2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-16 17:43:56 +08:00
linux-next/drivers/scsi
Kees Cook 4ab293c280 scsi: ips: Avoid over-read of sense buffer
In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memcpy() avoid intentionally reading across
neighboring array fields.

scb->scsi_cmd->sense_buffer is 96 bytes:
	#define SCSI_SENSE_BUFFERSIZE        96

tapeDCDB->sense_info is 56 bytes:
	typedef struct {
	   ...
	   uint8_t   sense_info[56];
	} IPS_DCDB_TABLE_TAPE, ...

scb->dcdb.sense_info is 64 bytes:
	typedef struct {
	   ...
	   uint8_t   sense_info[64];
	   ...
	} IPS_DCDB_TABLE, ...

Copying 96 bytes from either was copying beyond the end of the respective
buffers, leading to potential memory content exposures. Correctly copy the
actual buffer contents and zero pad the remaining bytes.

Link: https://lore.kernel.org/r/20210616212408.1726812-1-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2021-06-18 23:25:27 -04:00
..
aacraid scsi: aacraid: Replace one-element array with flexible-array member 2021-05-10 22:28:31 -04:00
aic7xxx scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
aic94xx scsi: libsas: Introduce more SAM status code aliases in enum exec_status 2021-06-02 16:10:46 -04:00
arcmsr scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
arm scsi: fas216: Use get_status_byte() to avoid using Linux-specific status codes 2021-05-31 22:48:24 -04:00
be2iscsi scsi: iscsi: Fix shost->max_id use 2021-06-02 01:28:21 -04:00
bfa scsi: bfa: Fix inconsistent indenting 2021-05-21 17:01:18 -04:00
bnx2fc scsi: bnx2fc: Fix a typo 2021-03-24 22:58:33 -04:00
bnx2i scsi: iscsi: Fix shost->max_id use 2021-06-02 01:28:21 -04:00
csiostor scsi: csiostor: Fix a typo 2021-03-24 22:54:24 -04:00
cxgbi scsi: iscsi: Fix shost->max_id use 2021-06-02 01:28:21 -04:00
cxlflash scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
device_handler scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() 2021-06-07 21:48:16 -04:00
dpt scsi: docs: convert dpti.txt to ReST 2020-03-11 23:07:59 -04:00
elx scsi: elx: libefc: Fix IRQ restore in efc_domain_dispatch_frame() 2021-06-18 23:01:04 -04:00
esas2r Merge branch '5.14/scsi-result' into 5.14/scsi-staging 2021-06-02 01:37:04 -04:00
fcoe scsi: fcoe: Statically initialize flogi_maddr 2021-06-07 21:30:09 -04:00
fnic scsi: fnic: Use scsi_host_busy_iter() to traverse commands 2021-05-02 22:47:42 -04:00
hisi_sas scsi: hisi_sas: Speed up error handling when internal abort timeout occurs 2021-06-09 23:21:52 -04:00
ibmvscsi scsi: core: Introduce scsi_status_is_check_condition() 2021-05-31 22:48:21 -04:00
ibmvscsi_tgt SCSI misc on 20210428 2021-04-28 17:22:10 -07:00
isci scsi: libsas: Introduce more SAM status code aliases in enum exec_status 2021-06-02 16:10:46 -04:00
libfc scsi: libfc: FDMI enhancements 2021-06-10 00:03:56 -04:00
libsas scsi: libsas: Introduce more SAM status code aliases in enum exec_status 2021-06-02 16:10:46 -04:00
lpfc scsi: lpfc: Fix build error in lpfc_scsi.c 2021-06-18 23:01:03 -04:00
megaraid Merge branch '5.14/scsi-result' into 5.14/scsi-staging 2021-06-02 01:37:04 -04:00
mpi3mr scsi: mpi3mr: Make some symbols static 2021-06-18 22:05:07 -04:00
mpt3sas scsi: mpt3sas: Fix error return value in _scsih_expander_add() 2021-06-18 23:01:03 -04:00
mvsas scsi: libsas: Introduce more SAM status code aliases in enum exec_status 2021-06-02 16:10:46 -04:00
