Revision tags: v6.6.25, v6.6.24, v6.6.23, v6.6.16, v6.6.15, v6.6.14, v6.6.13, v6.6.12, v6.6.11, v6.6.10, v6.6.9, v6.6.8, v6.6.7, v6.6.6, v6.6.5, v6.6.4, v6.6.3, v6.6.2, v6.5.11, v6.6.1, v6.5.10, v6.6, v6.5.9, v6.5.8, v6.5.7, v6.5.6, v6.5.5, v6.5.4, v6.5.3, v6.5.2, v6.1.51, v6.5.1 |
|
#
7df0b260 |
| 01-Sep-2023 |
Javed Hasan <jhasan@marvell.com> |
scsi: qedf: Add synchronization between I/O completions and abort
Avoid race condition between I/O completion and abort processing by protecting the cmd_type with the rport lock.
Signed-off-by: Jav
scsi: qedf: Add synchronization between I/O completions and abort
Avoid race condition between I/O completion and abort processing by protecting the cmd_type with the rport lock.
Signed-off-by: Javed Hasan <jhasan@marvell.com> Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Link: https://lore.kernel.org/r/20230901060646.27885-1-skashyap@marvell.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v6.1.50, v6.5, v6.1.49, v6.1.48, v6.1.46, v6.1.45, v6.1.44 |
|
#
ef222f55 |
| 07-Aug-2023 |
Nilesh Javali <njavali@marvell.com> |
scsi: qedf: Fix firmware halt over suspend and resume
While performing certain power-off sequences, PCI drivers are called to suspend and resume their underlying devices through PCI PM (power manage
scsi: qedf: Fix firmware halt over suspend and resume
While performing certain power-off sequences, PCI drivers are called to suspend and resume their underlying devices through PCI PM (power management) interface. However the hardware does not support PCI PM suspend/resume operations so system wide suspend/resume leads to bad MFW (management firmware) state which causes various follow-up errors in driver when communicating with the device/firmware.
To fix this driver implements PCI PM suspend handler to indicate unsupported operation to the PCI subsystem explicitly, thus avoiding system to go into suspended/standby mode.
Fixes: 61d8658b4a43 ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.") Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Link: https://lore.kernel.org/r/20230807093725.46829-1-njavali@marvell.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v6.1.43, v6.1.42, v6.1.41, v6.1.40, v6.1.39, v6.1.38, v6.1.37, v6.1.36, v6.4, v6.1.35, v6.1.34, v6.1.33, v6.1.32, v6.1.31, v6.1.30, v6.1.29, v6.1.28 |
|
#
f025312b |
| 02-May-2023 |
Jinhong Zhu <jinhongzhu@hust.edu.cn> |
scsi: qedf: Fix NULL dereference in error handling
Smatch reported:
drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto?
At this point in the function, nothing
scsi: qedf: Fix NULL dereference in error handling
Smatch reported:
drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto?
At this point in the function, nothing has been allocated so we can return directly. In particular the "qedf->global_queues" have not been allocated so calling qedf_free_global_queues() will lead to a NULL dereference when we check if (!gl[i]) and "gl" is NULL.
Fixes: 61d8658b4a43 ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.") Signed-off-by: Jinhong Zhu <jinhongzhu@hust.edu.cn> Link: https://lore.kernel.org/r/20230502140022.2852-1-jinhongzhu@hust.edu.cn Reviewed-by: Dan Carpenter <error27@gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v6.1.27, v6.1.26, v6.3, v6.1.25, v6.1.24, v6.1.23 |
|
#
7866e03b |
| 30-Mar-2023 |
Tom Rix <trix@redhat.com> |
scsi: qedf: Remove unused 'num_handled' variable
clang with W=1 reports:
drivers/scsi/qedf/qedf_main.c:2227:6: error: variable 'num_handled' set but not used [-Werror,-Wunused-but-set-variable]
scsi: qedf: Remove unused 'num_handled' variable
clang with W=1 reports:
drivers/scsi/qedf/qedf_main.c:2227:6: error: variable 'num_handled' set but not used [-Werror,-Wunused-but-set-variable] int num_handled = 0; ^ This variable is not used so remove it.
