korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 00:04:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
955b376467
linux/drivers/scsi
History
Bui Quang Minh 1f84a2744a scsi: qedf: Ensure the copied buf is NUL terminated 
[ Upstream commit d0184a375e ]

Currently, we allocate a count-sized kernel buffer and copy count from
userspace to that buffer. Later, we use kstrtouint on this buffer but we
don't ensure that the string is terminated inside the buffer, this can
lead to OOB read when using kstrtouint. Fix this issue by using
memdup_user_nul instead of memdup_user.

Fixes: 61d8658b4a ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.")
Signed-off-by: Bui Quang Minh <minhquangbui99@gmail.com>
Link: https://lore.kernel.org/r/20240424-fix-oob-read-v2-4-f1f1b53a10f4@gmail.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-06-16 13:23:28 +02:00
..
aacraid scsi: aacraid: Fix error handling paths in aac_probe_one() 2020-10-01 13:14:42 +02:00
aic7xxx scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 2021-07-28 11:13:44 +02:00
aic94xx scsi: aic94xx: Add missing check for dma_map_single() 2023-03-11 16:31:41 +01:00
arcmsr scsi: arcmsr: clean up clang warning on extraneous parentheses 2019-11-24 08:20:59 +01:00
arm scsi: eesox: Fix different dev_id between request_irq() and free_irq() 2020-08-19 08:14:55 +02:00
be2iscsi scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() 2023-12-13 17:42:17 +01:00
bfa scsi: bfa: Ensure the copied buf is NUL terminated 2024-06-16 13:23:28 +02:00
bnx2fc scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload 2024-05-17 11:42:39 +02:00
bnx2i scsi: iscsi: Fix shost->max_id use 2021-07-20 16:16:08 +02:00
csiostor scsi: csiostor: Avoid function pointer casts 2024-03-26 18:22:41 -04:00
cxgbi scsi: iscsi: Fix shost->max_id use 2021-07-20 16:16:08 +02:00
cxlflash scsi: cxlflash: Fix error return code in cxlflash_probe() 2020-10-01 13:14:45 +02:00
device_handler scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() 2023-04-05 11:15:33 +02:00
dpt
esas2r scsi: esas2r: unlock on error in esas2r_nvram_read_direct() 2020-01-23 08:21:38 +01:00
fcoe scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" 2024-02-23 08:12:56 +01:00
fnic scsi: fnic: Fix error return code in fnic_probe() 2020-12-30 11:26:01 +01:00
hisi_sas scsi: hisi_sas: Replace with standard error code return value 2024-01-25 14:33:34 -08:00
ibmvscsi scsi: ibmvfc: Fix invalid state machine BUG_ON() 2021-05-22 10:59:34 +02:00
ibmvscsi_tgt scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 2022-04-20 09:12:49 +02:00
isci scsi: isci: Fix an error code problem in isci_io_request_build() 2024-02-23 08:12:51 +01:00
libfc scsi: libfc: Fix up timeout error in fc_fcp_rec_error() 2024-02-23 08:12:47 +01:00
libsas scsi: libsas: Fix the failure of adding phy with zero-address to port 2024-06-16 13:23:26 +02:00
lpfc scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic 2024-05-17 11:42:39 +02:00
megaraid scsi: megaraid_sas: Enable msix_load_balance for Invader and later controllers 2023-10-10 21:44:59 +02:00
mpt3sas scsi: mpt3sas: Prevent sending diag_reset when the controller is ready 2024-03-26 18:22:33 -04:00
mvsas scsi: mvsas: Add PCI ID of RocketRaid 2640 2022-04-20 09:12:50 +02:00
osd osd: Convert to new IDA API 2018-08-21 23:54:17 -04:00
pcmcia scsi: remove the fdomain and fdomain_cs drivers 2018-03-19 22:54:47 -04:00
pm8001 treewide: Remove uninitialized_var() usage 2023-08-11 11:45:01 +02:00
qedf scsi: qedf: Ensure the copied buf is NUL terminated 2024-06-16 13:23:28 +02:00
qedi scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock 2023-09-23 10:47:58 +02:00
qla2xxx scsi: qla2xxx: Fix command flush on cable pull 2024-04-13 12:50:11 +02:00
qla4xxx scsi: qla4xxx: Add length check when parsing nlattrs 2023-09-23 10:48:07 +02:00
smartpqi scsi: smartpqi: Fix DMA direction for RAID requests 2022-08-25 11:15:17 +02:00