pcmcia scsi: pcmcia: nsp_cs: Use SAM_STAT_CHECK_CONDITION 2021-05-31 22:48:24 -04:00
pm8001 scsi: pm8001: Remove unnecessary OOM message 2021-06-15 22:41:12 -04:00
qedf scsi: qedf: Add vendor identifier attribute 2021-06-10 00:03:32 -04:00
qedi scsi: qedi: Fix host removal with running sessions 2021-06-09 23:06:57 -04:00
qla2xxx scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() 2021-06-15 22:38:53 -04:00
qla4xxx scsi: qla4xxx: Remove redundant continue statement 2021-06-18 23:01:03 -04:00
smartpqi scsi: core: Introduce scsi_build_sense() 2021-05-31 22:48:21 -04:00
snic scsi: snic: Fix an error message 2021-05-14 22:31:25 -04:00
sym53c8xx_2 scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
ufs scsi: ufs: ufs-mediatek: Add missing of_node_put() in ufs_mtk_probe() 2021-06-18 23:01:04 -04:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
3w-9xxx.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
3w-9xxx.h scsi: 3w-9xxx: Fix endianness issues in command packets 2021-05-15 18:01:34 -04:00
3w-sas.c scsi: 3w-sas: Remove unneeded variable 'retval' 2021-03-18 22:18:09 -04:00
3w-sas.h scsi: 3w-sas: Whitespace cleanup 2021-01-22 21:14:08 -05:00
3w-xxxx.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
3w-xxxx.h scsi: 3w-xxxx: Whitespace cleanup 2021-01-22 21:14:07 -05:00
53c700_d.h_shipped
53c700.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
53c700.h treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
53c700.scr
a100u2w.c scsi: a100u2w: Remove unused variable biosaddr 2021-03-29 23:33:06 -04:00
a100u2w.h
a2091.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
a2091.h
a3000.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
a3000.h
a4000t.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
advansys.c scsi: advansys: Do not set message byte in SCSI status 2021-05-31 22:48:24 -04:00
aha152x.c scsi: aha152x: Do not set message byte when calling scsi_done() 2021-05-31 22:48:23 -04:00
aha152x.h
aha1542.c aha1542: use a local bounce buffer 2021-04-06 09:28:17 -06:00
aha1542.h scsi: aha1542: Clarify 'struct ccb' comments 2021-01-13 00:14:07 -05:00
aha1740.c scsi: aha1740: Fix fall-through warnings for Clang 2020-12-02 12:59:46 -05:00
aha1740.h
am53c974.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
atari_scsi.c scsi: atari_scsi: Fix race condition between .queuecommand and EH 2020-11-23 22:12:09 -05:00
atp870u.c scsi: atp870u: Fix naming and demote incorrect and non-conformant kernel-doc header 2021-03-15 22:29:00 -04:00
atp870u.h scsi: atp870u: Whitespace cleanup 2021-01-22 21:14:08 -05:00
BusLogic.c SCSI misc on 20210428 2021-04-28 17:22:10 -07:00
BusLogic.h BusLogic: reject broken old firmware that requires ISA-style bounce buffering 2021-04-06 09:28:17 -06:00
bvme6000_scsi.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
ch.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
constants.c scsi: core: Introduce enums for the SAM and host status codes 2021-06-02 23:09:39 -04:00
dc395x.c scsi: dc395: Translate message bytes 2021-05-31 22:48:22 -04:00
dc395x.h scsi: dc395x: Drop internal SCSI message definitions 2021-01-22 21:14:10 -05:00
dmx3191d.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
dpt_i2o.c scsi: dpt_i2o: Use DID_ERROR instead of INITIATOR_ERROR message 2021-01-22 21:14:11 -05:00
