iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/scsi
History
Juergen Gross 3047255182 xen/scsifront: don't use gnttab_query_foreign_access() for mapped status 
Commit 33172ab50a53578a95691310f49567c9266968b0 upstream.

It isn't enough to check whether a grant is still being in use by
calling gnttab_query_foreign_access(), as a mapping could be realized
by the other side just after having called that function.

In case the call was done in preparation of revoking a grant it is
better to do so via gnttab_try_end_foreign_access() and check the
success of that operation instead.

This is CVE-2022-23038 / part of XSA-396.

Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-03-11 12:11:54 +01:00
..
aacraid
scsi: aacraid: Improve compat_ioctl handlers
2020-12-30 11:53:02 +01:00
aic7xxx
scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
2021-07-25 14:36:16 +02:00
aic94xx
scsi: libsas: Add LUN number check in .slave_alloc callback
2021-07-25 14:36:16 +02:00
arcmsr
scsi: arcmsr: Fix doorbell status being updated late on ARC-1886
2021-07-20 16:05:39 +02:00
arm
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
be2iscsi
scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
2021-07-20 16:05:58 +02:00
bfa
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
bnx2fc
scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
2022-02-08 18:30:39 +01:00
bnx2i
scsi: iscsi: Fix shost->max_id use
2021-07-20 16:05:41 +02:00
csiostor
scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
2021-11-18 14:04:18 +01:00
cxgbi
scsi: iscsi: Fix shost->max_id use
2021-07-20 16:05:41 +02:00
cxlflash
powerpc updates for 5.10
2020-10-16 12:21:15 -07:00
device_handler
scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
2021-08-26 08:35:37 -04:00
dpt
scsi: docs: convert dpti.txt to ReST
2020-03-11 23:07:59 -04:00
esas2r
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
fcoe
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
fnic
scsi: fnic: Fix memleak in vnic_dev_init_devcmd2
2021-02-07 15:37:14 +01:00
hisi_sas
scsi: libsas: Add LUN number check in .slave_alloc callback
2021-07-25 14:36:16 +02:00
ibmvscsi
scsi: ibmvfc: Fix invalid state machine BUG_ON()
2021-05-14 09:50:27 +02:00
ibmvscsi_tgt
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
isci
scsi: libsas: Add LUN number check in .slave_alloc callback
2021-07-25 14:36:16 +02:00
libfc
scsi: libfc: Fix array index out of bound exception
2021-07-25 14:36:16 +02:00
libsas
scsi: libsas: Add LUN number check in .slave_alloc callback
2021-07-25 14:36:16 +02:00
lpfc
scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
2022-02-23 12:01:07 +01:00
megaraid
scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
2021-08-26 08:35:36 -04:00
mpt3sas
scsi: mpt3sas: Fix kernel panic during drive powercycle test
2021-12-01 09:19:04 +01:00
mvsas
scsi: libsas: Add LUN number check in .slave_alloc callback
2021-07-25 14:36:16 +02:00
pcmcia
scsi: fdomain: Fix error return code in fdomain_probe()
2021-09-18 13:40:14 +02:00
pm8001
scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
2022-02-23 12:00:59 +01:00
qedf
scsi: qedf: Fix refcount issue when LOGO is received during TMF
2022-02-16 12:54:19 +01:00
qedi
scsi: qedi: Fix error codes in qedi_alloc_global_queues()
2021-09-18 13:40:14 +02:00
qla2xxx
scsi: qla2xxx: Format log strings only if needed
2021-12-14 11:32:38 +01:00
qla4xxx
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
smartpqi
scsi: smartpqi: Fix an error code in pqi_get_raid_map()
2021-09-18 13:40:14 +02:00
snic
scsi: snic: Simplify the return expression of svnic_cq_alloc()
2020-10-07 23:50:03 -04:00
sym53c8xx_2
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
ufs
