kernel/drivers/scsi/aacraid, branch linux-6.9.y

scsi: aacraid: aachba: Replace snprintf() with the safer scnprintf() variant

2024-01-30T01:34:52Z

There is a general misunderstanding amongst engineers that {v}snprintf() returns the length of the data *actually* encoded into the destination array. However, as per the C99 standard {v}snprintf() really returns the length of the data that *would have been* written if there were enough space for it. This misunderstanding has led to buffer-overruns in the past. It's generally considered safer to use the {v}scnprintf() variants in their place (or even sprintf() in simple cases). So let's do that. Link: https://lwn.net/Articles/69419/ Link: https://github.com/KSPP/linux/issues/105 Cc: Adaptec OEM Raid Solutions Cc: PMC-Sierra, Inc Signed-off-by: Lee Jones Link: https://lore.kernel.org/r/20240111131732.1815560-6-lee@kernel.org Signed-off-by: Martin K. Petersen

Revert "scsi: aacraid: Reply queue mapping to CPUs based on IRQ affinity"

2023-12-08T17:09:38Z

This reverts commit 9dc704dcc09eae7d21b5da0615eb2ed79278f63e. Several reports have been made indicating that this commit caused hangs. Numerous attempts at root causing and fixing the issue have been unsuccessful so let's revert for now. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217599 Cc: Signed-off-by: Martin K. Petersen

Merge branch '6.5/scsi-fixes' into 6.6/scsi-staging

2023-08-31T00:56:24Z

Pull in the fixes tree for a commit that missed 6.5. Also resolve a trivial merge conflict in fnic. * 6.5/scsi-fixes: (36 commits) scsi: storvsc: Handle additional SRB status values scsi: snic: Fix double free in snic_tgt_create() scsi: core: raid_class: Remove raid_component_add() scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5 scsi: ufs: mcq: Fix the search/wrap around logic scsi: qedf: Fix firmware halt over suspend and resume scsi: qedi: Fix firmware halt over suspend and resume scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock scsi: lpfc: Remove reftag check in DIF paths scsi: ufs: renesas: Fix private allocation scsi: snic: Fix possible memory leak if device_add() fails scsi: core: Fix possible memory leak if device_add() fails scsi: core: Fix legacy /proc parsing buffer overflow scsi: 53c700: Check that command slot is not NULL scsi: fnic: Replace return codes in fnic_clean_pending_aborts() scsi: storvsc: Fix handling of virtual Fibre Channel timeouts scsi: pm80xx: Fix error return code in pm8001_pci_probe() scsi: zfcp: Defer fc_rport blocking until after ADISC response scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices scsi: sg: Fix checking return value of blk_get_queue() ... Signed-off-by: Martin K. Petersen

scsi: core: Improve type safety of scsi_rescan_device()

2023-08-25T02:11:29Z

Most callers of scsi_rescan_device() have the scsi_device pointer readily available. Pass a struct scsi_device pointer to scsi_rescan_device() instead of a struct device pointer. This change prevents that a pointer to another struct device would be passed accidentally to scsi_rescan_device(). Remove the scsi_rescan_device() declaration from the scsi_priv.h header file since it duplicates the declaration in . Reviewed-by: Hannes Reinecke Reviewed-by: Damien Le Moal Reviewed-by: John Garry Cc: Mike Christie Cc: Ming Lei Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20230822153043.4046244-1-bvanassche@acm.org Signed-off-by: Martin K. Petersen

Merge branch '6.5/scsi-staging' into 6.5/scsi-fixes

2023-07-11T16:15:15Z

Pull in the currently staged SCSI fixes for 6.5. Signed-off-by: Martin K. Petersen

scsi: aacraid: Avoid -Warray-bounds warning

2023-07-06T01:41:57Z

The one-element array in aac_aifcmd is actually meant as a flexible array, and causes an overflow warning that can be avoided using the normal flex arrays: drivers/scsi/aacraid/commsup.c:1166:17: error: array index 1 is past the end of the array (that has type 'u8[1]' (aka 'unsigned char[1]'), cast to '__le32 *' (aka 'unsigned int *')) [-Werror,-Warray-bounds] (((__le32 *)aifcmd->data)[1] == cpu_to_le32(3)); ^ ~ Signed-off-by: Arnd Bergmann Link: https://lore.kernel.org/r/20230703114851.1194510-1-arnd@kernel.org Signed-off-by: Martin K. Petersen

