OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/drivers/scsi
History
John Garry 0c0d30eaf3 scsi: scsi_debug: Add check for sdebug_max_queue during module init 
[ Upstream commit c87bf24cfb ]

sdebug_max_queue should not exceed SDEBUG_CANQUEUE, otherwise crashes like
this can be triggered by passing an out-of-range value:

Hardware name: Huawei D06 /D06, BIOS Hisilicon D06 UEFI RC0 - V1.16.01 03/15/2019
 pstate: 20400009 (nzCv daif +PAN -UAO BTYPE=--)
 pc : schedule_resp+0x2a4/0xa70 [scsi_debug]
 lr : schedule_resp+0x52c/0xa70 [scsi_debug]
 sp : ffff800022ab36f0
 x29: ffff800022ab36f0 x28: ffff0023a935a610
 x27: ffff800008e0a648 x26: 0000000000000003
 x25: ffff0023e84f3200 x24: 00000000003d0900
 x23: 0000000000000000 x22: 0000000000000000
 x21: ffff0023be60a320 x20: ffff0023be60b538
 x19: ffff800008e13000 x18: 0000000000000000
 x17: 0000000000000000 x16: 0000000000000000
 x15: 0000000000000000 x14: 0000000000000000
 x13: 0000000000000000 x12: 0000000000000000
 x11: 0000000000000000 x10: 0000000000000000
 x9 : 0000000000000001 x8 : 0000000000000000
 x7 : 0000000000000000 x6 : 00000000000000c1
 x5 : 0000020000200000 x4 : dead0000000000ff
 x3 : 0000000000000200 x2 : 0000000000000200
 x1 : ffff800008e13d88 x0 : 0000000000000000
 Call trace:
schedule_resp+0x2a4/0xa70 [scsi_debug]
scsi_debug_queuecommand+0x2c4/0x9e0 [scsi_debug]
scsi_queue_rq+0x698/0x840
__blk_mq_try_issue_directly+0x108/0x228
blk_mq_request_issue_directly+0x58/0x98
blk_mq_try_issue_list_directly+0x5c/0xf0
blk_mq_sched_insert_requests+0x18c/0x200
blk_mq_flush_plug_list+0x11c/0x190
blk_flush_plug_list+0xdc/0x110
blk_finish_plug+0x38/0x210
blkdev_direct_IO+0x450/0x4d8
generic_file_read_iter+0x84/0x180
blkdev_read_iter+0x3c/0x50
aio_read+0xc0/0x170
io_submit_one+0x5c8/0xc98
__arm64_sys_io_submit+0x1b0/0x258
el0_svc_common.constprop.3+0x68/0x170
do_el0_svc+0x24/0x90
el0_sync_handler+0x13c/0x1a8
el0_sync+0x158/0x180
 Code: 528847e0 72a001e0 6b00003f 540018cd (3941c340)

In addition, it should not be less than 1.

So add checks for these, and fail the module init for those cases.

[mkp: changed if condition to match error message]

