leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d2d0358bcd
linux/drivers/scsi
History
Shivasharan S d2d0358bcd scsi: megaraid_sas: MR_TargetIdToLdGet u8 to u16 and avoid invalid raid-map access 
Change MR_TargetIdToLdGet return type from u8 to u16.

ld id range check is added at two places in this patch -
@megasas_build_ldio_fusion and @megasas_build_ld_nonrw_fusion.  Previous
driver code used different data type for lds TargetId returned from
MR_TargetIdToLdGet.  Prior to this change, above two functions was
safeguarded due to function always return u8 and maximum value of ld id
returned was 255.

In below check, fw_supported_vd_count as of today is 64 or 256 and valid
range to support is either 0-63 or 0-255. Ideally want to filter
accessing raid map for ld ids which are not valid. With the u16 change,
invalid ld id value is 0xFFFF and we will see kernel panic due to random
memory access in MR_LdRaidGet.  The changes will ensure we do not call
MR_LdRaidGet if ld id is beyond size of ldSpanMap array.

               if (ld < instance->fw_supported_vd_count)

>From firmware perspective,ld id 0xFF is invalid and even though current
driver code forward such command, firmware fails with target not
available.

ld target id issue occurs mainly whenever driver loops to populate raid
map (ea. MR_ValidateMapInfo).  These are the only two places where we
may see out of range target ids and wants to protect raid map access
based on range provided by Firmware API.

Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@broadcom.com>
Signed-off-by: Kashyap Desai <kashyap.desai@broadcom.com>
Reviewed-by: Tomas Henzl <thenzl@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2017-02-13 07:26:22 -05:00
..
aacraid scsi: aacraid: avoid open-coded upper_32_bits 2017-02-07 17:25:05 -05:00
aic7xxx treewide: Fix printk() message errors 2016-12-14 10:54:27 +01:00
aic94xx scsi: aic94xx: Add a missing call to kfree 2016-11-29 11:21:49 -05:00
arcmsr Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
arm scsi: ncr5380: Use correct types for DMA routines 2016-11-08 17:29:48 -05:00
be2iscsi scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
bfa scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
bnx2fc scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
bnx2i scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
csiostor scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
cxgbi scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
cxlflash scsi: cxlflash: Cancel scheduled workers before stopping AFU 2017-01-11 22:38:15 -05:00
device_handler SCSI misc on 20161213 2016-12-14 10:49:33 -08:00
dpt
esas2r scsi: esas2r: Fix format string type mistakes 2017-01-09 23:52:26 -05:00
fcoe scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
fnic scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
hisi_sas scsi: hisi_sas: decrease running_req in hisi_sas_slot_task_free() 2017-01-20 19:10:42 -05:00
ibmvscsi scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
ibmvscsi_tgt ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
isci scsi: isci: switch to pci_alloc_irq_vectors 2016-12-01 08:36:17 -05:00
libfc SCSI misc on 20161213 2016-12-14 10:49:33 -08:00
libsas scsi: libsas: remove sas_scsi_timed_out 2017-02-06 19:09:12 -05:00
lpfc scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
megaraid scsi: megaraid_sas: MR_TargetIdToLdGet u8 to u16 and avoid invalid raid-map access 2017-02-13 07:26:22 -05:00
mpt3sas scsi: mpt3sas: Updating driver version to v15.100.00.00 2017-01-31 22:03:36 -05:00
mvsas SCSI misc on 20161213 2016-12-14 10:49:33 -08:00
osd block: split out request-only flags into a new namespace 2016-10-28 08:45:17 -06:00
pcmcia
pm8001 scsi: pm8001: switch to pci_irq_alloc_vectors 2017-02-06 19:12:30 -05:00
qedi scsi: qedi: Fix possible memory leak in qedi_iscsi_update_conn() 2017-02-09 18:35:00 -05:00
qla2xxx scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
qla4xxx scsi: qla4xxx: remove two unused MSI-X related #defines 2017-01-11 22:54:45 -05:00
smartpqi scsi: smartpqi: switch to pci_alloc_irq_vectors 2016-11-08 17:30:00 -05:00
snic snic: Fix use-after-free in case of a dma mapping error 2016-07-12 23:16:31 -04:00
sym53c8xx_2 scsi: sym53c8xx_2: Use complete() instead complete_all() 2016-09-14 13:19:29 -04:00
ufs scsi: ufs: dump hw regs on link failures 2017-02-07 18:04:12 -05:00
.gitignore
3w-9xxx.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
3w-9xxx.h scsi: Update 3ware driver email addresses 2016-12-14 15:25:12 -05:00
3w-sas.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
3w-sas.h scsi: Update 3ware driver email addresses 2016-12-14 15:25:12 -05:00
3w-xxxx.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
3w-xxxx.h scsi: Update 3ware driver email addresses 2016-12-14 15:25:12 -05:00
53c700_d.h_shipped
53c700.c scsi: remove current_cmnd field from struct scsi_device 2016-07-13 22:33:23 -04:00
53c700.h scsi: remove current_cmnd field from struct scsi_device 2016-07-13 22:33:23 -04:00
53c700.scr
a100u2w.c
a100u2w.h
a2091.c
a2091.h
a3000.c
a3000.h
a4000t.c
advansys.c scsi: advansys: fix build warning for PCI=n 2016-11-08 17:29:58 -05:00
aha152x.c
aha152x.h
aha1542.c
aha1542.h
aha1740.c
aha1740.h
am53c974.c
atari_scsi.c scsi: atari_scsi: Reset DMA during bus reset only under ST-DMA lock 2017-01-31 21:39:22 -05:00
atp870u.c
atp870u.h
BusLogic.c
BusLogic.h
bvme6000_scsi.c
ch.c
constants.c scsi: fix upper bounds check of sense key in scsi_sense_key_string() 2016-08-16 00:49:32 -04:00
dc395x.c
dc395x.h
dmx3191d.c scsi: dmx3191d: use module_pci_driver 2016-11-16 20:43:50 -05:00
dpt_i2o.c scsi: dpt_i2o: double free if adpt_i2o_online_hba() fails 2017-01-05 00:21:12 -05:00
dpti.h
eata_generic.h
eata_pio.c eata_pio: missing break statement 2016-05-10 22:01:07 -04:00
eata_pio.h
eata.c
esp_scsi.c
esp_scsi.h
fdomain.c
fdomain.h
FlashPoint.c
g_NCR5380.c scsi: ncr5380: Reduce #include files 2017-01-31 21:38:15 -05:00
gdth_ioctl.h
gdth_proc.c gdth: replace struct timeval with ktime_get_real_seconds() 2016-02-25 21:16:49 -05:00
gdth_proc.h
gdth.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
gdth.h
gvp11.c
gvp11.h
hosts.c SCSI misc on 20161006 2016-10-07 09:28:53 -07:00
hpsa_cmd.h scsi: hpsa: Check for vpd support before sending 2016-09-14 14:19:31 -04:00
hpsa.c scsi: hpsa: remove coalescing settings for ioaccel2 2017-01-31 21:51:16 -05:00
hpsa.h scsi: hpsa: use designated initializers 2017-01-05 00:21:12 -05:00
hptiop.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
hptiop.h
imm.c imm: check parport_claim 2016-02-25 21:10:53 -05:00
imm.h
initio.c
initio.h
ipr.c scsi: ipr: Fix runaway IRQs when falling back from MSI to LSI 2016-11-30 19:58:04 -05:00
ipr.h scsi: ipr: Use pci_irq_allocate_vectors 2016-11-08 17:29:46 -05:00