Signed-off-by: Tom Rix <trix@redhat.com> Link: https://lore.kernel.org/r/20230330203444.1842425-1-trix@redhat.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v6.1.22 |
|
#
be8532d1 |
| 22-Mar-2023 |
Bart Van Assche <bvanassche@acm.org> |
scsi: qedf: Declare host template const
Make it explicit that the SCSI host template is not modified.
Signed-off-by: Bart Van Assche <bvanassche@acm.org> Link: https://lore.kernel.org/r/20230322195
scsi: qedf: Declare host template const
Make it explicit that the SCSI host template is not modified.
Signed-off-by: Bart Van Assche <bvanassche@acm.org> Link: https://lore.kernel.org/r/20230322195515.1267197-38-bvanassche@acm.org Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v6.1.21, v6.1.20, v6.1.19, v6.1.18, v6.1.17, v6.1.16, v6.1.15, v6.1.14, v6.1.13, v6.2, v6.1.12, v6.1.11, v6.1.10, v6.1.9, v6.1.8, v6.1.7, v6.1.6, v6.1.5, v6.0.19, v6.0.18, v6.1.4, v6.1.3, v6.0.17, v6.1.2, v6.0.16, v6.1.1, v6.0.15, v6.0.14, v6.0.13, v6.1, v6.0.12, v6.0.11, v6.0.10, v5.15.80, v6.0.9, v5.15.79, v6.0.8, v5.15.78, v6.0.7, v5.15.77, v5.15.76, v6.0.6, v6.0.5, v5.15.75, v6.0.4, v6.0.3, v6.0.2, v5.15.74, v5.15.73, v6.0.1 |
|
#
e6f8a22f |
| 09-Oct-2022 |
Jiapeng Chong <jiapeng.chong@linux.alibaba.com> |
scsi: qedf: Remove set but unused variable 'page'
The variable page is not used in the function, so delete it.
Link: https://bugzilla.openanolis.cn/show_bug.cgi?id=2348 Reported-by: Abaci Robot <ab
scsi: qedf: Remove set but unused variable 'page'
The variable page is not used in the function, so delete it.
Link: https://bugzilla.openanolis.cn/show_bug.cgi?id=2348 Reported-by: Abaci Robot <abaci@linux.alibaba.com> Signed-off-by: Jiapeng Chong <jiapeng.chong@linux.alibaba.com> Link: https://lore.kernel.org/r/20221009060249.40178-1-jiapeng.chong@linux.alibaba.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.15.72, v6.0, v5.15.71, v5.15.70, v5.15.69 |
|
#
592642e6 |
| 19-Sep-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Populate sysfs attributes for vport
Few vport parameters were displayed by systool as 'Unknown' or 'NULL'. Copy speed, supported_speed, frame_size and update port_type for NPIV port.
Li
scsi: qedf: Populate sysfs attributes for vport
Few vport parameters were displayed by systool as 'Unknown' or 'NULL'. Copy speed, supported_speed, frame_size and update port_type for NPIV port.
Link: https://lore.kernel.org/r/20220919134434.3513-1-njavali@marvell.com Cc: stable@vger.kernel.org Tested-by: Guangwu Zhang <guazhang@redhat.com> Reviewed-by: John Meneghini <jmeneghi@redhat.com> Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.15.68, v5.15.67, v5.15.66, v5.15.65, v5.15.64, v5.15.63, v5.15.62, v5.15.61, v5.15.60, v5.15.59, v5.19, v5.15.58, v5.15.57, v5.15.56, v5.15.55, v5.15.54, v5.15.53, v5.15.52, v5.15.51, v5.15.50, v5.15.49, v5.15.48, v5.15.47, v5.15.46, v5.15.45, v5.15.44, v5.15.43, v5.15.42, v5.18, v5.15.41, v5.15.40, v5.15.39, v5.15.38, v5.15.37, v5.15.36, v5.15.35, v5.15.34, v5.15.33, v5.15.32, v5.15.31, v5.17, v5.15.30, v5.15.29, v5.15.28, v5.15.27, v5.15.26, v5.15.25, v5.15.24, v5.15.23, v5.15.22, v5.15.21, v5.15.20, v5.15.19, v5.15.18, v5.15.17, v5.4.173, v5.15.16, v5.15.15, v5.16, v5.15.10, v5.15.9, v5.15.8, v5.15.7, v5.15.6, v5.15.5, v5.15.4, v5.15.3, v5.15.2 |
|
#
fbfe9686 |
| 12-Nov-2021 |
Letu Ren <fantasquex@gmail.com> |
scsi: qedf: Fix a UAF bug in __qedf_probe()
In __qedf_probe(), if qedf->cdev is NULL which means qed_ops->common->probe() failed, then the program will goto label err1, and scsi_host_put() will free
scsi: qedf: Fix a UAF bug in __qedf_probe()
In __qedf_probe(), if qedf->cdev is NULL which means qed_ops->common->probe() failed, then the program will goto label err1, and scsi_host_put() will free lport->host pointer. Because the memory qedf points to is allocated by libfc_host_alloc(), it will be freed by scsi_host_put(). However, the if statement below label err0 only checks whether qedf is NULL but doesn't check whether the memory has been freed. So a UAF bug can occur.