Link: https://lore.kernel.org/r/1594297400-24756-2-git-send-email-john.garry@huawei.com
Fixes: c483739430 ("scsi_debug: add multiple queue support")
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Acked-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-08-19 08:16:11 +02:00
..
aacraid PCI: Move ASPM declarations to linux/pci.h 2019-08-28 08:28:39 -05:00
aic7xxx scsi: aic7xxx: Adjust indentation in ahc_find_syncrate 2020-02-24 08:36:38 +01:00
aic94xx
arcmsr
arm scsi: eesox: Fix different dev_id between request_irq() and free_irq() 2020-08-19 08:16:09 +02:00
be2iscsi
bfa scsi: bfa: release allocated memory in case of error 2020-01-14 20:08:37 +01:00
bnx2fc SCSI fixes on 20191004 2019-10-05 12:53:27 -07:00
bnx2i scsi: bnx2i: fix potential use after free 2020-01-23 08:22:58 +01:00
csiostor scsi: csiostor: Adjust indentation in csio_device_reset 2020-02-11 04:35:44 -08:00
cxgbi scsi: cxgb3i: Fix some leaks in init_act_open() 2020-06-24 17:50:16 +02:00
cxlflash
device_handler SCSI fixes on 20191025 2019-10-25 20:11:33 -04:00
dpt
esas2r scsi: esas2r: unlock on error in esas2r_nvram_read_direct() 2020-01-23 08:22:58 +01:00
fcoe SCSI misc on 20190919 2019-09-21 10:50:15 -07:00
fnic scsi: fnic: do not queue commands during fwreset 2020-02-05 21:22:49 +00:00
hisi_sas scsi: hisi_sas: Do not reset phy timer to wait for stray phy up 2020-06-24 17:50:15 +02:00
ibmvscsi scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM 2020-06-24 17:50:19 +02:00
ibmvscsi_tgt
isci
libfc scsi: libfc: If PRLI rejected, move rport to PLOGI state 2020-04-29 16:32:58 +02:00
libsas scsi: libsas: stop discovering if oob mode is disconnected 2020-01-09 10:19:46 +01:00
lpfc scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset() 2020-06-30 15:37:00 -04:00
megaraid scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro 2020-07-22 09:33:13 +02:00
mpt3sas scsi: mpt3sas: Fix error returns in BRM_status_show 2020-07-29 10:18:27 +02:00
mvsas
pcmcia
pm8001 scsi: pm80xx: Fix for SATA device discovery 2020-01-04 19:18:14 +01:00
qedf scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing 2020-06-24 17:50:21 +02:00
qedi scsi: qedi: Do not flush offload work if ARP not resolved 2020-06-24 17:50:20 +02:00
qla2xxx scsi: qla2xxx: Keep initiator ports after RSCN 2020-06-30 15:36:50 -04:00
qla4xxx scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free 2020-02-11 04:35:44 -08:00
smartpqi scsi: smartpqi: fix problem with unique ID for physical device 2020-04-29 16:33:06 +02:00
snic
sym53c8xx_2
ufs scsi: ufs-bsg: Fix runtime PM imbalance on error 2020-06-24 17:50:47 +02:00
.gitignore
3w-9xxx.c
3w-9xxx.h
3w-sas.c
3w-sas.h
3w-xxxx.c
3w-xxxx.h
53c700.c
53c700.h
53c700.scr
53c700_d.h_shipped
BusLogic.c
BusLogic.h
FlashPoint.c
Kconfig scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled 2020-07-22 09:32:57 +02:00
Makefile
NCR5380.c scsi: NCR5380: Add disconnect_mask module parameter 2020-01-04 19:18:16 +01:00
NCR5380.h
a100u2w.c
a100u2w.h
a2091.c
a2091.h
a3000.c
a3000.h
a4000t.c
advansys.c
aha152x.c
aha152x.h
aha1542.c
aha1542.h
aha1740.c
aha1740.h
am53c974.c
atari_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:18:10 +01:00
atp870u.c
atp870u.h
bvme6000_scsi.c
ch.c scsi: ch: Make it possible to open a ch device multiple times again 2019-10-09 23:39:35 -04:00
constants.c
dc395x.c
dc395x.h
dmx3191d.c
dpt_i2o.c
dpti.h
esp_scsi.c
esp_scsi.h
fdomain.c
fdomain.h
fdomain_isa.c
fdomain_pci.c
g_NCR5380.c
gdth.c
gdth.h
gdth_ioctl.h
gdth_proc.c
gdth_proc.h
gvp11.c
gvp11.h
hosts.c
hpsa.c SCSI fixes on 20191025 2019-10-25 20:11:33 -04:00
hpsa.h
hpsa_cmd.h
hptiop.c
hptiop.h
imm.c
imm.h
initio.c
initio.h