snic scsi: snic: Fix double free in snic_tgt_create() 2023-08-30 16:31:56 +02:00
sym53c8xx_2 scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() 2019-11-20 18:46:29 +01:00
ufs scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL 2024-06-16 13:23:26 +02:00
.gitignore scsi: scsi_devinfo: Add scsi_devinfo_tbl.c 2017-10-25 05:40:22 -04:00
3w-9xxx.c scsi: 3w-9xxx: Avoid disabling device if failing to enable it 2022-10-26 13:19:40 +02:00
3w-9xxx.h scsi: 3w-9xxx: rework lock timeouts 2017-12-04 20:32:53 -05:00
3w-sas.c scsi: 3ware: fix return 0 on the error path of probe 2018-07-30 23:17:53 -04:00
3w-sas.h
3w-xxxx.c scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() 2023-08-11 11:45:09 +02:00
3w-xxxx.h
53c700_d.h_shipped
53c700.c scsi: 53c700: Check that command slot is not NULL 2023-08-16 18:13:01 +02:00
53c700.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
53c700.scr
a100u2w.c scsi: a100u2w: Replace mdelay() with msleep() 2018-07-30 23:17:53 -04:00
a100u2w.h
a2091.c
a2091.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
a3000.c
a3000.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
a4000t.c
advansys.c scsi: advansys: Fix kernel pointer leak 2021-11-26 11:36:20 +01:00
aha152x.c scsi: aha152x: Fix aha152x_setup() __setup handler return value 2022-04-15 14:15:02 +02:00
aha152x.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
aha1542.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
aha1542.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
aha1740.c scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
aha1740.h scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
am53c974.c scsi: am53c974: Use module_pci_driver 2018-05-01 23:29:41 -04:00
atari_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:12:56 +01:00
atp870u.c scsi: atp870u: Replace mdelay() with msleep() 2018-07-30 23:17:53 -04:00
atp870u.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
BusLogic.c scsi: BusLogic: Fix missing pr_cont() use 2021-09-22 11:48:09 +02:00
BusLogic.h scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic 2021-06-03 08:38:10 +02:00
bvme6000_scsi.c
ch.c scsi: ch: Make it possible to open a ch device multiple times again 2019-10-29 09:19:50 +01:00
constants.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dc395x.c treewide: Remove uninitialized_var() usage 2023-08-11 11:45:01 +02:00
dc395x.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dmx3191d.c
dpt_i2o.c scsi: dpt_i2o: Do not process completions with invalid addresses 2023-06-09 10:24:04 +02:00
dpti.h scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD) 2023-06-09 10:24:04 +02:00
esp_scsi.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-13 11:08:32 -08:00
esp_scsi.h scsi: esp_scsi: Track residual for PIO transfers 2018-11-13 11:08:32 -08:00
FlashPoint.c scsi: FlashPoint: Rename si_flags field 2021-07-20 16:15:55 +02:00
g_NCR5380.c
gdth_ioctl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gdth_proc.c scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
gdth_proc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gdth.c scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
gdth.h scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
gvp11.c
gvp11.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hosts.c scsi: core: Use 32-bit hostnum in scsi_host_lookup() 2023-09-23 10:48:08 +02:00
hpsa_cmd.h scsi: hpsa: correct ioaccel2 chaining 2019-07-10 09:53:37 +02:00
hpsa.c scsi: hpsa: Fix allocation size for Scsi_Host private data 2024-06-16 13:23:26 +02:00
hpsa.h scsi: hpsa: use local workqueues instead of system workqueues 2023-01-18 11:30:22 +01:00
hptiop.c
hptiop.h
imm.c scsi: don't add scsi command result bytes 2018-06-26 12:27:07 -04:00
imm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
initio.c
initio.h
ipr.c scsi: ipr: Work around fortify-string warning 2023-03-11 16:31:59 +01:00
ipr.h scsi: ipr: Fix softlockup when rescanning devices in petitboot 2020-04-02 15:28:15 +02:00