There are two ways to reach the statements below err0. The first one is described as before, "qedf" should be set to NULL. The second one is goto "err0" directly. In the latter scenario qedf hasn't been changed and it has the initial value NULL. As a result the if statement is not reachable in any situation.
The KASAN logs are as follows:
[ 2.312969] BUG: KASAN: use-after-free in __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] [ 2.312969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 2.312969] Call Trace: [ 2.312969] dump_stack_lvl+0x59/0x7b [ 2.312969] print_address_description+0x7c/0x3b0 [ 2.312969] ? __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] __kasan_report+0x160/0x1c0 [ 2.312969] ? __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] kasan_report+0x4b/0x70 [ 2.312969] ? kobject_put+0x25d/0x290 [ 2.312969] kasan_check_range+0x2ca/0x310 [ 2.312969] __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] ? selinux_kernfs_init_security+0xdc/0x5f0 [ 2.312969] ? trace_rpm_return_int_rcuidle+0x18/0x120 [ 2.312969] ? rpm_resume+0xa5c/0x16e0 [ 2.312969] ? qedf_get_generic_tlv_data+0x160/0x160 [ 2.312969] local_pci_probe+0x13c/0x1f0 [ 2.312969] pci_device_probe+0x37e/0x6c0
Link: https://lore.kernel.org/r/20211112120641.16073-1-fantasquex@gmail.com Reported-by: Zheyu Ma <zheyuma97@gmail.com> Acked-by: Saurav Kashyap <skashyap@marvell.com> Co-developed-by: Wende Tan <twd2.me@gmail.com> Signed-off-by: Wende Tan <twd2.me@gmail.com> Signed-off-by: Letu Ren <fantasquex@gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
a912460e |
| 06-May-2022 |
Sebastian Andrzej Siewior <bigeasy@linutronix.de> |
scsi: fcoe: Use per-CPU API to update per-CPU statistics
The per-CPU statistics (struct fc_stats) is updated by getting a stable per-CPU pointer via get_cpu() + per_cpu_ptr() and then performing the
scsi: fcoe: Use per-CPU API to update per-CPU statistics
The per-CPU statistics (struct fc_stats) is updated by getting a stable per-CPU pointer via get_cpu() + per_cpu_ptr() and then performing the increment. This can be optimized by using this_cpu_*() which will do whatever is needed on the architecture to perform the update safe and efficient. The read out of the individual value (fc_get_host_stats()) should be done by using READ_ONCE() instead of a plain-C access. The difference is that READ_ONCE() will always perform a single access while the plain-C access can be split by the compiler into two loads if it appears beneficial. The usage of u64 has the side-effect that it is also 64bit wide on 32bit architectures and the read is always split into two loads. The can lead to strange values if the read happens during an update which alters both 32bit parts of the 64bit value. This can be circumvented by either using a 32bit variables on 32bit architecures or extending the statistics with a sequence counter.
Use this_cpu_*() API to update the statistics and READ_ONCE() to read it.
