
iscsi_boot_sysfs.c
[SCSI] iscsi_boot_sysfs: Fix a memory leak in iscsi_boot_destroy_kset()
2014-03-15 10:19:19 -07:00
iscsi_tcp.c
scsi: drop reason argument from ->change_queue_depth
2014-11-24 14:45:27 +01:00
iscsi_tcp.h
net: Fix use after free by removing length arg from sk_data_ready callbacks.
2014-04-11 16:15:36 -04:00
jazz_esp.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
Kconfig
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
lasi700.c
libiscsi_tcp.c
[SCSI] libiscsi: Reduce locking contention in fast path
2014-03-15 10:19:18 -07:00
libiscsi.c
libiscsi: Fix iscsi_check_transport_timeouts possible infinite loop
2015-09-17 07:25:02 -07:00
mac53c94.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
mac53c94.h
mac_esp.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
mac_scsi.c
ncr5380: Drop owner assignment from platform_drivers
2015-03-09 07:18:14 -04:00
Makefile
mpt3sas: Single driver module which supports both SAS 2.0 & SAS 3.0 HBAs
2015-11-11 19:50:11 -05:00
megaraid.c
megaraid : use dev_printk when possible
2015-08-26 07:23:04 -07:00
megaraid.h
[SCSI] megaraid: simplify internal command handling
2014-03-27 08:26:31 -07:00
mesh.c
powerpc: Move Power Macintosh drivers to generic byteswappers
2015-03-23 14:29:40 +11:00
mesh.h
mvme16x_scsi.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
mvme147.c
mvme147.h
mvumi.c
mvumi: 64bit value for seconds_since1970
2015-11-11 20:45:23 -05:00
mvumi.h
ncr53c8xx.c
scsi: drop reason argument from ->change_queue_depth
2014-11-24 14:45:27 +01:00
ncr53c8xx.h
scsi: Remove CONFIG_SCSI_MULTI_LUN
2014-07-17 22:07:35 +02:00
NCR53c406a.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
NCR5380.c
ncr5380: Harmonize jiffies conversion with msecs_to_jiffies
2015-03-09 10:45:26 -04:00
NCR5380.h
atari_NCR5380: Move static co-routine variables to host data
2014-11-20 09:11:20 +01:00
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32_debug.c
nsp32_io.h
nsp32.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
nsp32.h
osst_detect.h
osst_options.h
osst.c
scsi: remove scsi_driver owner field
2014-11-24 20:01:28 +01:00
osst.h
pas16.c
ncr5380: Drop legacy scsi.h include
2014-11-20 09:11:10 +01:00
pas16.h
ncr5380: Remove *_RELEASE macros
2014-11-20 09:11:10 +01:00
pmcraid.c
Merge tag '4.4-scsi-mkp' into misc
2015-11-12 07:06:18 -05:00
pmcraid.h
ppa.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
ppa.h
ps3rom.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qla1280.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qla1280.h
qlogicfas408.c
qlogicfas408.h
qlogicfas.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qlogicpti.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qlogicpti.h
raid_class.c
script_asm.pl
scsi_common.c
scsi: Protect against buffer possible overflow in scsi_set_sense_information
2015-07-23 22:53:05 -07:00
scsi_debug.c
scsi_debug: fix prevent_allow+verify regressions
2015-11-25 21:38:53 -05:00
scsi_devinfo.c
SCSI: Add Marvell Console to VPD blacklist
2016-02-25 12:01:16 -08:00
scsi_dh.c
scsi_dh: don't try to load a device handler during async probing
2015-10-27 15:03:31 +09:00
scsi_error.c
mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM
2015-11-06 17:50:42 -08:00
scsi_ioctl.c
scsi: return EAGAIN when resetting a device under EH
2014-11-12 11:16:12 +01:00
scsi_lib_dma.c
scsi_lib.c
mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM
2015-11-06 17:50:42 -08:00
scsi_logging.c
scsi_logging: return void for dev_printk() functions
2015-02-04 08:00:24 -08:00
scsi_logging.h
scsi: simplify scsi_log_(send|completion)
2014-11-12 11:16:05 +01:00
scsi_module.c
scsi_netlink.c
net: Use netlink_ns_capable to verify the permisions of netlink messages
2014-04-24 13:44:54 -04:00
scsi_pm.c
Revert "SCSI: Fix NULL pointer dereference in runtime PM"
2015-12-10 12:24:44 -05:00
scsi_priv.h
scsi_dh: fix use-after-free when removing scsi device
2015-10-27 11:22:37 +09:00
scsi_proc.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
scsi_sas_internal.h
scsi_scan.c
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
scsi_sysctl.c
scsi: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
scsi_sysfs.c
scsi: fix soft lockup in scsi_remove_target() on module removal
2016-02-25 12:01:17 -08:00
scsi_trace.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
scsi_transport_api.h
scsi_transport_fc.c
scsi_transport_fc: Add support for 25Gbit speed
2015-04-10 07:40:32 -07:00
scsi_transport_iscsi.c
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
2015-09-02 12:22:54 -07:00
scsi_transport_sas.c
scsi_transport_sas: Remove check for SAS expander when querying bay/enclosure IDs.