ips.c scsi: ips: fix missing break in switch 2019-12-01 09:16:26 +01:00
ips.h scsi: ips: fix firmware timestamps for 32-bit 2018-04-20 19:40:17 -04:00
iscsi_boot_sysfs.c scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj 2020-06-25 15:33:01 +02:00
iscsi_tcp.c scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress 2023-02-22 12:47:12 +01:00
iscsi_tcp.h
jazz_esp.c scsi: jazz_esp: Add IRQ check 2021-05-22 10:59:33 +02:00
Kconfig scsi: jazz_esp: Only build if SCSI core is builtin 2024-03-01 13:06:11 +01:00
lasi700.c
libiscsi_tcp.c scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
libiscsi.c scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() 2022-01-11 13:58:50 +01:00
mac53c94.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mac53c94.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mac_esp.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-13 11:08:32 -08:00
mac_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:12:56 +01:00
Makefile SCSI misc on 20180815 2018-08-15 22:06:26 -07:00
megaraid.c scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS 2023-05-17 11:13:12 +02:00
megaraid.h scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
mesh.c scsi: mesh: Fix panic after host or bus reset 2020-08-19 08:14:59 +02:00
mesh.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mvme16x_scsi.c
mvme147.c scsi: mvme147: stop using scsi_module.c 2018-03-19 22:54:47 -04:00
mvme147.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mvumi.c scsi: mvumi: Fix error return in mvumi_io_attach() 2020-10-30 10:38:28 +01:00
mvumi.h
ncr53c8xx.c scsi: ncr53c8xx: remove ScsiResult macro 2018-07-10 22:42:47 -04:00
ncr53c8xx.h
NCR5380.c scsi: NCR5380: Add disconnect_mask module parameter 2020-01-04 19:13:04 +01:00
NCR5380.h scsi: NCR5380: Have NCR5380_select() return a bool 2019-11-20 18:47:49 +01:00
nsp32_debug.c scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
nsp32_io.h
nsp32.c scsi: nsp32: fix logic bug in error handling 2017-10-16 22:38:44 -04:00
nsp32.h
osst_detect.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
osst_options.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
osst.c treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
osst.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pmcraid.c scsi: pmcraid: Fix missing resource cleanup in error case 2022-06-25 11:49:14 +02:00
pmcraid.h scsi: pmcraid: Use sgl_alloc_order() and sgl_free_order() 2018-02-13 21:49:15 -05:00
ppa.c scsi: ppa: mark expected switch fall-throughs 2017-12-04 20:32:52 -05:00
ppa.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ps3rom.c
qla1280.c timer: Remove init_timer_on_stack() in favor of timer_setup_on_stack() 2017-10-05 15:01:17 +02:00
qla1280.h timer: Remove init_timer_on_stack() in favor of timer_setup_on_stack() 2017-10-05 15:01:17 +02:00
qlogicfas408.c
qlogicfas408.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
qlogicfas.c
qlogicpti.c scsi: read host_busy via scsi_host_busy() 2018-06-26 12:53:26 -04:00
qlogicpti.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
raid_class.c scsi: core: raid_class: Remove raid_component_add() 2023-08-30 16:31:56 +02:00
script_asm.pl
scsi_common.c scsi: core: doc. fixes to scsi_common.c 2017-12-11 21:39:39 -05:00
scsi_debug.c scsi: scsi_debug: Fix a warning in resp_write_scat() 2023-01-18 11:30:21 +01:00
scsi_debugfs.c scsi: devinfo: use const_ilog2 for array indices 2018-04-20 19:14:28 -04:00
scsi_debugfs.h
scsi_devinfo.c scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR 2023-04-05 11:15:37 +02:00
scsi_dh.c scsi: core: add new RDAC LENOVO/DE_Series device 2019-05-08 07:21:49 +02:00
scsi_error.c scsi: core: save/restore command resid for error handling 2019-10-29 09:19:49 +01:00
scsi_ioctl.c scsi: core: check for equality of result byte values 2018-06-26 12:27:06 -04:00
scsi_lib_dma.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
