All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() in sym_hipd.c
@ 2018-08-29 15:38 George Kennedy
  2018-08-29 16:56 ` Andy Shevchenko
  0 siblings, 1 reply; 3+ messages in thread
From: George Kennedy @ 2018-08-29 15:38 UTC (permalink / raw)
  To: matthew, jejb, martin.petersen, linux-scsi, linux-kernel, george.kennedy

sym_int_sir() in sym_hipd.c does not check the command pointer for NULL
before using it in debug message prints.

Suggested-by: Matthew Wilcox <matthew.wilcox@oracle.com>
Signed-off-by: George Kennedy <george.kennedy@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
---
 drivers/scsi/sym53c8xx_2/sym_hipd.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/drivers/scsi/sym53c8xx_2/sym_hipd.c b/drivers/scsi/sym53c8xx_2/sym_hipd.c
index bd3f6e2..0a2a545 100644
--- a/drivers/scsi/sym53c8xx_2/sym_hipd.c
+++ b/drivers/scsi/sym53c8xx_2/sym_hipd.c
@@ -4370,6 +4370,13 @@ static void sym_nego_rejected(struct sym_hcb *np, struct sym_tcb *tp, struct sym
 	OUTB(np, HS_PRT, HS_BUSY);
 }
 
+#define sym_printk(lvl, tp, cp, fmt, v...) do { \
+	if (cp)							\
+		scmd_printk(lvl, cp->cmd, fmt, ##v);		\
+	else							\
+		starget_printk(lvl, tp->starget, fmt, ##v);	\
+} while (0)
+
 /*
  *  chip exception handler for programmed interrupts.
  */
@@ -4415,7 +4422,7 @@ static void sym_int_sir(struct sym_hcb *np)
 	 *  been selected with ATN.  We do not want to handle that.
 	 */
 	case SIR_SEL_ATN_NO_MSG_OUT:
-		scmd_printk(KERN_WARNING, cp->cmd,
+		sym_printk(KERN_WARNING, tp, cp,
 				"No MSG OUT phase after selection with ATN\n");
 		goto out_stuck;
 	/*
@@ -4423,7 +4430,7 @@ static void sym_int_sir(struct sym_hcb *np)
 	 *  having reselected the initiator.
 	 */
 	case SIR_RESEL_NO_MSG_IN:
-		scmd_printk(KERN_WARNING, cp->cmd,
+		sym_printk(KERN_WARNING, tp, cp,
 				"No MSG IN phase after reselection\n");
 		goto out_stuck;
 	/*
@@ -4431,7 +4438,7 @@ static void sym_int_sir(struct sym_hcb *np)
 	 *  an IDENTIFY.
 	 */
 	case SIR_RESEL_NO_IDENTIFY:
-		scmd_printk(KERN_WARNING, cp->cmd,
+		sym_printk(KERN_WARNING, tp, cp,
 				"No IDENTIFY after reselection\n");
 		goto out_stuck;
 	/*
@@ -4460,7 +4467,7 @@ static void sym_int_sir(struct sym_hcb *np)
 	case SIR_RESEL_ABORTED:
 		np->lastmsg = np->msgout[0];
 		np->msgout[0] = M_NOOP;
-		scmd_printk(KERN_WARNING, cp->cmd,
+		sym_printk(KERN_WARNING, tp, cp,
 			"message %x sent on bad reselection\n", np->lastmsg);
 		goto out;
 	/*
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() in sym_hipd.c
  2018-08-29 15:38 [PATCH] sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() in sym_hipd.c George Kennedy
@ 2018-08-29 16:56 ` Andy Shevchenko
       [not found]   ` <CAFhKne_MtbSKXTT2e+CXZGs_uVieqsfX2ODc8hc5ptdAn8_ETg@mail.gmail.com>
  0 siblings, 1 reply; 3+ messages in thread
From: Andy Shevchenko @ 2018-08-29 16:56 UTC (permalink / raw)
  To: george.kennedy
  Cc: matthew, James E . J . Bottomley, Martin K. Petersen, linux-scsi,
	Linux Kernel Mailing List

