Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v6.7.9 2023-10-25T02:36:39Z 2023-10-25T02:36:39Z Hannes Reinecke hare@suse.de 2023-10-23T07:30:05Z urn:sha1:4b1c07913239b7a02592084d449c3938ce22b106 Detected by smatch. Fixes: 17865dc2eccc ("scsi: message: fusion: Open-code mptfc_block_error_handler() for bus reset") Reported-by: Dan Carpenter <dan.carpenter@linaro.org> Signed-off-by: Hannes Reinecke <hare@suse.de> Link: https://lore.kernel.org/r/20231023073005.20766-1-hare@suse.de Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-13T18:25:20Z Martin K. Petersen martin.petersen@oracle.com 2023-10-13T18:25:20Z urn:sha1:9f4c887fe64e27413509979b5be3fb2630d813ba Hannes Reinecke <hare@suse.de> says: Hi all, (taking up an old thread:) here's the first batch of patches for my EH rework. It modifies the reset callbacks for SCSI drivers such that the final conversion to drop the 'struct scsi_cmnd' argument and use the entity in question (host, bus, target, device) as the argument to the SCSI EH callbacks becomes possible. The first part covers drivers which just requires minor tweaks. Link: https://lore.kernel.org/r/20231002154328.43718-1-hare@suse.de Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-13T18:23:14Z Hannes Reinecke hare@suse.de 2023-10-02T15:43:13Z urn:sha1:17865dc2eccca0177433eb52c06befdc82b6a286 When calling bus_reset we have potentially several ports to be reset, so this patch open-codes the existing mptfc_block_error_handler() to wait for all ports attached to this bus. Signed-off-by: Hannes Reinecke <hare@suse.de> Link: https://lore.kernel.org/r/20231002154328.43718-4-hare@suse.de Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-13T18:23:14Z Hannes Reinecke hare@suse.de 2023-10-02T15:43:12Z urn:sha1:e6629081fb125d6a40b430450099735b35309a82 mptscsih_dev_reset() is _not_ a device reset, but rather a target reset. Nevertheless it's being used for either purpose. This patch adds a correct implementation for mptscsih_dev_reset(), and renames the original function to mptscsih_target_reset(). Signed-off-by: Hannes Reinecke <hare@suse.de> Link: https://lore.kernel.org/r/20231002154328.43718-3-hare@suse.de Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-13T18:23:14Z Hannes Reinecke hare@suse.de 2023-10-02T15:43:11Z urn:sha1:d9987d4b9671541273014adefec137c1fc832168 Instead of passing in a function to mptfc_block_error_handler() we can as well return a status and call the function afterwards. Signed-off-by: Hannes Reinecke <hare@suse.de> Link: https://lore.kernel.org/r/20231002154328.43718-2-hare@suse.de Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-10T01:31:19Z Justin Stitt justinstitt@google.com 2023-10-03T22:15:45Z urn:sha1:45e833f0e5bb1985721d4a52380db47c5dad2d49 strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. The only caller of mptsas_exp_repmanufacture_info() is mptsas_probe_one_phy() which can allocate rphy in either sas_end_device_alloc() or sas_expander_alloc(). Both of which zero-allocate: | rdev = kzalloc(sizeof(*rdev), GFP_KERNEL); ... this is supplied to mptsas_exp_repmanufacture_info() as edev meaning that no future NUL-padding of edev members is needed. Considering the above, a suitable replacement is strscpy() [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Also use the more idiomatic strscpy() pattern of (dest, src, sizeof(dest)). Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Justin Stitt <justinstitt@google.com> Link: https://lore.kernel.org/r/20231003-strncpy-drivers-message-fusion-mptsas-c-v2-1-5ce07e60bd21@google.com Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-10-10T01:29:08Z Justin Stitt justinstitt@google.com 2023-09-27T04:06:09Z urn:sha1:4280a0a70170f60df83ddb46eaee7bbbe88622d9 strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. Since all these structs are copied out to userspace let's keep them NUL-padded by using strscpy_pad() which guarantees NUL-termination of the destination buffer while also providing the NUL-padding behavior that strncpy() has. Let's also opt to use the more idiomatic strscpy() usage of: 'dest, src, sizeof(dest)' in cases where the compiler can determine the size of the destination buffer. Do this for all cases of strscpy...