2015-09-06 11:13:41 -07:00
scsi_transport_spi.c
[SCSI] Fix printk typos in drivers/scsi
2015-08-07 14:28:45 +02:00
scsi_transport_srp.c
IB/srp: Avoid using uninitialized variable
2015-07-14 13:20:09 -04:00
scsi_typedefs.h
scsi.c
scsi: use host wide tags by default
2015-11-09 17:11:57 -08:00
scsi.h
scsicam.c
scsi: PC partition tables are little endian
2014-11-12 11:15:54 +01:00
sd_dif.c
block: Consolidate static integrity profile properties
2015-10-21 14:42:38 -06:00
sd.c
sd: Optimal I/O size is in bytes, not sectors
2016-03-03 15:07:26 -08:00
sd.h
block/sd: Fix device-imposed transfer length limits
2015-11-25 21:38:58 -05:00
ses.c
ses: fix additional element traversal bug
2015-12-11 11:05:57 -08:00
sg.c
drivers/scsi/sg.c: mark VMA as VM_IO to prevent migration
2016-02-25 12:01:16 -08:00
sgiwd93.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
sim710.c
sni_53c710.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
sr_ioctl.c
sr: reduce debug noise in sr_do_ioctl
2015-01-20 19:43:24 +01:00
sr_vendor.c
scsi: Implement sr_printk()
2014-07-17 22:07:39 +02:00
sr.c
SCSI: fix crashes in sd and sr runtime PM
2016-02-25 12:01:16 -08:00
sr.h
scsi: introduce sdev_prefix_printk()
2014-11-12 11:15:57 +01:00
st_options.h
st.c
Merge branch 'mkp-fixes' into fixes
2015-12-03 09:32:33 -08:00
st.h
st: implement tape statistics
2015-06-02 08:03:25 -07:00
stex.c
stex: Remove use of struct timeval
2015-11-09 17:42:19 -08:00
storvsc_drv.c
scsi: storvsc: Fix a bug in the handling of SRB status flags
2015-11-09 16:29:42 -08:00
sun3_scsi_vme.c
scsi/NCR5380: merge sun3_scsi_vme.c into sun3_scsi.c
2014-05-28 12:16:28 +02:00
sun3_scsi.c
ncr5380: Drop owner assignment from platform_drivers
2015-03-09 07:18:14 -04:00
sun3_scsi.h
sun3_scsi: Move macro definitions
2014-11-20 09:11:15 +01:00
sun3x_esp.c
arch, drivers: don't include <asm/io.h> directly, use <linux/io.h> instead
2015-08-10 23:07:05 -04:00
sun_esp.c
scsi: drop owner assignment from platform_drivers
2014-10-20 16:21:33 +02:00
sym53c416.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
sym53c416.h
t128.c
ncr5380: Drop legacy scsi.h include
2014-11-20 09:11:10 +01:00
t128.h
ncr5380: Remove *_RELEASE macros
2014-11-20 09:11:10 +01:00
u14-34f.c
scsi: drop reason argument from ->change_queue_depth
2014-11-24 14:45:27 +01:00
ultrastor.c
ultrastor.h
virtio_scsi.c
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
2015-07-23 13:07:04 -07:00
vmw_pvscsi.c
vmw_pscsi: simplify ->change_queue_depth
2014-11-24 14:45:28 +01:00
vmw_pvscsi.h
PCI: Move PCI_VENDOR_ID_VMWARE to pci_ids.h
2014-09-24 11:52:09 -06:00
wd33c93.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
wd33c93.h
wd719x.c
[SCSI] Fix printk typos in drivers/scsi
2015-08-07 14:28:45 +02:00
wd719x.h
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
wd7000.c
scsi: replace seq_printf with seq_puts
2015-02-02 09:57:45 -08:00
xen-scsifront.c
xen: Use correctly the Xen memory terminologies
2015-09-08 18:03:49 +01:00
zalon.c
zorro7xx.c
zorro: ZTWO_VADDR() should return "void __iomem *"
2013-11-26 11:09:07 +01:00