Link: https://lore.kernel.org/r/20220506105758.283887-3-bigeasy@linutronix.de Reviewed-by: Davidlohr Bueso <dave@stgolabs.net> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
505420bd |
| 04-Apr-2022 |
Xiaomeng Tong <xiam0nd.tong@gmail.com> |
scsi: qedf: Remove an unneeded NULL check on list iterator
The list iterator 'fcport' is always non-NULL so it doesn't need to be checked. Thus just remove the unnecessary NULL check. Also remove th
scsi: qedf: Remove an unneeded NULL check on list iterator
The list iterator 'fcport' is always non-NULL so it doesn't need to be checked. Thus just remove the unnecessary NULL check. Also remove the unnecessary initializer because the list iterator is always initialized. And adjust the position of blank lines.
Link: https://lore.kernel.org/r/20220405004055.24312-1-xiam0nd.tong@gmail.com Signed-off-by: Xiaomeng Tong <xiam0nd.tong@gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
a33e7925 |
| 18-Feb-2022 |
Bart Van Assche <bvanassche@acm.org> |
scsi: qedf: Stop using the SCSI pointer
Set .cmd_size in the SCSI host template instead of using the SCSI pointer from struct scsi_cmnd. Remove the CMD_SCSI_STATUS() assignment because the assigned
scsi: qedf: Stop using the SCSI pointer
Set .cmd_size in the SCSI host template instead of using the SCSI pointer from struct scsi_cmnd. Remove the CMD_SCSI_STATUS() assignment because the assigned value is not used.
This patch prepares for removal of the SCSI pointer from struct scsi_cmnd.
Link: https://lore.kernel.org/r/20220218195117.25689-30-bvanassche@acm.org Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Bart Van Assche <bvanassche@acm.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
64fd4af6 |
| 17-Jan-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Change context reset messages to ratelimited
If FCoE is not configured, libfc/libfcoe keeps on retrying FLOGI and after 3 retries driver does a context reset and tries fipvlan again. Th
scsi: qedf: Change context reset messages to ratelimited
If FCoE is not configured, libfc/libfcoe keeps on retrying FLOGI and after 3 retries driver does a context reset and tries fipvlan again. This leads to context reset message flooding the logs. Hence ratelimit the message to prevent flooding the logs.
Link: https://lore.kernel.org/r/20220117135311.6256-4-njavali@marvell.com Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
b70a99fd |
| 17-Jan-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Add stag_work to all the vports
Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work.
WARNING
scsi: qedf: Add stag_work to all the vports
Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work.
WARNING: CPU: 8 PID: 645 at kernel/workqueue.c:1635 __queue_delayed_work+0x68/0x80 CPU: 8 PID: 645 Comm: kworker/8:1 Kdump: loaded Tainted: G IOE --------- -- 4.18.0-348.el8.x86_64 #1 Hardware name: Dell Inc. PowerEdge MX740c/0177V9, BIOS 2.12.2 07/09/2021 Workqueue: events fc_lport_timeout [libfc] RIP: 0010:__queue_delayed_work+0x68/0x80 Code: 89 b2 88 00 00 00 44 89 82 90 00 00 00 48 01 c8 48 89 42 50 41 81 f8 00 20 00 00 75 1d e9 60 24 07 00 44 89 c7 e9 98 f6 ff ff <0f> 0b eb c5 0f 0b eb a1 0f 0b eb a7 0f 0b eb ac 44 89 c6 e9 40 23 RSP: 0018:ffffae514bc3be40 EFLAGS: 00010006 RAX: ffff8d25d6143750 RBX: 0000000000000202 RCX: 0000000000000002 RDX: ffff8d2e31383748 RSI: ffff8d25c000d600 RDI: ffff8d2e31383788 RBP: ffff8d2e31380de0 R08: 0000000000002000 R09: ffff8d2e31383750 R10: ffffffffc0c957e0 R11: ffff8d2624800000 R12: ffff8d2e31380a58 R13: ffff8d2d915eb000 R14: ffff8d25c499b5c0 R15: ffff8d2e31380e18 FS: 0000000000000000(0000) GS:ffff8d2d1fb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055fd0484b8b8 CR3: 00000008ffc10006 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: queue_delayed_work_on+0x36/0x40 qedf_elsct_send+0x57/0x60 [qedf] fc_lport_enter_flogi+0x90/0xc0 [libfc] fc_lport_timeout+0xb7/0x140 [libfc] process_one_work+0x1a7/0x360 ? create_worker+0x1a0/0x1a0 worker_thread+0x30/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x116/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x35/0x40 ---[ end trace 008f00f722f2c2ff ]--
Initialize stag work for all the vports.