ips.c scsi: ips: don't use custom hex_asc_upper[] table 2016-11-08 17:29:57 -05:00
ips.h Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
iscsi_boot_sysfs.c ibft: Expose iBFT acpi header via sysfs 2016-05-16 11:14:29 -04:00
iscsi_tcp.c scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
iscsi_tcp.h
jazz_esp.c
Kconfig scsi: qedi: Add QLogic FastLinQ offload iSCSI driver framework. 2016-12-14 14:56:28 -05:00
lasi700.c
libiscsi_tcp.c
libiscsi.c scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
mac53c94.c
mac53c94.h
mac_esp.c
mac_scsi.c scsi: ncr5380: Resolve various static checker warnings 2017-01-31 21:38:35 -05:00
Makefile scsi: qedi: Add QLogic FastLinQ offload iSCSI driver framework. 2016-12-14 14:56:28 -05:00
megaraid.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
megaraid.h
mesh.c
mesh.h
mvme16x_scsi.c
mvme147.c
mvme147.h
mvumi.c scsi: mvumi: remove fake transport template 2017-02-06 19:08:17 -05:00
mvumi.h
ncr53c8xx.c
ncr53c8xx.h
NCR53c406a.c
NCR5380.c scsi: ncr5380: Improve target selection robustness 2017-01-31 21:38:58 -05:00
NCR5380.h scsi: ncr5380: Clean up dead code and redundant macro usage 2017-01-31 21:37:44 -05:00
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32_debug.c
nsp32_io.h
nsp32.c
nsp32.h
osst_detect.h
osst_options.h
osst.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
osst.h
pmcraid.c scsi: pmcraid: switch to pci_alloc_irq_vectors 2017-01-09 23:47:00 -05:00
pmcraid.h scsi: pmcraid: switch to pci_alloc_irq_vectors 2017-01-09 23:47:00 -05:00
ppa.c
ppa.h
ps3rom.c
qla1280.c qla1280: Don't allocate 512kb of host tags 2016-04-30 09:25:26 -07:00
qla1280.h
qlogicfas408.c
qlogicfas408.h
qlogicfas.c
qlogicpti.c qlogicpti: Return correct error code 2016-03-01 20:06:49 -05:00
qlogicpti.h qlogicpti: Fix compiler warnings 2016-11-28 15:51:31 -05:00
raid_class.c
script_asm.pl
scsi_common.c scsi: add scsi_set_sense_field_pointer() 2016-04-04 12:07:42 -04:00
scsi_debug.c scsi: scsi_debug: Add OPTIMAL TRANSFER LENGTH GRANULARITY option. 2017-01-31 22:08:44 -05:00
scsi_devinfo.c scsi: scsi_devinfo: remove synchronous ALUA for NETAPP devices 2016-12-07 18:13:52 -05:00
scsi_dh.c scsi: Replace wrong device handler name for CLARiiON arrays 2016-10-11 17:56:51 -04:00
scsi_error.c scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
scsi_ioctl.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
scsi_lib_dma.c
scsi_lib.c SCSI misc on 20161213 2016-12-14 10:49:33 -08:00
scsi_logging.c
scsi_logging.h
scsi_module.c
scsi_netlink.c
scsi_pm.c
scsi_priv.h SCSI misc on 20161006 2016-10-07 09:28:53 -07:00
scsi_proc.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
scsi_sas_internal.h scsi_transport_sas: add 'scsi_target_id' sysfs attribute 2016-03-14 21:05:04 -04:00
scsi_scan.c scsi: Remove one useless stack variable 2016-10-11 18:02:09 -04:00
scsi_sysctl.c
scsi_sysfs.c scsi: avoid a permanent stop of the scsi device's request queue 2016-12-14 15:51:17 -05:00
scsi_trace.c scsi-trace: define ZBC_IN and ZBC_OUT 2016-04-11 16:57:09 -04:00
scsi_transport_api.h
scsi_transport_fc.c scsi: remove tsk_mgmt_response and it_nexus_response transport methods 2017-02-06 19:10:41 -05:00
scsi_transport_iscsi.c scsi_transport_iscsi: Declare local symbols static 2016-04-11 16:57:09 -04:00
scsi_transport_sas.c scsi: sas: remove is_sas_attached() 2016-08-18 22:23:20 -04:00
scsi_transport_spi.c
scsi_transport_srp.c scsi: remove tsk_mgmt_response and it_nexus_response transport methods 2017-02-06 19:10:41 -05:00
scsi_typedefs.h
scsi.c block: add code to track actual device queue depth 2016-11-05 17:09:53 -06:00
scsi.h
scsicam.c
sd_dif.c scsi: sd: Move DIF protection types to t10-pi.h 2016-09-15 09:51:14 -04:00
sd_zbc.c sd_zbc: Force use of READ16/WRITE16 2016-11-14 13:16:42 -07:00
sd.c scsi: sd: Cleaned up comment references to @sdp argument explanation. 2017-01-20 16:59:03 -05:00
sd.h sd: Implement support for ZBC devices 2016-10-18 19:49:11 -06:00
sense_codes.h scsi: move Additional Sense Codes to separate file 2016-04-11 16:57:09 -04:00
ses.c scsi: ses: use scsi_is_sas_rphy instead of is_sas_attached 2016-08-18 22:22:19 -04:00
sg.c sg_write()/bsg_write() is not fit to be called under KERNEL_DS 2016-12-22 23:03:42 -05:00
sgiwd93.c
sim710.c
sni_53c710.c
sr_ioctl.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
sr_vendor.c
sr.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
sr.h
st_options.h
st.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
st.h
stex.c stex: Add S3/S4 support 2016-02-23 21:27:02 -05:00
storvsc_drv.c scsi: remove eh_timed_out methods in the transport template 2017-02-06 19:10:03 -05:00
sun3_scsi_vme.c
sun3_scsi.c scsi: ncr5380: Reduce #include files 2017-01-31 21:38:15 -05:00
sun3x_esp.c
sun_esp.c
sym53c416.c
sym53c416.h
virtio_scsi.c SCSI misc on 20161006 2016-10-07 09:28:53 -07:00
vmw_pvscsi.c scsi: vmw_pvscsi: switch to pci_alloc_irq_vectors 2017-01-11 22:31:03 -05:00
vmw_pvscsi.h scsi: vmw_pvscsi: switch to pci_alloc_irq_vectors 2017-01-11 22:31:03 -05:00
wd33c93.c
wd33c93.h
wd719x.c drivers/scsi/wd719x.c: remove last declaration using DEFINE_PCI_DEVICE_TABLE 2016-09-01 17:52:01 -07:00
wd719x.h
xen-scsifront.c xen/scsifront: don't request a slot on the ring until request is ready 2016-12-09 10:59:13 +01:00
zalon.c
zorro7xx.c