On Wed, Aug 29, 2018 at 6:42 PM George Kennedy
<george.kennedy@oracle.com> wrote:
>
> sym_int_sir() in sym_hipd.c does not check the command pointer for NULL
> before using it in debug message prints.
>
> Suggested-by: Matthew Wilcox <matthew.wilcox@oracle.com>
> Signed-off-by: George Kennedy <george.kennedy@oracle.com>
> Reviewed-by: Mark Kanda <mark.kanda@oracle.com>

> +#define sym_printk(lvl, tp, cp, fmt, v...) do { \

Since all users are KERN_WARNING level, perhaps

sym_pr_warn(tp, ...) ... \
... \
..._printk(KERN_WARNING ...

?

> +       if (cp)                                                 \
> +               scmd_printk(lvl, cp->cmd, fmt, ##v);            \
> +       else                                                    \
> +               starget_printk(lvl, tp->starget, fmt, ##v);     \
> +} while (0)
> +
>  /*
>   *  chip exception handler for programmed interrupts.
>   */
> @@ -4415,7 +4422,7 @@ static void sym_int_sir(struct sym_hcb *np)
>          *  been selected with ATN.  We do not want to handle that.
>          */
>         case SIR_SEL_ATN_NO_MSG_OUT:
> -               scmd_printk(KERN_WARNING, cp->cmd,
> +               sym_printk(KERN_WARNING, tp, cp,
>                                 "No MSG OUT phase after selection with ATN\n");
>                 goto out_stuck;
>         /*
> @@ -4423,7 +4430,7 @@ static void sym_int_sir(struct sym_hcb *np)
>          *  having reselected the initiator.
>          */
>         case SIR_RESEL_NO_MSG_IN:
> -               scmd_printk(KERN_WARNING, cp->cmd,
> +               sym_printk(KERN_WARNING, tp, cp,
>                                 "No MSG IN phase after reselection\n");
>                 goto out_stuck;
>         /*
> @@ -4431,7 +4438,7 @@ static void sym_int_sir(struct sym_hcb *np)
>          *  an IDENTIFY.
>          */
>         case SIR_RESEL_NO_IDENTIFY:
> -               scmd_printk(KERN_WARNING, cp->cmd,
> +               sym_printk(KERN_WARNING, tp, cp,
>                                 "No IDENTIFY after reselection\n");
>                 goto out_stuck;
>         /*
> @@ -4460,7 +4467,7 @@ static void sym_int_sir(struct sym_hcb *np)
>         case SIR_RESEL_ABORTED:
>                 np->lastmsg = np->msgout[0];
>                 np->msgout[0] = M_NOOP;
> -               scmd_printk(KERN_WARNING, cp->cmd,
> +               sym_printk(KERN_WARNING, tp, cp,
>                         "message %x sent on bad reselection\n", np->lastmsg);
>                 goto out;
>         /*
> --
> 1.8.3.1
>


-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() in sym_hipd.c
       [not found]   ` <CAFhKne_MtbSKXTT2e+CXZGs_uVieqsfX2ODc8hc5ptdAn8_ETg@mail.gmail.com>
@ 2018-09-12  0:55     ` Martin K. Petersen
  0 siblings, 0 replies; 3+ messages in thread
From: Martin K. Petersen @ 2018-09-12  0:55 UTC (permalink / raw)
  To: Matthew Wilcox
  Cc: Andy Shevchenko, george.kennedy, Matthew Wilcox,
	James E . J . Bottomley, Martin K. Petersen, linux-scsi,
	Linux Kernel Mailing List


Matthew,

> I don't think that's worth doing. Let's keep the patch simple like
> this.

Applied to 4.20/scsi-queue, thanks!

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-09-12  0:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-29 15:38 [PATCH] sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() in sym_hipd.c George Kennedy
2018-08-29 16:56 ` Andy Shevchenko
     [not found]   ` <CAFhKne_MtbSKXTT2e+CXZGs_uVieqsfX2ODc8hc5ptdAn8_ETg@mail.gmail.com>
2018-09-12  0:55     ` Martin K. Petersen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.