dpti.h scsi: docs: convert dpti.txt to ReST 2020-03-11 23:07:59 -04:00
esp_scsi.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
esp_scsi.h scsi: esp_scsi: Add support for FSC chip 2019-12-19 22:08:51 -05:00
fdomain_isa.c isa: Make the remove callback for isa drivers return void 2021-01-26 07:42:27 +01:00
fdomain_pci.c scsi: fdomain: Resurrect driver - PCI support 2019-06-18 19:46:18 -04:00
fdomain.c scsi: fdomain: Translate message to host byte status 2021-05-31 22:48:24 -04:00
fdomain.h scsi: fdomain: Mark 'fdomain_pm_ops' as __maybe_unused 2020-07-08 01:12:44 -04:00
FlashPoint.c Merge branch '5.14/scsi-result' into 5.14/scsi-staging 2021-06-02 01:37:04 -04:00
g_NCR5380.c isa: Make the remove callback for isa drivers return void 2021-01-26 07:42:27 +01:00
gvp11.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
gvp11.h
hosts.c scsi: core: Change the type of the second argument of scsi_host_complete_all_commands() 2021-06-02 23:09:39 -04:00
hpsa_cmd.h scsi: hpsa: Add an assert to prevent __packed reintroduction 2021-04-01 22:52:40 -04:00
hpsa.c module: remove never implemented MODULE_SUPPORTED_DEVICE 2021-03-17 13:16:18 -07:00
hpsa.h scsi: hpsa: Update copyright 2020-09-02 22:49:06 -04:00
hptiop.c scsi: core: Do not use DRIVER_INVALID 2021-05-31 22:48:21 -04:00
hptiop.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285 2019-06-05 17:36:37 +02:00
imm.c scsi: imm: Switch to use module_parport_driver() 2021-06-18 23:01:03 -04:00
imm.h
initio.c scsi: initio: Fix a few kernel-doc misdemeanours 2021-03-18 23:35:55 -04:00
initio.h scsi: initio: Drop internal SCSI message definition 2021-01-22 21:14:10 -05:00
ipr.c scsi: ipr: Fix incorrect function names in their headers 2021-03-18 23:35:54 -04:00
ipr.h scsi: ipr: Fix struct packed-not-aligned issues 2020-07-15 17:26:58 -04:00
ips.c scsi: ips: Avoid over-read of sense buffer 2021-06-18 23:25:27 -04:00
ips.h treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
iscsi_boot_sysfs.c scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj 2020-06-02 21:23:47 -04:00
iscsi_tcp.c scsi: iscsi: iscsi_tcp: Start socket shutdown during conn stop 2021-06-02 01:28:20 -04:00
iscsi_tcp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
jazz_esp.c scsi: jazz_esp: Add IRQ check 2021-04-13 00:20:48 -04:00
Kconfig scsi: elx: efct: Tie into kernel Kconfig and build process 2021-06-15 23:39:33 -04:00
lasi700.c treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
libiscsi_tcp.c scsi: libiscsi: Drop taskqueuelock 2021-02-08 22:39:03 -05:00
libiscsi.c Merge branch '5.14/scsi-result' into 5.14/scsi-staging 2021-06-02 01:37:04 -04:00
mac53c94.c scsi: mac53c94: Fix warning comparing pointer to 0 2021-03-24 22:16:12 -04:00
mac53c94.h
mac_esp.c scsi: mac_esp: Use module_platform_driver to simplify the code 2020-10-02 21:52:53 -04:00
mac_scsi.c scsi: NCR5380: Remove context check 2020-12-07 20:24:09 -05:00
Makefile scsi: elx: efct: Tie into kernel Kconfig and build process 2021-06-15 23:39:33 -04:00
megaraid.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
megaraid.h
mesh.c scsi: mesh: Translate message to host byte status 2021-05-31 22:48:23 -04:00
mesh.h
mvme16x_scsi.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
mvme147.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
mvme147.h
