iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/scsi
History
James Smart 67169d6104 scsi: lpfc: Fix coverity errors in fmdi attribute handling 
[ Upstream commit 4cb9e1ddaa145be9ed67b6a7de98ca705a43f998 ]

Coverity reported a memory corruption error for the fdmi attributes
routines:

  CID 15768 [Memory Corruption] Out-of-bounds access on FDMI

Sloppy coding of the fmdi structures. In both the lpfc_fdmi_attr_def and
lpfc_fdmi_reg_port_list structures, a field was placed at the start of
payload that may have variable content. The field was given an arbitrary
type (uint32_t). The code then uses the field name to derive an address,
which it used in things such as memset and memcpy. The memset sizes or
memcpy lengths were larger than the arbitrary type, thus coverity reported
an error.

Fix by replacing the arbitrary fields with the real field structures
describing the payload.

Link: https://lore.kernel.org/r/20200128002312.16346-8-jsmart2021@gmail.com
Signed-off-by: Dick Kennedy <dick.kennedy@broadcom.com>
Signed-off-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-10-01 20:40:07 +02:00
..
aacraid
scsi: aacraid: fix illegal IO beyond last LBA
2020-10-01 20:40:01 +02:00
aic7xxx
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
2020-02-28 15:42:27 +01:00
aic94xx
Revert "scsi: aic94xx: fix module loading"
2019-02-20 10:18:35 +01:00
arcmsr
scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
2016-10-26 22:17:43 -04:00
arm
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
2020-08-21 11:02:01 +02:00
be2iscsi
scsi: be2iscsi: Check tag in beiscsi_mccq_compl_wait
2018-03-22 09:17:43 +01:00
bfa
scsi: bfa: release allocated memory in case of error
2020-01-14 20:04:31 +01:00
bnx2fc
scsi: bnx2fc: fix incorrect cast to u64 on shift operation
2019-06-22 08:17:20 +02:00
bnx2i
scsi: bnx2i: fix potential use after free
2020-01-23 08:19:43 +01:00
csiostor
scsi: csiostor: Adjust indentation in csio_device_reset
2020-02-14 16:31:05 -05:00
cxgbi
scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy()
2020-01-23 08:19:37 +01:00
cxlflash
scsi: cxlflash: Fix context reference tracking on detach
2016-09-14 12:47:42 -04:00
device_handler
scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions
2019-11-10 11:23:14 +01:00
dpt
esas2r
scsi: esas2r: unlock on error in esas2r_nvram_read_direct()
2020-01-23 08:19:42 +01:00
fcoe
scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
2020-09-03 11:21:18 +02:00
fnic
scsi: fnic: do not queue commands during fwreset
2020-02-05 13:05:52 +00:00
hisi_sas
scsi: hisi_sas: Set PHY linkrate when disconnected
2019-04-05 22:29:06 +02:00
ibmvscsi
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
2020-06-30 15:38:23 -04:00
ibmvscsi_tgt
scsi: ibmvscsis: Ensure partition name is properly NUL terminated
2018-10-20 09:51:30 +02:00
isci
scsi: isci: Change sci_controller_start_task's return type to sci_status
2019-11-28 18:28:24 +01:00
libfc
scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases
2020-08-26 10:29:05 +02:00
libsas
scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
2020-09-23 08:46:09 +02:00
lpfc
scsi: lpfc: Fix coverity errors in fmdi attribute handling
2020-10-01 20:40:07 +02:00
megaraid
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
2020-02-14 16:31:10 -05:00
mpt3sas
scsi: mpt3sas: Fix double free warnings
2020-06-30 15:38:24 -04:00
mvsas
scsi: mvsas: fix wrong endianness of sgpio api
2018-05-25 16:13:08 +02:00
osd
scsi/osd: open code blk_make_request
2016-07-20 17:38:35 -06:00
pcmcia
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
pm8001
scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
2020-09-23 08:46:14 +02:00
qla2xxx
scsi: qla2xxx: Fix issue with adapter's stopping state