scsi_lib.c scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed 2023-06-09 10:24:00 +02:00
scsi_logging.c scsi: core: Reduce memory required for SCSI logging 2019-10-07 18:57:04 +02:00
scsi_logging.h SCSI misc on 20171114 2017-11-14 16:23:44 -08:00
scsi_netlink.c
scsi_pm.c scsi: core: Synchronize request queue PM status only on successful resume 2019-01-22 21:40:32 +01:00
scsi_priv.h scsi: dh: Remove scsi_dh_remove_device() 2017-12-07 21:13:45 -05:00
scsi_proc.c scsi: core: Fix legacy /proc parsing buffer overflow 2023-08-16 18:13:01 +02:00
scsi_sas_internal.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
scsi_scan.c scsi: core: Avoid printing an error if target_alloc() returns -ENXIO 2021-08-26 08:36:44 -04:00
scsi_sysctl.c
scsi_sysfs.c scsi: core: Put LLD module refcnt after SCSI device is released 2021-11-06 13:58:45 +01:00
scsi_trace.c scsi: core: scsi_trace: Use get_unaligned_be*() 2020-01-23 08:21:38 +01:00
scsi_transport_api.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
scsi_transport_fc.c SCSI misc on 20180815 2018-08-15 22:06:26 -07:00
scsi_transport_iscsi.c scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() 2023-09-23 10:48:07 +02:00
scsi_transport_sas.c SCSI misc on 20180610 2018-06-10 13:01:12 -07:00
scsi_transport_spi.c scsi: scsi_transport_spi: Set RQF_PM for domain validation commands 2021-01-12 20:10:16 +01:00
scsi_transport_srp.c scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state 2021-04-28 13:16:49 +02:00
scsi.c scsi: core: Improve scsi_vpd_inquiry() checks 2023-04-26 11:21:51 +02:00
scsi.h scsi: core: remove Scsi_Cmnd typedef 2018-06-19 22:02:25 -04:00
scsicam.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sd_dif.c block: move dif_prepare/dif_complete functions to block layer 2018-07-30 08:27:02 -06:00
sd_zbc.c SCSI misc on 20180815 2018-08-15 22:06:26 -07:00
sd.c scsi: sd: Free scsi_disk device via put_device() 2021-10-09 14:11:03 +02:00
sd.h block: move dif_prepare/dif_complete functions to block layer 2018-07-30 08:27:02 -06:00
sense_codes.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ses.c scsi: ses: Handle enclosure with just a primary component gracefully 2023-04-20 12:04:40 +02:00
sg.c scsi: sg: Allow waiting for commands to complete on removed device 2022-08-25 11:15:32 +02:00
sgiwd93.c
sim710.c
sni_53c710.c scsi: sni_53c710: Add IRQ check 2021-05-22 10:59:34 +02:00
sr_ioctl.c block: Switch struct packet_command to use struct scsi_sense_hdr 2018-08-02 15:22:13 -06:00
sr_vendor.c scsi: sr: Don't use GFP_DMA 2022-01-27 09:04:30 +01:00
sr.c scsi: sr: Don't use GFP_DMA 2022-01-27 09:04:30 +01:00
sr.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
st_options.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
st.c scsi: st: Fix a use after free in st_open() 2021-04-07 12:48:48 +02:00
st.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stex.c scsi: stex: Fix gcc 13 warnings 2023-06-09 10:24:02 +02:00
storvsc_drv.c scsi: storvsc: Fix handling of virtual Fibre Channel timeouts 2023-08-16 18:13:01 +02:00
sun3_scsi_vme.c
sun3_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:12:56 +01:00
sun3x_esp.c scsi: sun3x_esp: Add IRQ check 2021-05-22 10:59:34 +02:00
sun_esp.c
virtio_scsi.c scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids 2023-11-28 16:46:36 +00:00
vmw_pvscsi.c scsi: vmw_pvscsi: Set residual data length conditionally 2022-01-05 12:34:59 +01:00
vmw_pvscsi.h scsi: vmw_pvscsi: Expand vcpuHint to 16 bits 2022-06-25 11:49:14 +02:00
wd33c93.c
wd33c93.h
wd719x.c scsi: wd719x: Use module_pci_driver 2018-05-01 23:30:12 -04:00
wd719x.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xen-scsifront.c xen/scsifront: don't use gnttab_query_foreign_access() for mapped status 2022-03-11 10:15:13 +01:00
zalon.c
zorro7xx.c scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() 2022-04-15 14:15:04 +02:00
zorro_esp.c scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane) 2019-12-17 20:36:03 +01:00