() in this file. To be abundantly sure we don't leak stack data out to user space let's also change a strscpy() to strscpy_pad(). This strscpy() was introduced in commit dbe37c71d124 ("scsi: message: fusion: Replace all non-returning strlcpy() with strscpy()") Note that since we are creating these structs with a copy_from_user() and modifying fields and then copying back out to the user it is probably OK not to explicitly NUL-pad everything as any data leak is probably just data from the user themselves. If this is too eager, let's opt for strscpy() which is still in the spirit of removing deprecated strncpy() usage treewide. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Justin Stitt <justinstitt@google.com> Link: https://lore.kernel.org/r/20230927-strncpy-drivers-message-fusion-mptctl-c-v1-1-bb2eddc1743c@google.com Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-05-31T23:59:26Z Niklas Schnelle schnelle@linux.ibm.com 2023-05-22T10:50:26Z urn:sha1:c3f903472ffacd2f776e119315a084d5b458b9ef In a future patch HAS_IOPORT=n will result in inb()/outb() and friends not being declared. We thus need to add HAS_IOPORT as dependency for those drivers using them. Co-developed-by: Arnd Bergmann <arnd@kernel.org> Signed-off-by: Arnd Bergmann <arnd@kernel.org> Signed-off-by: Niklas Schnelle <schnelle@linux.ibm.com> Link: https://lore.kernel.org/r/20230522105049.1467313-22-schnelle@linux.ibm.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-05-31T22:03:33Z Azeem Shaikh azeemshaikh38@gmail.com 2023-05-30T16:02:48Z urn:sha1:dbe37c71d1246ec2c5f851aeede12db44ffd5d2c strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). No return values were used, so direct replacement is safe. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Link: https://lore.kernel.org/r/20230530160248.411637-1-azeemshaikh38@gmail.com Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> 2023-04-28T21:02:54Z Linus Torvalds torvalds@linux-foundation.org 2023-04-28T21:02:54Z urn:sha1:2aff7c706c7483f4895ca250c92c1d71e45b6e82 Pull objtool updates from Ingo Molnar: - Mark arch_cpu_idle_dead() __noreturn, make all architectures & drivers that did this inconsistently follow this new, common convention, and fix all the fallout that objtool can now detect statically - Fix/improve the ORC unwinder becoming unreliable due to UNWIND_HINT_EMPTY ambiguity, split it into UNWIND_HINT_END_OF_STACK and UNWIND_HINT_UNDEFINED to resolve it - Fix noinstr violations in the KCSAN code and the lkdtm/stackleak code - Generate ORC data for __pfx code - Add more __noreturn annotations to various kernel startup/shutdown and panic functions - Misc improvements & fixes * tag 'objtool-core-2023-04-27' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (52 commits) x86/hyperv: Mark hv_ghcb_terminate() as noreturn scsi: message: fusion: Mark mpt_halt_firmware() __noreturn x86/cpu: Mark {hlt,resume}_play_dead() __noreturn btrfs: Mark btrfs_assertfail() __noreturn objtool: Include weak functions in global_noreturns check cpu: Mark nmi_panic_self_stop() __noreturn cpu: Mark panic_smp_self_stop() __noreturn arm64/cpu: Mark cpu_park_loop() and friends __noreturn x86/head: Mark *_start_kernel() __noreturn init: Mark start_kernel() __noreturn init: Mark [arch_call_]rest_init() __noreturn objtool: Generate ORC data for __pfx code x86/linkage: Fix padding for typed functions objtool: Separate prefix code from stack validation code objtool: Remove superfluous dead_end_function() check objtool: Add symbol iteration helpers objtool: Add WARN_INSN() scripts/objdump-func: Support multiple functions context_tracking: Fix KCSAN noinstr violation objtool: Add stackleak instrumentation to uaccess safe list ...