2020-06-30 15:38:21 -04:00
qla4xxx
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
2020-02-14 16:31:05 -05:00
smartpqi
scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask
2019-06-22 08:17:24 +02:00
snic
scsi: snic: Return error code on memory allocation failure
2017-08-06 18:59:49 -07:00
sym53c8xx_2
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
2019-11-25 09:52:13 +01:00
ufs
scsi: ufs: Improve interrupt handling for shared interrupts
2020-09-03 11:21:20 +02:00
.gitignore
3w-9xxx.c
scsi: 3ware: fix return 0 on the error path of probe
2018-09-19 22:47:14 +02:00
3w-9xxx.h
3w-9xxx: fix command completion race
2015-04-27 10:10:19 -07:00
3w-sas.c
scsi: 3ware: fix return 0 on the error path of probe
2018-09-19 22:47:14 +02:00
3w-sas.h
3w-sas: fix command completion race
2015-04-27 10:04:39 -07:00
3w-xxxx.c
scsi: 3ware: fix return 0 on the error path of probe
2018-09-19 22:47:14 +02:00
3w-xxxx.h
3w-xxxx: fix command completion race
2015-04-27 10:05:55 -07:00
53c700_d.h_shipped
53c700.c
scsi: remove current_cmnd field from struct scsi_device
2016-07-13 22:33:23 -04:00
53c700.h
scsi: remove current_cmnd field from struct scsi_device
2016-07-13 22:33:23 -04:00
53c700.scr
a100u2w.c
scsi: a100u2w: trivial typo in printk
2015-08-07 15:03:42 +02:00
a100u2w.h
a2091.c
a2091.h
a3000.c
a3000.h
a4000t.c
advansys.c
scsi: advansys: fix uninitialized data access
2018-02-25 11:05:53 +01:00
aha152x.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
aha152x.h
aha1542.c
scsi: aha1542: avoid uninitialized variable warnings
2016-02-23 21:27:02 -05:00
aha1542.h
aha1542: fix include guard and remove useless changelog
2015-04-09 18:08:31 -07:00
aha1740.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
aha1740.h
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
am53c974.c
am53c974: Fix crash during modprobe
2015-04-17 10:13:56 -07:00
atari_scsi.c
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
2020-01-04 13:40:54 +01:00
atp870u.c
atp870u: Introduce atp870_init()
2015-11-25 22:08:55 -05:00
atp870u.h
atp870u: Remove scam_on from struct atp_unit
2015-11-25 22:08:52 -05:00
BusLogic.c
scsi: replace seq_printf with seq_puts
2015-02-02 09:57:45 -08:00
BusLogic.h
bvme6000_scsi.c
ch.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2015-04-14 09:50:27 -07:00
constants.c
scsi: fix upper bounds check of sense key in scsi_sense_key_string()
2016-08-16 00:49:32 -04:00
dc395x.c
scsi: dc395x: fix DMA API usage in sg_update_list
2019-11-28 18:28:27 +01:00
dc395x.h
dmx3191d.c
ncr5380: Remove DONT_USE_INTR and AUTOPROBE_IRQ macros
2016-04-11 16:57:09 -04:00
dpt_i2o.c
dpt_i2o: fix build warning
2016-02-23 21:27:02 -05:00
dpti.h
eata_generic.h
eata_pio.c
eata_pio: missing break statement
2016-05-10 22:01:07 -04:00
eata_pio.h
eata.c
esp_scsi.c
scsi: esp_scsi: Track residual for PIO transfers
2018-11-13 11:16:51 -08:00
esp_scsi.h
scsi: esp_scsi: Track residual for PIO transfers
2018-11-13 11:16:51 -08:00
fdomain.c
scsi: fdomain: drop fdomain_pci_tbl when built-in
2016-02-23 21:27:02 -05:00
fdomain.h
FlashPoint.c
FlashPoint: fix build warning
2015-11-09 16:32:14 -08:00
g_NCR5380_mmio.c
g_NCR5380.c
scsi: g_NCR5380: Fix release_region in error handling
2017-01-12 11:39:29 +01:00
g_NCR5380.h
scsi: g_NCR5380: Stop using scsi_module.c
2016-09-29 21:52:43 -04:00
gdth_ioctl.h
gdth_proc.c
gdth: replace struct timeval with ktime_get_real_seconds()
2016-02-25 21:16:49 -05:00
gdth_proc.h
gdth.c
gdth: replace struct timeval with ktime_get_real_seconds()
2016-02-25 21:16:49 -05:00
gdth.h
block: Move SECTOR_SIZE and SECTOR_SHIFT definitions into <linux/blkdev.h>
2020-09-12 11:47:36 +02:00
gvp11.c
gvp11.h
hosts.c
SCSI misc on 20161006
2016-10-07 09:28:53 -07:00