Link: https://lore.kernel.org/r/20220117135311.6256-2-njavali@marvell.com Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
#
aa7069d8 |
| 16-Dec-2021 |
Jiasheng Jiang <jiasheng@iscas.ac.cn> |
scsi: qedf: Fix potential dereference of NULL pointer
The return value of dma_alloc_coherent() needs to be checked to avoid use of NULL pointer in case of an allocation failure.
Link: https://lore.
scsi: qedf: Fix potential dereference of NULL pointer
The return value of dma_alloc_coherent() needs to be checked to avoid use of NULL pointer in case of an allocation failure.
Link: https://lore.kernel.org/r/20211216101449.375953-1-jiasheng@iscas.ac.cn Fixes: 61d8658b4a43 ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.") Acked-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.15.1, v5.15, v5.14.14, v5.14.13, v5.14.12 |
|
#
232cb469 |
| 12-Oct-2021 |
Bart Van Assche <bvanassche@acm.org> |
scsi: qedf: Switch to attribute groups
struct device supports attribute groups directly but does not support struct device_attribute directly. Hence switch to attribute groups.
Link: https://lore.k
scsi: qedf: Switch to attribute groups
struct device supports attribute groups directly but does not support struct device_attribute directly. Hence switch to attribute groups.
Link: https://lore.kernel.org/r/20211012233558.4066756-38-bvanassche@acm.org Signed-off-by: Bart Van Assche <bvanassche@acm.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.14.11, v5.14.10 |
|
#
fb09a1ed |
| 04-Oct-2021 |
Shai Malin <smalin@marvell.com> |
qed: Remove e4_ and _e4 from FW HSI
The existing qed/qede/qedr/qedi/qedf code uses chip-specific naming in structures, functions, variables and defines in FW HSI (Hardware Software Interface).
The
qed: Remove e4_ and _e4 from FW HSI
The existing qed/qede/qedr/qedi/qedf code uses chip-specific naming in structures, functions, variables and defines in FW HSI (Hardware Software Interface).
The new FW version introduced a generic naming convention in HSI in-which the same code will be used across different versions for simpler maintainability. It also eases in providing support for new features.
With this patch every "_e4" or "e4_" prefix or suffix is not needed anymore and it will be removed.
Reviewed-by: Manish Rangankar <mrangankar@marvell.com> Reviewed-by: Javed Hasan <jhasan@marvell.com> Signed-off-by: Ariel Elior <aelior@marvell.com> Signed-off-by: Omkar Kulkarni <okulkarni@marvell.com> Signed-off-by: Shai Malin <smalin@marvell.com> Signed-off-by: Prabhakar Kushwaha <pkushwaha@marvell.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v5.14.9, v5.14.8 |
|
#
e6a54d6f |
| 23-Sep-2021 |
Leon Romanovsky <leonro@nvidia.com> |
qed: Don't ignore devlink allocation failures
devlink is a software interface that doesn't depend on any hardware capabilities. The failure in SW means memory issues, wrong parameters, programmer er
qed: Don't ignore devlink allocation failures
devlink is a software interface that doesn't depend on any hardware capabilities. The failure in SW means memory issues, wrong parameters, programmer error e.t.c.
Like any other such interface in the kernel, the returned status of devlink APIs should be checked and propagated further and not ignored.
Fixes: 755f982bb1ff ("qed/qede: make devlink survive recovery") Signed-off-by: Leon Romanovsky <leonro@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
e0b1c16f |
| 19-Sep-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Populate sysfs attributes for vport
commit 592642e6b11e620e4b43189f8072752429fc8dc3 upstream.
Few vport parameters were displayed by systool as 'Unknown' or 'NULL'. Copy speed, supporte
scsi: qedf: Populate sysfs attributes for vport
commit 592642e6b11e620e4b43189f8072752429fc8dc3 upstream.
Few vport parameters were displayed by systool as 'Unknown' or 'NULL'. Copy speed, supported_speed, frame_size and update port_type for NPIV port.