mvumi.c scsi: core: Do not use DRIVER_INVALID 2021-05-31 22:48:21 -04:00
mvumi.h scsi: Replace zero-length array with flexible-array member 2020-03-11 23:07:56 -04:00
myrb.c scsi: core: Introduce scsi_build_sense() 2021-05-31 22:48:21 -04:00
myrb.h scsi: mylex: Use the correct style for SPDX License Identifier 2020-01-02 21:57:44 -05:00
myrs.c scsi: core: Introduce scsi_build_sense() 2021-05-31 22:48:21 -04:00
myrs.h scsi: mylex: Use the correct style for SPDX License Identifier 2020-01-02 21:57:44 -05:00
ncr53c8xx.c scsi: ncr53c8xx: Fix typos 2021-01-26 22:11:17 -05:00
ncr53c8xx.h scsi: ncr53c8xx: Use SAM status values 2021-01-22 21:14:12 -05:00
NCR5380.c scsi: NCR5380: Fix fall-through warning for Clang 2021-06-07 22:22:53 -04:00
NCR5380.h scsi: NCR5380: Remove context check 2020-12-07 20:24:09 -05:00
nsp32_debug.c
nsp32_io.h
nsp32.c scsi: nsp32: Do not set message byte 2021-05-31 22:48:23 -04:00
nsp32.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 118 2019-05-24 17:39:02 +02:00
pmcraid.c scsi: pmcraid: Correct function name pmcraid_show_adapter_id() in header 2021-03-18 23:35:55 -04:00
pmcraid.h scsi: pmcraid: Fix typos 2021-05-21 16:59:33 -04:00
ppa.c scsi: ppa: Switch to use module_parport_driver() 2021-06-18 23:01:03 -04:00
ppa.h
ps3rom.c scsi: core: Introduce scsi_build_sense() 2021-05-31 22:48:21 -04:00
qla1280.c treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
qla1280.h scsi: qla1280: Fix dma firmware download, if dma address is 64bit 2020-01-15 23:09:11 -05:00
qlogicfas408.c scsi: qlogicfas408: Whitespace cleanup 2021-05-31 22:48:23 -04:00
qlogicfas408.h
qlogicfas.c scsi: remove the use_clustering flag 2018-12-18 23:19:21 -05:00
qlogicpti.c SCSI misc on 20201013 2020-10-14 15:15:35 -07:00
qlogicpti.h scsi: qlogicpti: Use of_node_name_eq for node name comparisons 2019-02-13 22:07:03 -05:00
raid_class.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 437 2019-06-05 17:37:17 +02:00
script_asm.pl treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
scsi_common.c
scsi_debug.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
scsi_debugfs.c scsi: remove the unchecked_isa_dma flag 2021-04-06 09:28:17 -06:00
scsi_debugfs.h scsi: core: add SPDX tags to scsi midlayer files missing licensing information 2019-05-21 06:16:21 -04:00
scsi_devinfo.c scsi: doc: Fix some kernel-doc markups 2020-10-26 21:54:16 -04:00
scsi_dh.c scsi: scsi_dh: Fix a typo 2021-03-24 23:03:43 -04:00
scsi_error.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
scsi_ioctl.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
scsi_lib_dma.c
scsi_lib.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
scsi_logging.c scsi: core: Drop the now obsolete driver_byte definitions 2021-05-31 22:48:22 -04:00
scsi_logging.h scsi: core: Fix a compiler warning triggered by the SCSI logging code 2019-12-19 22:08:54 -05:00
scsi_netlink.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
scsi_pm.c scsi: block: pm: Simplify resume handling 2020-07-24 22:09:55 -04:00
scsi_priv.h scsi: core: Introduce enum scsi_disposition 2021-04-15 22:44:40 -04:00
scsi_proc.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
scsi_sas_internal.h
scsi_scan.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
scsi_sysctl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 209 2019-05-30 11:29:53 -07:00