hpsa_cmd.h
scsi: hpsa: correct ioaccel2 chaining
2019-07-10 09:55:43 +02:00
hpsa.c
scsi: hpsa: correct scsi command status issue after reset
2019-08-25 10:51:46 +02:00
hpsa.h
scsi: hpsa: limit outstanding rescans
2017-12-20 10:07:22 +01:00
hptiop.c
hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer
2015-08-12 13:14:57 -07:00
hptiop.h
hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer
2015-08-12 13:14:57 -07:00
imm.c
imm: check parport_claim
2016-02-25 21:10:53 -05:00
imm.h
initio.c
SCSI: initio: remove duplicate module device table
2015-11-20 11:39:03 -05:00
initio.h
ipr.c
scsi: ipr: Fix softlockup when rescanning devices in petitboot
2020-04-02 17:20:32 +02:00
ipr.h
scsi: ipr: Fix softlockup when rescanning devices in petitboot
2020-04-02 17:20:32 +02:00
ips.c
scsi: ips: fix missing break in switch
2019-11-28 18:28:23 +01:00
ips.h
iscsi_boot_sysfs.c
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
2020-06-30 15:38:28 -04:00
iscsi_tcp.c
scsi: iscsi: Don't destroy session if there are outstanding connections
2020-02-28 15:42:34 +01:00
iscsi_tcp.h
iscsi_tcp: Use ahash
2016-01-27 20:36:10 +08:00
jazz_esp.c
Kconfig
scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
2019-11-10 11:23:15 +01:00
lasi700.c
libiscsi_tcp.c
iscsi_tcp: Use ahash
2016-01-27 20:36:10 +08:00
libiscsi.c
scsi: iscsi: Fix a potential deadlock in the timeout handler
2019-12-21 10:42:33 +01:00
mac53c94.c
PCI: Remove includes of asm/pci-bridge.h
2016-02-05 16:29:28 -06:00
mac53c94.h
mac_esp.c
scsi: esp_scsi: Track residual for PIO transfers
2018-11-13 11:16:51 -08:00
mac_scsi.c
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
2020-01-04 13:40:54 +01:00
Makefile
scsi: dtc: remove from tree
2016-09-26 20:49:25 -04:00
megaraid.c
scsi: megaraid: disable device when probe failed after enabled device
2019-10-29 09:14:57 +01:00
megaraid.h
mesh.c
scsi: mesh: Fix panic after host or bus reset
2020-08-21 11:02:02 +02:00
mesh.h
mvme16x_scsi.c
mvme147.c
mvme147.h
mvumi.c
scsi: mvumi: use __maybe_unused to hide pm functions
2016-03-05 17:07:46 -05:00
mvumi.h
ncr53c8xx.c
ncr53c8xx.h
NCR53c406a.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
NCR5380.c
scsi: NCR5380: Handle BUS FREE during reselection
2019-11-25 09:53:05 +01:00
NCR5380.h
scsi: ncr5380: Improve interrupt latency during PIO tranfers
2016-09-14 14:11:12 -04:00
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32_debug.c
nsp32_io.h
nsp32.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
nsp32.h
osst_detect.h
osst_options.h
osst.c
osst.h
pmcraid.c
scsi: pmcraid: mark symbols static where possible
2016-09-04 01:28:07 -04:00
pmcraid.h
ppa.c
scsi: ppa: use new parport device model
2016-02-23 21:27:02 -05:00
ppa.h
ps3rom.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qla1280.c
qla1280: Don't allocate 512kb of host tags
2016-04-30 09:25:26 -07:00
qla1280.h
qlogicfas408.c
qlogicfas408.h
qlogicfas.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
qlogicpti.c
qlogicpti: Return correct error code
2016-03-01 20:06:49 -05:00
qlogicpti.h
qlogicpti: Fix compiler warnings
2016-11-28 15:51:31 -05:00
raid_class.c
script_asm.pl
scsi_common.c
scsi: add scsi_set_sense_field_pointer()
2016-04-04 12:07:42 -04:00
scsi_debug.c
scsi: scsi_debug: Add check for sdebug_max_queue during module init
2020-08-21 11:02:01 +02:00
scsi_devinfo.c
scsi: scsi_devinfo: handle non-terminated strings
2020-06-30 15:38:37 -04:00
scsi_dh.c
scsi: core: add new RDAC LENOVO/DE_Series device
2019-05-08 07:19:10 +02:00
scsi_error.c
Merge remote-tracking branch 'mkp-scsi/4.7/scsi-fixes' into fixes
2016-06-18 11:59:01 -07:00
scsi_ioctl.c
scsi_lib_dma.c
scsi_lib.c
scsi: return correct blkprep status code in case scsi_init_io() fails.
