github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 07:03:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
c19c1881f2
linux/drivers/scsi
History
Kees Cook 81ff3e2f64 scsi: csiostor: Avoid content leaks and casts 
commit 42c335f7e6 upstream.

When copying attributes, the len argument was padded out and the
resulting memcpy() would copy beyond the end of the source buffer.
Avoid this, and use size_t for val_len to avoid all the casts.
Similarly, avoid source buffer casts and use void *.

Additionally enforces val_len can be represented by u16 and that the DMA
buffer was not overflowed. Fixes the size of mfa, which is not
FC_FDMI_PORT_ATTR_MAXFRAMESIZE_LEN (but it will be padded up to 4). This
was noticed by the future CONFIG_FORTIFY_SOURCE checks.

Cc: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-12-13 09:21:30 +01:00
..
aacraid scsi: aacraid: Fix typo in blink status 2018-11-10 07:41:40 -08:00
aic7xxx aic7xxx: Fix queue depth handling 2016-04-12 09:08:39 -07:00
aic94xx scsi: aic94xx: fix an error code in aic94xx_init() 2018-09-15 09:40:39 +02:00
arcmsr scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware 2016-11-10 16:36:35 +01:00
arm scsi: fas216: fix sense buffer initialization 2018-05-30 07:48:54 +02:00
be2iscsi be2iscsi: set the boot_kset pointer to NULL in case of failure 2016-04-12 09:08:39 -07:00
bfa scsi: bfa: convert to strlcpy/strlcat 2018-12-13 09:21:29 +01:00
bnx2fc scsi: bnx2fc: Fix check in SCSI completion handler for timed out request 2018-05-30 07:48:57 +02:00
bnx2i scsi: bnx2i: add error handling for ioremap_nocache 2018-10-10 08:52:06 +02:00
csiostor scsi: csiostor: Avoid content leaks and casts 2018-12-13 09:21:30 +01:00
cxgbi scsi: cxgb4i: fix Tx skb leak 2017-12-25 14:22:14 +01:00
cxlflash scsi: cxlflash: Improve EEH recovery time 2017-05-08 07:46:02 +02:00
device_handler scsi: scsi_dh_emc: return success in clariion_std_inquiry() 2017-10-21 17:09:05 +02:00
dpt
esas2r scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
fcoe scsi: fcoe: drop frames in ELS LOGO error path 2018-09-05 09:18:36 +02:00
fnic scsi: fnic: Avoid sending reset to firmware when another reset is in progress 2017-08-06 19:19:47 -07:00
ibmvscsi scsi: ibmvscsi: Improve strings handling 2018-10-10 08:52:05 +02:00
isci scsi: isci: avoid array subscript warning 2017-09-02 07:06:50 +02:00
libfc libfc: Use the correct function name in kernel-doc comment. 2015-11-09 17:15:52 -08:00
libsas scsi: libsas: defer ata device eh commands to libata 2018-05-26 08:48:59 +02:00
lpfc scsi: lpfc: Correct soft lockup when running mds diagnostics 2018-11-21 09:27:33 +01:00
megaraid scsi: megaraid_sas: fix a missing-check bug 2018-11-21 09:27:32 +01:00
mpt3sas scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM 2018-05-30 07:49:03 +02:00
mvsas mvsas: fix misleading indentation 2017-03-18 19:09:58 +08:00
osd
pcmcia
pm8001 SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
qla2xxx scsi: qla2xxx: do not queue commands when unloading 2018-12-01 09:46:40 +01:00
qla4xxx scsi: qla4xxx: skip error recovery in case of register disconnect. 2018-05-30 07:48:58 +02:00
