From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Phil Oester <kernel@linuxace.com>,
Arnd Bergmann <arnd@arndb.de>,
"Martin K. Petersen" <martin.petersen@oracle.com>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 24/58] scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
Date: Mon, 25 Jan 2021 19:39:25 +0100 [thread overview]
Message-ID: <20210125183157.736898314@linuxfoundation.org> (raw)
In-Reply-To: <20210125183156.702907356@linuxfoundation.org>
From: Arnd Bergmann <arnd@arndb.de>
[ Upstream commit b112036535eda34460677ea883eaecc3a45a435d ]
Phil Oester reported that a fix for a possible buffer overrun that I sent
caused a regression that manifests in this output:
Event Message: A PCI parity error was detected on a component at bus 0 device 5 function 0.
Severity: Critical
Message ID: PCI1308
The original code tried to handle the sense data pointer differently when
using 32-bit 64-bit DMA addressing, which would lead to a 32-bit dma_addr_t
value of 0x11223344 to get stored
32-bit kernel: 44 33 22 11 ?? ?? ?? ??
64-bit LE kernel: 44 33 22 11 00 00 00 00
64-bit BE kernel: 00 00 00 00 44 33 22 11
or a 64-bit dma_addr_t value of 0x1122334455667788 to get stored as
32-bit kernel: 88 77 66 55 ?? ?? ?? ??
64-bit kernel: 88 77 66 55 44 33 22 11
In my patch, I tried to ensure that the same value is used on both 32-bit
and 64-bit kernels, and picked what seemed to be the most sensible
combination, storing 32-bit addresses in the first four bytes (as 32-bit
kernels already did), and 64-bit addresses in eight consecutive bytes (as
64-bit kernels already did), but evidently this was incorrect.
Always storing the dma_addr_t pointer as 64-bit little-endian,
i.e. initializing the second four bytes to zero in case of 32-bit
addressing, apparently solved the problem for Phil, and is consistent with
what all 64-bit little-endian machines did before.
I also checked in the history that in previous versions of the code, the
pointer was always in the first four bytes without padding, and that
previous attempts to fix 64-bit user space, big-endian architectures and
64-bit DMA were clearly flawed and seem to have introduced made this worse.
Link: https://lore.kernel.org/r/20210104234137.438275-1-arnd@kernel.org
Fixes: 381d34e376e3 ("scsi: megaraid_sas: Check user-provided offsets")
Fixes: 107a60dd71b5 ("scsi: megaraid_sas: Add support for 64bit consistent DMA")
Fixes: 94cd65ddf4d7 ("[SCSI] megaraid_sas: addded support for big endian architecture")
Fixes: 7b2519afa1ab ("[SCSI] megaraid_sas: fix 64 bit sense pointer truncation")
Reported-by: Phil Oester <kernel@linuxace.com>
Tested-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/scsi/megaraid/megaraid_sas_base.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c
index 83d25ee88f028..8877a21102f1d 100644
--- a/drivers/scsi/megaraid/megaraid_sas_base.c
+++ b/drivers/scsi/megaraid/megaraid_sas_base.c
@@ -7323,11 +7323,9 @@ megasas_mgmt_fw_ioctl(struct megasas_instance *instance,
goto out;
}
+ /* always store 64 bits regardless of addressing */
sense_ptr = (void *)cmd->frame + ioc->sense_off;
- if (instance->consistent_mask_64bit)
- put_unaligned_le64(sense_handle, sense_ptr);
- else
- put_unaligned_le32(sense_handle, sense_ptr);
+ put_unaligned_le64(sense_handle, sense_ptr);
}
/*
--
2.27.0
next prev parent reply other threads:[~2021-01-25 18:45 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-25 18:39 [PATCH 4.19 00/58] 4.19.171-rc1 review Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 01/58] i2c: bpmp-tegra: Ignore unknown I2C_M flags Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 02/58] ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 03/58] ALSA: hda/via: Add minimum mute flag Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 04/58] ACPI: scan: Make acpi_bus_get_device() clear return pointer on error Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 05/58] btrfs: fix lockdep splat in btrfs_recover_relocation Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 06/58] mmc: core: dont initialize block size from ext_csd if not present Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 07/58] mmc: sdhci-xenon: fix 1.8v regulator stabilization Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 08/58] dm: avoid filesystem lookup in dm_get_dev_t() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 09/58] dm integrity: fix a crash if "recalculate" used without "internal_hash" Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 10/58] drm/atomic: put state on error path Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 11/58] ASoC: Intel: haswell: Add missing pm_ops Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 12/58] dm integrity: select CRYPTO_SKCIPHER Greg Kroah-Hartman
2021-01-25 18:58 ` Pavel Machek
2021-01-25 19:14 ` Anthony Iliopoulos