Link: https://lore.kernel.org/r/20220919134434.3513-1-njavali@marvell.com Cc: stable@vger.kernel.org Tested-by: Guangwu Zhang <guazhang@redhat.com> Reviewed-by: John Meneghini <jmeneghi@redhat.com> Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
show more ...
|
#
1030659d |
| 12-Nov-2021 |
Letu Ren <fantasquex@gmail.com> |
scsi: qedf: Fix a UAF bug in __qedf_probe()
[ Upstream commit fbfe96869b782364caebae0445763969ddb6ea67 ]
In __qedf_probe(), if qedf->cdev is NULL which means qed_ops->common->probe() failed, then t
scsi: qedf: Fix a UAF bug in __qedf_probe()
[ Upstream commit fbfe96869b782364caebae0445763969ddb6ea67 ]
In __qedf_probe(), if qedf->cdev is NULL which means qed_ops->common->probe() failed, then the program will goto label err1, and scsi_host_put() will free lport->host pointer. Because the memory qedf points to is allocated by libfc_host_alloc(), it will be freed by scsi_host_put(). However, the if statement below label err0 only checks whether qedf is NULL but doesn't check whether the memory has been freed. So a UAF bug can occur.
There are two ways to reach the statements below err0. The first one is described as before, "qedf" should be set to NULL. The second one is goto "err0" directly. In the latter scenario qedf hasn't been changed and it has the initial value NULL. As a result the if statement is not reachable in any situation.
The KASAN logs are as follows:
[ 2.312969] BUG: KASAN: use-after-free in __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] [ 2.312969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 2.312969] Call Trace: [ 2.312969] dump_stack_lvl+0x59/0x7b [ 2.312969] print_address_description+0x7c/0x3b0 [ 2.312969] ? __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] __kasan_report+0x160/0x1c0 [ 2.312969] ? __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] kasan_report+0x4b/0x70 [ 2.312969] ? kobject_put+0x25d/0x290 [ 2.312969] kasan_check_range+0x2ca/0x310 [ 2.312969] __qedf_probe+0x5dcf/0x6bc0 [ 2.312969] ? selinux_kernfs_init_security+0xdc/0x5f0 [ 2.312969] ? trace_rpm_return_int_rcuidle+0x18/0x120 [ 2.312969] ? rpm_resume+0xa5c/0x16e0 [ 2.312969] ? qedf_get_generic_tlv_data+0x160/0x160 [ 2.312969] local_pci_probe+0x13c/0x1f0 [ 2.312969] pci_device_probe+0x37e/0x6c0
Link: https://lore.kernel.org/r/20211112120641.16073-1-fantasquex@gmail.com Reported-by: Zheyu Ma <zheyuma97@gmail.com> Acked-by: Saurav Kashyap <skashyap@marvell.com> Co-developed-by: Wende Tan <twd2.me@gmail.com> Signed-off-by: Wende Tan <twd2.me@gmail.com> Signed-off-by: Letu Ren <fantasquex@gmail.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
show more ...
|
#
1c22df15 |
| 17-Jan-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Change context reset messages to ratelimited
[ Upstream commit 64fd4af6274eb0f49d29772c228fffcf6bde1635 ]
If FCoE is not configured, libfc/libfcoe keeps on retrying FLOGI and after 3 re
scsi: qedf: Change context reset messages to ratelimited
[ Upstream commit 64fd4af6274eb0f49d29772c228fffcf6bde1635 ]
If FCoE is not configured, libfc/libfcoe keeps on retrying FLOGI and after 3 retries driver does a context reset and tries fipvlan again. This leads to context reset message flooding the logs. Hence ratelimit the message to prevent flooding the logs.
Link: https://lore.kernel.org/r/20220117135311.6256-4-njavali@marvell.com Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
show more ...
|
#
1f53bbf2 |
| 17-Jan-2022 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Add stag_work to all the vports
[ Upstream commit b70a99fd13282d7885f69bf1372e28b7506a1613 ]
Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not i
scsi: qedf: Add stag_work to all the vports
[ Upstream commit b70a99fd13282d7885f69bf1372e28b7506a1613 ]
Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work.