snic scsi: snic: Return error code on memory allocation failure 2017-08-06 19:19:47 -07:00
sym53c8xx_2 scsi: sym53c8xx_2: iterator underflow in sym_getsync() 2018-05-30 07:48:57 +02:00
ufs scsi: ufshcd: release resources if probe fails 2018-12-01 09:46:40 +01:00
.gitignore
3w-9xxx.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-9xxx.h
3w-sas.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-sas.h
3w-xxxx.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-xxxx.h
53c700_d.h_shipped
53c700.c 53c700: fix BUG on untagged commands 2016-07-27 09:47:39 -07:00
53c700.h
53c700.scr
a100u2w.c
a100u2w.h
a2091.c
a2091.h
a3000.c
a3000.h
a4000t.c
advansys.c scsi: advansys: fix uninitialized data access 2018-02-25 11:03:43 +01:00
aha152x.c
aha152x.h
aha1542.c
aha1542.h
aha1740.c
aha1740.h
am53c974.c
atari_NCR5380.c
atari_scsi.c
atp870u.c
atp870u.h
BusLogic.c
BusLogic.h
bvme6000_scsi.c
ch.c
constants.c scsi: fix upper bounds check of sense key in scsi_sense_key_string() 2016-09-15 08:27:54 +02:00
dc395x.c
dc395x.h
dmx3191d.c
dpt_i2o.c dpt_i2o: fix build warning 2018-02-25 11:03:44 +01:00
dpti.h
dtc.c
dtc.h
eata_generic.h
eata_pio.c
eata_pio.h
eata.c
esp_scsi.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
esp_scsi.h scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
fdomain.c scsi: fdomain: drop fdomain_pci_tbl when built-in 2018-02-25 11:03:45 +01:00
fdomain.h
FlashPoint.c FlashPoint: fix build warning 2015-11-09 16:32:14 -08:00
g_NCR5380_mmio.c
g_NCR5380.c ncr5380: shut up gcc indentation warning 2018-02-25 11:03:51 +01:00
g_NCR5380.h
gdth_ioctl.h
gdth_proc.c
gdth_proc.h
gdth.c
gdth.h
gvp11.c
gvp11.h
hosts.c Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
hpsa_cmd.h scsi: hpsa: update check for logical volume status 2017-12-20 10:04:54 +01:00
hpsa.c scsi: hpsa: fix volume offline state 2018-01-23 19:50:15 +01:00
hpsa.h scsi: hpsa: limit outstanding rescans 2017-12-20 10:04:55 +01:00
hptiop.c
hptiop.h
imm.c
imm.h
in2000.c
in2000.h
initio.c SCSI: initio: remove duplicate module device table 2018-02-25 11:03:45 +01:00
initio.h
ipr.c scsi: ipr: Fix missed EH wakeup 2018-03-22 09:23:21 +01:00
ipr.h ipr: Driver version 2.6.3. 2015-11-09 19:32:41 -05:00
ips.c
ips.h
iscsi_boot_sysfs.c
iscsi_tcp.c
iscsi_tcp.h
jazz_esp.c
Kconfig scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m 2017-05-14 13:32:57 +02:00
lasi700.c
libiscsi_tcp.c
libiscsi.c scsi: libiscsi: fix possible NULL pointer dereference in case of TMF 2018-09-05 09:18:34 +02:00
mac_esp.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
mac_scsi.c
mac53c94.c
mac53c94.h
Makefile mpt3sas: Single driver module which supports both SAS 2.0 & SAS 3.0 HBAs 2015-11-11 19:50:11 -05:00
megaraid.c scsi: megaraid: silence a static checker bug 2018-08-06 16:24:37 +02:00
megaraid.h
mesh.c
mesh.h
mvme16x_scsi.c
mvme147.c
mvme147.h
mvumi.c scsi: mvumi: use __maybe_unused to hide pm functions 2018-02-25 11:03:45 +01:00
mvumi.h
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
ncr53c8xx.c
ncr53c8xx.h
NCR53c406a.c
NCR5380.c
NCR5380.h
nsp32_debug.c
nsp32_io.h
nsp32.c
nsp32.h