Merge tag 'hardening-v6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

2023-06-28T04:24:18Z

Pull hardening updates from Kees Cook: "There are three areas of note: A bunch of strlcpy()->strscpy() conversions ended up living in my tree since they were either Acked by maintainers for me to carry, or got ignored for multiple weeks (and were trivial changes). The compiler option '-fstrict-flex-arrays=3' has been enabled globally, and has been in -next for the entire devel cycle. This changes compiler diagnostics (though mainly just -Warray-bounds which is disabled) and potential UBSAN_BOUNDS and FORTIFY _warning_ coverage. In other words, there are no new restrictions, just potentially new warnings. Any new FORTIFY warnings we've seen have been fixed (usually in their respective subsystem trees). For more details, see commit df8fc4e934c12b. The under-development compiler attribute __counted_by has been added so that we can start annotating flexible array members with their associated structure member that tracks the count of flexible array elements at run-time. It is possible (likely?) that the exact syntax of the attribute will change before it is finalized, but GCC and Clang are working together to sort it out. Any changes can be made to the macro while we continue to add annotations. As an example of that last case, I have a treewide commit waiting with such annotations found via Coccinelle: https://git.kernel.org/linus/adc5b3cb48a049563dc673f348eab7b6beba8a9b Also see commit dd06e72e68bcb4 for more details. Summary: - Fix KMSAN vs FORTIFY in strlcpy/strlcat (Alexander Potapenko) - Convert strreplace() to return string start (Andy Shevchenko) - Flexible array conversions (Arnd Bergmann, Wyes Karny, Kees Cook) - Add missing function prototypes seen with W=1 (Arnd Bergmann) - Fix strscpy() kerndoc typo (Arne Welzel) - Replace strlcpy() with strscpy() across many subsystems which were either Acked by respective maintainers or were trivial changes that went ignored for multiple weeks (Azeem Shaikh) - Remove unneeded cc-option test for UBSAN_TRAP (Nick Desaulniers) - Add KUnit tests for strcat()-family - Enable KUnit tests of FORTIFY wrappers under UML - Add more complete FORTIFY protections for strlcat() - Add missed disabling of FORTIFY for all arch purgatories. - Enable -fstrict-flex-arrays=3 globally - Tightening UBSAN_BOUNDS when using GCC - Improve checkpatch to check for strcpy, strncpy, and fake flex arrays - Improve use of const variables in FORTIFY - Add requested struct_size_t() helper for types not pointers - Add __counted_by macro for annotating flexible array size members" * tag 'hardening-v6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (54 commits) netfilter: ipset: Replace strlcpy with strscpy uml: Replace strlcpy with strscpy um: Use HOST_DIR for mrproper kallsyms: Replace all non-returning strlcpy with strscpy sh: Replace all non-returning strlcpy with strscpy of/flattree: Replace all non-returning strlcpy with strscpy sparc64: Replace all non-returning strlcpy with strscpy Hexagon: Replace all non-returning strlcpy with strscpy kobject: Use return value of strreplace() lib/string_helpers: Change returned value of the strreplace() jbd2: Avoid printing outside the boundary of the buffer checkpatch: Check for 0-length and 1-element arrays riscv/purgatory: Do not use fortified string functions s390/purgatory: Do not use fortified string functions x86/purgatory: Do not use fortified string functions acpi: Replace struct acpi_table_slit 1-element array with flex-array clocksource: Replace all non-returning strlcpy with strscpy string: use __builtin_memcpy() in strlcpy/strlcat staging: most: Replace all non-returning strlcpy with strscpy drm/i2c: tda998x: Replace all non-returning strlcpy with strscpy ...

scsi: aacraid: Reply queue mapping to CPUs based on IRQ affinity

2023-06-15T01:13:40Z

Fix the I/O hang that arises because of the MSIx vector not having a mapped online CPU upon receiving completion. SCSI cmds take the blk_mq route, which is setup during init. Reserved cmds fetch the vector_no from mq_map after init is complete. Before init, they have to use 0 - as per the norm. Reviewed-by: Gilbert Wu Signed-off-by: Sagar Biradar Reviewed-by: John Garry Link: https://lore.kernel.org/r/20230519230834.27436-1-sagar.biradar@microchip.com Signed-off-by: Martin K. Petersen

scsi: aacraid: Replace all non-returning strlcpy with strscpy

2023-05-26T20:52:19Z

strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh Reviewed-by: Kees Cook Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20230517143049.1519806-1-azeemshaikh38@gmail.com

Merge patch series "Constify most SCSI host templates"

2023-03-25T00:13:03Z

Bart Van Assche says: It helps humans and the compiler if it is made explicit that SCSI host templates are not modified. Hence this patch series that constifies most SCSI host templates. Please consider this patch series for the next merge window. Link: https://lore.kernel.org/r/20230322195515.1267197-1-bvanassche@acm.org Signed-off-by: Martin K. Petersen