2020-06-20 10:24:07 +02:00
scsi_logging.c
scsi: core: Reduce memory required for SCSI logging
2019-10-07 18:53:15 +02:00
scsi_logging.h
scsi_module.c
scsi_netlink.c
scsi_pm.c
scsi: core: Synchronize request queue PM status only on successful resume
2019-01-23 08:10:54 +01:00
scsi_priv.h
SCSI misc on 20161006
2016-10-07 09:28:53 -07:00
scsi_proc.c
scsi: disable automatic target scan
2016-04-11 16:57:09 -04:00
scsi_sas_internal.h
scsi_transport_sas: add 'scsi_target_id' sysfs attribute
2016-03-14 21:05:04 -04:00
scsi_scan.c
scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c
2019-04-05 22:29:08 +02:00
scsi_sysctl.c
scsi_sysfs.c
scsi: core: try to get module before removing device
2019-10-29 09:15:19 +01:00
scsi_trace.c
scsi: core: scsi_trace: Use get_unaligned_be*()
2020-01-23 08:19:43 +01:00
scsi_transport_api.h
scsi_transport_fc.c
scsi_transport_fc: Unexport scsi_is_fc_vport()
2016-04-11 16:57:09 -04:00
scsi_transport_iscsi.c
scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
2020-09-03 11:21:18 +02:00
scsi_transport_sas.c
scsi: sas: remove is_sas_attached()
2016-08-18 22:23:20 -04:00
scsi_transport_spi.c
scsi: scsi_transport_spi: Fix function pointer check
2020-07-31 16:44:01 +02:00
scsi_transport_srp.c
scsi: scsi_transport_srp: Fix shost to rport translation
2018-06-06 16:44:38 +02:00
scsi_typedefs.h
scsi.c
scsi: Avoid that toggling use_blk_mq triggers a memory leak
2016-09-26 20:58:42 -04:00
scsi.h
scsicam.c
sd_dif.c
scsi: sd: Move DIF protection types to t10-pi.h
2016-09-15 09:51:14 -04:00
sd.c
scsi: sd: Fix optimal I/O size for devices that change reported values
2020-04-02 17:20:33 +02:00
sd.h
scsi: sd: Move DIF protection types to t10-pi.h
2016-09-15 09:51:14 -04:00
sense_codes.h
scsi: move Additional Sense Codes to separate file
2016-04-11 16:57:09 -04:00
ses.c
scsi: ses: don't ask for diagnostic pages repeatedly during probe
2018-03-22 09:17:55 +01:00
sg.c
scsi: sg: add sg_remove_request in sg_write
2020-05-20 08:15:34 +02:00
sgiwd93.c
sim710.c
scsi: sim710: fix build warning
2016-02-23 21:27:02 -05:00
sni_53c710.c
scsi: sni_53c710: fix compilation error
2019-11-10 11:23:14 +01:00
sr_ioctl.c
sr: pass down correctly sized SCSI sense buffer
2018-12-13 09:20:29 +01:00
sr_vendor.c
sr.c
scsi: sr: Fix sr_probe() missing deallocate of device minor
2020-06-30 15:38:23 -04:00
sr.h
st_options.h
st.c
mm: replace get_user_pages_unlocked() write/force parameters with gup_flags
2016-10-18 14:13:37 -07:00
st.h
st: Remove obsolete scsi_tape.max_pfn
2015-11-18 11:59:09 -05:00
stex.c
stex: Add S3/S4 support
2016-02-23 21:27:02 -05:00
storvsc_drv.c
scsi: storvsc: Fix calculation of sub-channel count
2019-05-08 07:19:10 +02:00
sun3_scsi_vme.c
sun3_scsi.c
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
2020-01-04 13:40:54 +01:00
sun3_scsi.h
sun3x_esp.c
arch, drivers: don't include <asm/io.h> directly, use <linux/io.h> instead
2015-08-10 23:07:05 -04:00
sun_esp.c
sym53c416.c
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
sym53c416.h
virtio_scsi.c
scsi: virtio_scsi: don't send sc payload with tmfs
2019-03-23 13:19:46 +01:00
vmw_pvscsi.c
scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
2019-07-10 09:55:39 +02:00
vmw_pvscsi.h
scsi: vmw_pvscsi: return SUCCESS for successful command aborts
2016-11-01 13:31:23 -04:00
wd33c93.c
scsi: print single-character strings with seq_putc
2015-02-02 09:57:46 -08:00
wd33c93.h
wd719x.c
drivers/scsi/wd719x.c: remove last declaration using DEFINE_PCI_DEVICE_TABLE
2016-09-01 17:52:01 -07:00
wd719x.h
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
xen-scsifront.c
scsi: xen-scsifront: add error handling for xenbus_printf
2018-08-24 13:12:29 +02:00
zalon.c
zorro7xx.c