osst_detect.h
osst_options.h
osst.c
osst.h
pas16.c
pas16.h
pmcraid.c SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
pmcraid.h
ppa.c
ppa.h
ps3rom.c
qla1280.c qla1280: Don't allocate 512kb of host tags 2016-05-18 17:06:52 -07:00
qla1280.h
qlogicfas.c
qlogicfas408.c
qlogicfas408.h
qlogicpti.c
qlogicpti.h
raid_class.c
script_asm.pl
scsi_common.c scsi_common: do not clobber fixed sense information 2016-04-12 09:09:05 -07:00
scsi_debug.c scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded 2016-11-10 16:36:35 +01:00
scsi_devinfo.c scsi: scsi_devinfo: cleanly zero-pad devinfo strings 2018-12-13 09:21:30 +01:00
scsi_dh.c scsi: scsi_dh: replace too broad "TP9" string with the exact models 2018-08-06 16:24:39 +02:00
scsi_error.c scsi: fix race between simultaneous decrements of ->host_failed 2016-07-27 09:47:39 -07:00
scsi_ioctl.c
scsi_lib_dma.c
scsi_lib.c scsi: use 'scsi_device_from_queue()' for scsi_dh 2017-03-12 06:37:26 +01:00
scsi_logging.c
scsi_logging.h
scsi_module.c
scsi_netlink.c
scsi_pm.c Revert "SCSI: Fix NULL pointer dereference in runtime PM" 2015-12-10 12:24:44 -05:00
scsi_priv.h
scsi_proc.c
scsi_sas_internal.h
scsi_scan.c scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state 2018-11-10 07:41:37 -08:00
scsi_sysctl.c
scsi_sysfs.c scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state 2018-11-10 07:41:37 -08:00
scsi_trace.c
scsi_transport_api.h
scsi_transport_fc.c
scsi_transport_iscsi.c scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly 2017-10-05 09:41:44 +02:00
scsi_transport_sas.c
scsi_transport_spi.c
scsi_transport_srp.c scsi: scsi_transport_srp: Fix shost to rport translation 2018-06-06 16:46:23 +02:00
scsi_typedefs.h
scsi.c scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
scsi.h
scsicam.c
sd_dif.c
sd.c scsi: sd: Keep disk read-only when re-reading partition 2018-05-30 07:49:04 +02:00
sd.h sd: Fix rw_max for devices that report an optimal xfer size 2016-10-28 03:01:33 -04:00
ses.c scsi: ses: don't get power status of SES device slot on probe 2018-03-22 09:23:24 +01:00
sg.c scsi: sg: fix minor memory leak in error path 2018-08-06 16:24:42 +02:00
sgiwd93.c
sim710.c scsi: sim710: fix build warning 2018-02-25 11:03:44 +01:00
sni_53c710.c
sr_ioctl.c
sr_vendor.c
sr.c scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled 2018-08-15 17:42:05 +02:00
sr.h
st_options.h
st.c Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
st.h
stex.c stex: Remove use of struct timeval 2015-11-09 17:42:19 -08:00
storvsc_drv.c scsi: storvsc: Increase cmd_per_lun for higher speed devices 2018-05-30 07:48:58 +02:00
sun_esp.c
sun3_scsi_vme.c
sun3_scsi.c
sun3_scsi.h
sun3x_esp.c
sym53c416.c
sym53c416.h
t128.c
t128.h
u14-34f.c
ultrastor.c
ultrastor.h
virtio_scsi.c scsi: virtio_scsi: always read VPD pages for multiqueue too 2018-04-08 11:51:59 +02:00
vmw_pvscsi.c scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED 2018-09-05 09:18:36 +02:00
vmw_pvscsi.h
wd33c93.c
wd33c93.h
wd719x.c
wd719x.h
wd7000.c
xen-scsifront.c scsi: xen-scsifront: add error handling for xenbus_printf 2018-08-24 13:26:54 +02:00
zalon.c
zorro7xx.c