2021-01-26 8:47 ` Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 13/58] scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 14/58] scsi: qedi: Correct max length of CHAP secret Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 15/58] riscv: Fix kernel time_init() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 16/58] HID: Ignore battery for Elan touchscreen on ASUS UX550 Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 17/58] clk: tegra30: Add hda clock default rates to clock driver Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 18/58] xen: Fix event channel callback via INTX/GSI Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 19/58] drm/nouveau/bios: fix issue shadowing expansion ROMs Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 20/58] drm/nouveau/privring: ack interrupts the same way as RM Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 21/58] drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 22/58] drm/nouveau/mmu: fix vram heap sizing Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 23/58] drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 Greg Kroah-Hartman
2021-01-25 18:39 ` Greg Kroah-Hartman [this message]
2021-01-25 18:39 ` [PATCH 4.19 25/58] i2c: octeon: check correct size of maximum RECV_LEN packet Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 26/58] platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 27/58] selftests: net: fib_tests: remove duplicate log test Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 28/58] can: dev: can_restart: fix use after free bug Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 29/58] can: vxcan: vxcan_xmit: " Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 30/58] can: peak_usb: fix use after free bugs Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 31/58] iio: ad5504: Fix setting power-down state Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 32/58] irqchip/mips-cpu: Set IPI domain parent chip Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 33/58] intel_th: pci: Add Alder Lake-P support Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 34/58] stm class: Fix module init return on allocation failure Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 35/58] serial: mvebu-uart: fix tx lost characters at power off Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 36/58] ehci: fix EHCI host controller initialization sequence Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 37/58] USB: ehci: fix an interrupt calltrace error Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 38/58] usb: gadget: aspeed: fix stop dma register setting Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 39/58] usb: udc: core: Use lock when write to soft_connect Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 40/58] usb: bdc: Make bdc pci driver depend on BROKEN Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 41/58] xhci: make sure TRB is fully written before giving it to the controller Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 42/58] xhci: tegra: Delay for disabling LFPS detector Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 43/58] driver core: Extend device_is_dependent() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 44/58] netfilter: rpfilter: mask ecn bits before fib lookup Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 45/58] sh: dma: fix kconfig dependency for G2_DMA Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 46/58] net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext Greg Kroah-Hartman
2021-01-25 19:40 ` Rasmus Villemoes
2021-01-25 19:59 ` Rasmus Villemoes
2021-01-26 8:50 ` Greg Kroah-Hartman
2021-01-26 9:52 ` Rasmus Villemoes
2021-01-25 18:39 ` [PATCH 4.19 47/58] sh_eth: Fix power down vs. is_opened flag ordering Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 48/58] skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 49/58] kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 50/58] kasan: fix incorrect arguments passing in kasan_add_zero_shadow Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 51/58] udp: mask TOS bits in udp_v4_early_demux() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 52/58] ipv6: create multicast route with RTPROT_KERNEL Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 53/58] net_sched: avoid shift-out-of-bounds in tcindex_set_parms() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 54/58] net_sched: reject silly cell_log in qdisc_get_rtab() Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 55/58] ipv6: set multicast flag on the multicast route Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 56/58] net: mscc: ocelot: allow offloading of bridge on top of LAG Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 57/58] net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled Greg Kroah-Hartman
2021-01-25 18:39 ` [PATCH 4.19 58/58] net: dsa: b53: fix an off by one in checking "vlan->vid" Greg Kroah-Hartman
2021-01-25 20:47 ` [PATCH 4.19 00/58] 4.19.171-rc1 review Pavel Machek
2021-01-26 8:11 ` Naresh Kamboju
2021-01-26 19:27 ` Guenter Roeck
2021-01-26 23:38 ` Shuah Khan
2021-01-27 10:07 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210125183157.736898314@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=arnd@arndb.de \
--cc=kernel@linuxace.com \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.petersen@oracle.com \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.