scsi: ufs: Treat link loss as fatal error
2022-02-16 12:54:20 +01:00
.gitignore
.gitignore: add SPDX License Identifier
2020-03-25 11:50:48 +01:00
3w-9xxx.c
3w-9xxx.h
3w-sas.c
3w-sas.h
3w-xxxx.c
compat_ioctl: move more drivers to compat_ptr_ioctl
2019-10-23 17:23:44 +02:00
3w-xxxx.h
53c700_d.h_shipped
53c700.c
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
53c700.h
53c700: improve non-coherent DMA handling
2020-09-25 06:20:43 +02:00
53c700.scr
a100u2w.c
a100u2w.h
a2091.c
mm: don't include asm/pgtable.h if linux/mm.h is already included
2020-06-09 09:39:13 -07:00
a2091.h
a3000.c
mm: don't include asm/pgtable.h if linux/mm.h is already included
2020-06-09 09:39:13 -07:00
a3000.h
a4000t.c
advansys.c
scsi: advansys: Fix kernel pointer leak
2021-11-26 10:39:10 +01:00
aha152x.c
scsi: aha152x: Remove unused variable 'ret'
2020-07-08 01:12:53 -04:00
aha152x.h
aha1542.c
aha1542.h
aha1740.c
scsi: aha1740: Fix an errro handling path in aha1740_probe()
2020-03-26 21:10:53 -04:00
aha1740.h
am53c974.c
atari_scsi.c
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
2019-11-12 22:21:34 -05:00
atp870u.c
scsi: core: Clean up SG_NONE
2019-11-12 22:21:35 -05:00
atp870u.h
BusLogic.c
scsi: BusLogic: Fix missing pr_cont() use
2021-09-18 13:40:35 +02:00
BusLogic.h
scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
2021-06-03 09:00:43 +02:00
bvme6000_scsi.c
ch.c
scsi: ch: remove ch_mutex()
2020-02-24 14:54:25 -05:00
constants.c
scsi: core: Add DID_ALLOC_FAILURE and DID_MEDIUM_ERROR to hostbyte_table
2020-04-01 22:03:04 -04:00
dc395x.c
scsi: dc395: Fix error case unwinding
2021-11-18 14:04:15 +01:00
dc395x.h
dmx3191d.c
dpt_i2o.c
scsi: dpt_i2o: Remove set but not used 'pHba'
2020-09-01 22:15:47 -04:00
dpti.h
scsi: docs: convert dpti.txt to ReST
2020-03-11 23:07:59 -04:00
esp_scsi.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
esp_scsi.h
scsi: esp_scsi: Add support for FSC chip
2019-12-19 22:08:51 -05:00
fdomain_isa.c
scsi: fdomain_isa: Merge branches in fdomain_isa_match()
2020-09-02 22:49:07 -04:00
fdomain_pci.c
scsi: fdomain: Resurrect driver - PCI support
2019-06-18 19:46:18 -04:00
fdomain.c
scsi: fdomain: use BSTAT_{MSG|CMD|IO} in fdomain_work()
2019-07-30 12:17:28 -04:00
fdomain.h
scsi: fdomain: Mark 'fdomain_pm_ops' as __maybe_unused
2020-07-08 01:12:44 -04:00
FlashPoint.c
scsi: FlashPoint: Rename si_flags field
2021-07-14 16:56:40 +02:00
g_NCR5380.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
gdth_ioctl.h
gdth_proc.c
scsi: gdth: Use scnprintf() for avoiding potential buffer overflow
2020-03-17 13:36:10 -04:00
gdth_proc.h
gdth.c
scsi: gdth: Make option_setup() static
2020-10-07 21:48:28 -04:00
gdth.h
gvp11.c
mm: don't include asm/pgtable.h if linux/mm.h is already included
2020-06-09 09:39:13 -07:00
gvp11.h
hosts.c
scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
2021-10-27 09:56:56 +02:00
hpsa_cmd.h
scsi: hpsa: Update copyright
2020-09-02 22:49:06 -04:00
hpsa.c
scsi: hpsa: Fix memory leak in hpsa_init_one()
2020-10-29 21:55:21 -04:00
hpsa.h
scsi: hpsa: Update copyright
2020-09-02 22:49:06 -04:00
hptiop.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285
2019-06-05 17:36:37 +02:00
hptiop.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285
2019-06-05 17:36:37 +02:00
imm.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
imm.h
initio.c
scsi: initio: Use module_pci_driver() to simplify the code
2020-10-07 21:48:28 -04:00
initio.h
ipr.c
SCSI misc on 20200806
2020-08-06 16:50:07 -07:00
ipr.h
scsi: ipr: Fix struct packed-not-aligned issues
2020-07-15 17:26:58 -04:00
ips.c
scsi: ips: Convert strnlen() to memcpy() since result should not be NUL terminated
2020-07-24 22:32:00 -04:00
ips.h
iscsi_boot_sysfs.c
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