scsi_sysfs.c SCSI misc on 20210428 2021-04-28 17:22:10 -07:00
scsi_trace.c scsi: scsi_trace: Use get_unaligned_be24() 2020-03-16 22:08:36 -04:00
scsi_transport_api.h
scsi_transport_fc.c scsi: scsi_transport_fc: Remove double FC_FPORT_DELETED in mask creation 2021-05-21 16:58:02 -04:00
scsi_transport_iscsi.c scsi: iscsi: Flush block work before unblock 2021-06-02 01:28:21 -04:00
scsi_transport_sas.c scsi: core: Fixup calling convention for scsi_mode_sense() 2021-05-31 22:48:20 -04:00
scsi_transport_spi.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
scsi_transport_srp.c scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state 2021-04-05 23:14:53 -04:00
scsi.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
scsi.h
scsicam.c include: remove pagemap.h from blkdev.h 2021-05-06 19:24:11 -07:00
sd_dif.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 410 2019-06-05 17:37:14 +02:00
sd_zbc.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
sd.c scsi: core: Drop the now obsolete driver_byte definitions 2021-05-31 22:48:22 -04:00
sd.h SCSI misc on 20201013 2020-10-14 15:15:35 -07:00
sense_codes.h scsi: core: Update additional sense codes list 2020-09-15 20:28:06 -04:00
ses.c SCSI misc on 20190709 2019-07-11 15:14:01 -07:00
sg.c scsi: core: Drop message byte helper 2021-05-31 22:48:24 -04:00
sgiwd93.c sgiwd93: convert to dma_alloc_noncoherent 2020-09-25 06:20:44 +02:00
sim710.c scsi: sim710: Remove unused variable 'err' from sim710_init() 2021-03-18 22:52:29 -04:00
sni_53c710.c treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
sr_ioctl.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
sr_vendor.c scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled 2020-02-24 14:59:01 -05:00
sr.c scsi: core: Drop obsolete Linux-specific SCSI status codes 2021-05-31 23:59:18 -04:00
sr.h scsi: sr: get rid of sr global mutex 2020-02-24 15:01:57 -05:00
st_options.h
st.c scsi: core: Drop the now obsolete driver_byte definitions 2021-05-31 22:48:22 -04:00
st.h scsi: remove the unchecked_isa_dma flag 2021-04-06 09:28:17 -06:00
stex.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
storvsc_drv.c scsi: storvsc: Correctly handle multiple flags in srb_status 2021-06-15 22:21:44 -04:00
sun3_scsi_vme.c
sun3_scsi.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
sun3x_esp.c scsi: sun3x_esp: Add IRQ check 2021-04-13 00:20:48 -04:00
sun_esp.c scsi: sun_esp: Use module_platform_driver to simplify the code 2020-10-02 21:52:55 -04:00
virtio_scsi.c scsi: core: Kill DRIVER_SENSE 2021-05-31 22:48:21 -04:00
vmw_pvscsi.c scsi: core: Do not use DRIVER_INVALID 2021-05-31 22:48:21 -04:00
vmw_pvscsi.h scsi: vmw_pvscsi: MAINTAINERS: Update maintainer 2021-03-04 17:21:25 -05:00
wd33c93.c scsi: wd33c93: Translate message byte to host byte 2021-05-31 22:48:23 -04:00
wd33c93.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 118 2019-05-24 17:39:02 +02:00
wd719x.c SCSI misc on 20190709 2019-07-11 15:14:01 -07:00
wd719x.h scsi: wd719x: use per-command private data 2018-11-15 14:27:08 -05:00
xen-scsifront.c scsi: xen-scsifront: Compability status handling 2021-05-31 22:48:22 -04:00
zalon.c remove ioremap_nocache and devm_ioremap_nocache 2020-01-06 09:45:59 +01:00
zorro7xx.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
zorro_esp.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00