ipr.c scsi: ipr: Fix softlockup when rescanning devices in petitboot 2020-04-01 11:01:54 +02:00
ipr.h scsi: ipr: Fix softlockup when rescanning devices in petitboot 2020-04-01 11:01:54 +02:00
ips.c
ips.h
iscsi_boot_sysfs.c scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj 2020-06-24 17:50:37 +02:00
iscsi_tcp.c scsi: iscsi: Don't destroy session if there are outstanding connections 2020-02-24 08:36:50 +01:00
iscsi_tcp.h
jazz_esp.c
lasi700.c
libiscsi.c scsi: iscsi: Fix a potential deadlock in the timeout handler 2019-12-21 11:05:04 +01:00
libiscsi_tcp.c
mac53c94.c
mac53c94.h
mac_esp.c
mac_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:18:10 +01:00
megaraid.c scsi: megaraid: disable device when probe failed after enabled device 2019-09-23 23:09:42 -04:00
megaraid.h
mesh.c
mesh.h
mvme16x_scsi.c
mvme147.c
mvme147.h
mvumi.c
mvumi.h
myrb.c
myrb.h
myrs.c
myrs.h
ncr53c8xx.c
ncr53c8xx.h
nsp32.c
nsp32.h
nsp32_debug.c
nsp32_io.h
pmcraid.c
pmcraid.h
ppa.c
ppa.h
ps3rom.c
qla1280.c
qla1280.h
qlogicfas.c
qlogicfas408.c
qlogicfas408.h
qlogicpti.c
qlogicpti.h
raid_class.c
script_asm.pl
scsi.c
scsi.h
scsi_common.c
scsi_debug.c scsi: scsi_debug: Add check for sdebug_max_queue during module init 2020-08-19 08:16:11 +02:00
scsi_debugfs.c
scsi_debugfs.h
scsi_devinfo.c scsi: dh: Add Fujitsu device to devinfo and dh lists 2020-07-29 10:18:27 +02:00
scsi_dh.c scsi: dh: Add Fujitsu device to devinfo and dh lists 2020-07-29 10:18:27 +02:00
scsi_error.c scsi: core: save/restore command resid for error handling 2019-10-03 21:43:04 -04:00
scsi_ioctl.c
scsi_lib.c scsi: core: Run queue in case of I/O resource contention failure 2020-08-05 09:59:50 +02:00
scsi_lib_dma.c
scsi_logging.c
scsi_logging.h
scsi_netlink.c
scsi_pm.c scsi: pm: Balance pm_only counter of request queue during system resume 2020-06-07 13:18:50 +02:00
scsi_priv.h
scsi_proc.c
scsi_sas_internal.h
scsi_scan.c
scsi_sysctl.c
scsi_sysfs.c scsi: core: try to get module before removing device 2019-10-17 21:57:09 -04:00
scsi_trace.c scsi: core: scsi_trace: Use get_unaligned_be*() 2020-01-23 08:22:59 +01:00
scsi_transport_api.h
scsi_transport_fc.c
scsi_transport_iscsi.c scsi: iscsi: Report unbind session event when the target has been removed 2020-04-29 16:32:59 +02:00
scsi_transport_sas.c scsi: scsi_transport_sas: Fix memory leak when removing devices 2020-01-23 08:22:58 +01:00
scsi_transport_spi.c scsi: scsi_transport_spi: Fix function pointer check 2020-07-29 10:18:26 +02:00
scsi_transport_srp.c
scsicam.c
sd.c scsi: sd: Fix optimal I/O size for devices that change reported values 2020-04-01 11:02:01 +02:00
sd.h
sd_dif.c
sd_zbc.c scsi: sd_zbc: Fix sd_zbc_complete() 2019-11-05 23:17:53 -05:00
sense_codes.h
ses.c
sg.c scsi: sg: add sg_remove_request in sg_write 2020-05-20 08:20:07 +02:00
sgiwd93.c
sim710.c
sni_53c710.c scsi: sni_53c710: fix compilation error 2019-10-09 23:35:42 -04:00
sr.c scsi: sr: Fix sr_probe() missing deallocate of device minor 2020-06-24 17:50:19 +02:00
sr.h
sr_ioctl.c
sr_vendor.c scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled 2020-07-22 09:32:57 +02:00
st.c
st.h
st_options.h
stex.c
storvsc_drv.c scsi: storvsc: Correctly set number of hardware queues for IDE disk 2020-01-23 08:22:38 +01:00
sun3_scsi.c scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE 2020-01-04 19:18:10 +01:00
sun3_scsi_vme.c
sun3x_esp.c
sun_esp.c
virtio_scsi.c scsi: virtio_scsi: unplug LUNs when events missed 2019-09-10 22:10:17 -04:00
vmw_pvscsi.c
vmw_pvscsi.h
wd33c93.c
wd33c93.h
wd719x.c
wd719x.h
xen-scsifront.c
zalon.c
zorro7xx.c
zorro_esp.c scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane) 2020-01-04 19:17:37 +01:00