2020-06-02 21:23:47 -04:00
iscsi_tcp.c
block-5.10-2020-10-12
2020-10-13 12:12:44 -07:00
iscsi_tcp.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157
2019-05-30 11:26:37 -07:00
jazz_esp.c
scsi: jazz_esp: Add IRQ check
2021-05-14 09:50:27 +02:00
Kconfig
scsi: lpfc: Add dependency on CPU_FREQ
2020-07-24 22:09:55 -04:00
lasi700.c
mm: don't include asm/pgtable.h if linux/mm.h is already included
2020-06-09 09:39:13 -07:00
libiscsi_tcp.c
scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map()
2020-10-02 15:27:08 -07:00
libiscsi.c
scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
2022-01-11 15:25:02 +01:00
mac53c94.c
mm: reorder includes after introduction of linux/pgtable.h
2020-06-09 09:39:13 -07:00
mac53c94.h
mac_esp.c
scsi: mac_esp: Use module_platform_driver to simplify the code
2020-10-02 21:52:53 -04:00
mac_scsi.c
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
2019-11-12 22:21:34 -05:00
Makefile
scsi: remove pointless $(MODVERDIR)/$(obj)/53c700.ver
2019-07-17 22:39:27 +09:00
megaraid.c
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
megaraid.h
mesh.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
mesh.h
mvme16x_scsi.c
mvme147.c
mm: don't include asm/pgtable.h if linux/mm.h is already included
2020-06-09 09:39:13 -07:00
mvme147.h
mvumi.c
scsi: mvumi: Fix error return in mvumi_io_attach()
2020-10-02 21:42:22 -04:00
mvumi.h
scsi: Replace zero-length array with flexible-array member
2020-03-11 23:07:56 -04:00
myrb.c
SCSI misc on 20201023
2020-10-23 16:19:02 -07:00
myrb.h
scsi: mylex: Use the correct style for SPDX License Identifier
2020-01-02 21:57:44 -05:00
myrs.c
scsi: myrs: Fix crash in error case
2022-02-16 12:54:20 +01:00
myrs.h
scsi: mylex: Use the correct style for SPDX License Identifier
2020-01-02 21:57:44 -05:00
ncr53c8xx.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
ncr53c8xx.h
NCR5380.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
NCR5380.h
Revert "scsi: ncr5380: Increase register polling limit"
2019-06-20 15:37:02 -04:00
nsp32_debug.c
nsp32_io.h
nsp32.c
scsi: nsp32: Remove unneeded semicolon
2020-09-15 17:34:18 -04:00
nsp32.h
pmcraid.c
scsi: pmcraid: Remove set but not used 'res'
2020-09-09 22:40:41 -04:00
pmcraid.h
scsi: Replace zero-length array with flexible-array member
2020-03-11 23:07:56 -04:00
ppa.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
ppa.h
ps3rom.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164
2019-05-30 11:26:38 -07:00
qla1280.c
scsi: qla1280: Remove set but not used variable in qla1280_status_entry()
2020-09-09 22:37:48 -04:00
qla1280.h
scsi: qla1280: Fix dma firmware download, if dma address is 64bit
2020-01-15 23:09:11 -05:00
qlogicfas408.c
qlogicfas408.h
qlogicfas.c
qlogicpti.c
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
qlogicpti.h
raid_class.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 437
2019-06-05 17:37:17 +02:00
script_asm.pl
scsi_common.c
scsi_debug.c
scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
2021-12-22 09:30:59 +01:00
scsi_debugfs.c
scsi: core: Show SCMD_LAST in text form
2022-01-27 10:54:29 +01:00
scsi_debugfs.h
scsi_devinfo.c
scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
2021-06-18 10:00:05 +02:00
scsi_dh.c
scsi: dh: Add Fujitsu device to devinfo and dh lists
2020-07-08 01:16:23 -04:00
scsi_error.c
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
scsi_ioctl.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
scsi_lib_dma.c
scsi_lib.c
scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
2021-11-18 14:03:37 +01:00
scsi_logging.c
scsi: core: Delete unnecessary buffer allocation for every loop iteration
2020-07-24 22:09:57 -04:00
scsi_logging.h
scsi: core: Fix a compiler warning triggered by the SCSI logging code
2019-12-19 22:08:54 -05:00
scsi_netlink.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
scsi_pm.c
scsi: block: pm: Always set request queue runtime active in blk_post_runtime_resume()
2022-01-27 10:54:08 +01:00
scsi_priv.h
scsi: core: Add limitless cmd retry support
2020-10-02 18:53:06 -04:00
scsi_proc.c
proc: convert everything to "struct proc_ops"
2020-02-04 03:05:26 +00:00
scsi_sas_internal.h
scsi_scan.c
scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
2021-08-26 08:35:37 -04:00
scsi_sysctl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 209
2019-05-30 11:29:53 -07:00
scsi_sysfs.c
scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
2021-12-01 09:19:05 +01:00
scsi_trace.c
scsi: scsi_trace: Use get_unaligned_be24()
2020-03-16 22:08:36 -04:00
scsi_transport_api.h
scsi_transport_fc.c
scsi: fc: Add 256GBit speed setting to SCSI FC transport
2020-09-02 22:49:07 -04:00
scsi_transport_iscsi.c
scsi: iscsi: Unblock session then wake up error handler
2021-12-08 09:03:19 +01:00
scsi_transport_sas.c
scsi: core: Fixup calling convention for scsi_mode_sense()
2021-07-20 16:05:40 +02:00
scsi_transport_spi.c
scsi: scsi_transport_spi: Set RQF_PM for domain validation commands
2021-01-12 20:18:15 +01:00
scsi_transport_srp.c
scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
2021-04-21 13:00:52 +02:00
scsi.c
scsi: core: Put LLD module refcnt after SCSI device is released
2021-11-06 14:10:08 +01:00
scsi.h
scsicam.c
block: move struct partition out of genhd.h
2020-03-24 07:57:08 -06:00
sd_dif.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 410
2019-06-05 17:37:14 +02:00
sd_zbc.c
scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
2021-09-30 10:11:01 +02:00
sd.c
scsi: sd: Free scsi_disk device via put_device()
2021-10-09 14:40:56 +02:00
sd.h
SCSI misc on 20201013
2020-10-14 15:15:35 -07:00
sense_codes.h
scsi: core: Update additional sense codes list
2020-09-15 20:28:06 -04:00
ses.c
scsi: ses: Fix unsigned comparison with less than zero
2021-10-17 10:43:33 +02:00
sg.c
iov_iter: transparently handle compat iovecs in import_iovec
2020-10-03 00:02:13 -04:00
sgiwd93.c
sgiwd93: convert to dma_alloc_noncoherent
2020-09-25 06:20:44 +02:00
sim710.c
sni_53c710.c
scsi: sni_53c710: Add IRQ check
2021-05-14 09:50:27 +02:00
sr_ioctl.c
sr_vendor.c
scsi: sr: Don't use GFP_DMA
2022-01-27 10:54:23 +01:00
sr.c
scsi: sr: Don't use GFP_DMA
2022-01-27 10:54:23 +01:00
sr.h
scsi: sr: get rid of sr global mutex
2020-02-24 15:01:57 -05:00
st_options.h
st.c
scsi: st: Fix a use after free in st_open()
2021-04-07 15:00:05 +02:00
st.h
stex.c
scsi: Replace zero-length array with flexible-array member
2020-03-11 23:07:56 -04:00
storvsc_drv.c
scsi: storvsc: Correctly handle multiple flags in srb_status
2021-07-20 16:05:43 +02:00
sun3_scsi_vme.c
sun3_scsi.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
sun3x_esp.c
scsi: sun3x_esp: Add IRQ check
2021-05-14 09:50:27 +02:00
sun_esp.c
scsi: sun_esp: Use module_platform_driver to simplify the code
2020-10-02 21:52:55 -04:00
virtio_scsi.c
scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
2021-10-17 10:43:33 +02:00
vmw_pvscsi.c
scsi: vmw_pvscsi: Set residual data length conditionally
2022-01-05 12:40:33 +01:00
vmw_pvscsi.h
wd33c93.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
wd33c93.h
wd719x.c
SCSI misc on 20190709
2019-07-11 15:14:01 -07:00
wd719x.h
xen-scsifront.c
xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
2022-03-11 12:11:54 +01:00
zalon.c
remove ioremap_nocache and devm_ioremap_nocache
2020-01-06 09:45:59 +01:00
zorro7xx.c
zorro_esp.c
mm: reorder includes after introduction of linux/pgtable.h
2020-06-09 09:39:13 -07:00