WARNING: CPU: 8 PID: 645 at kernel/workqueue.c:1635 __queue_delayed_work+0x68/0x80 CPU: 8 PID: 645 Comm: kworker/8:1 Kdump: loaded Tainted: G IOE --------- -- 4.18.0-348.el8.x86_64 #1 Hardware name: Dell Inc. PowerEdge MX740c/0177V9, BIOS 2.12.2 07/09/2021 Workqueue: events fc_lport_timeout [libfc] RIP: 0010:__queue_delayed_work+0x68/0x80 Code: 89 b2 88 00 00 00 44 89 82 90 00 00 00 48 01 c8 48 89 42 50 41 81 f8 00 20 00 00 75 1d e9 60 24 07 00 44 89 c7 e9 98 f6 ff ff <0f> 0b eb c5 0f 0b eb a1 0f 0b eb a7 0f 0b eb ac 44 89 c6 e9 40 23 RSP: 0018:ffffae514bc3be40 EFLAGS: 00010006 RAX: ffff8d25d6143750 RBX: 0000000000000202 RCX: 0000000000000002 RDX: ffff8d2e31383748 RSI: ffff8d25c000d600 RDI: ffff8d2e31383788 RBP: ffff8d2e31380de0 R08: 0000000000002000 R09: ffff8d2e31383750 R10: ffffffffc0c957e0 R11: ffff8d2624800000 R12: ffff8d2e31380a58 R13: ffff8d2d915eb000 R14: ffff8d25c499b5c0 R15: ffff8d2e31380e18 FS: 0000000000000000(0000) GS:ffff8d2d1fb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055fd0484b8b8 CR3: 00000008ffc10006 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: queue_delayed_work_on+0x36/0x40 qedf_elsct_send+0x57/0x60 [qedf] fc_lport_enter_flogi+0x90/0xc0 [libfc] fc_lport_timeout+0xb7/0x140 [libfc] process_one_work+0x1a7/0x360 ? create_worker+0x1a0/0x1a0 worker_thread+0x30/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x116/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x35/0x40 ---[ end trace 008f00f722f2c2ff ]--
Initialize stag work for all the vports.
Link: https://lore.kernel.org/r/20220117135311.6256-2-njavali@marvell.com Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Nilesh Javali <njavali@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
show more ...
|
#
9fcd75ee |
| 23-Sep-2021 |
Leon Romanovsky <leonro@nvidia.com> |
qed: Don't ignore devlink allocation failures
[ Upstream commit e6a54d6f221301347aaf9d83bb1f23129325c1c5 ]
devlink is a software interface that doesn't depend on any hardware capabilities. The fail
qed: Don't ignore devlink allocation failures
[ Upstream commit e6a54d6f221301347aaf9d83bb1f23129325c1c5 ]
devlink is a software interface that doesn't depend on any hardware capabilities. The failure in SW means memory issues, wrong parameters, programmer error e.t.c.
Like any other such interface in the kernel, the returned status of devlink APIs should be checked and propagated further and not ignored.
Fixes: 755f982bb1ff ("qed/qede: make devlink survive recovery") Signed-off-by: Leon Romanovsky <leonro@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sashal@kernel.org>
show more ...
|
Revision tags: v5.14.7, v5.14.6, v5.10.67, v5.10.66, v5.14.5, v5.14.4, v5.10.65, v5.14.3, v5.10.64, v5.14.2, v5.10.63, v5.14.1, v5.10.62, v5.14, v5.10.61, v5.10.60 |
|
#
ccc89737 |
| 10-Aug-2021 |
Dan Carpenter <dan.carpenter@oracle.com> |
scsi: qedf: Fix error codes in qedf_alloc_global_queues()
This driver has some left over "return 1" on failure style code mixed with "return negative error codes" style code. The caller doesn't car
scsi: qedf: Fix error codes in qedf_alloc_global_queues()
This driver has some left over "return 1" on failure style code mixed with "return negative error codes" style code. The caller doesn't care so we should just convert everything to return negative error codes.
Then there was a problem that there were two variables used to store error codes which just resulted in confusion. If qedf_alloc_bdq() returned a negative error code, we accidentally returned success instead of propagating the error code. So get rid of the "rc" variable and use "status" every where.
Also remove the "status = 0" initialization so that these sorts of bugs will be detected by the compiler in the future.
Link: https://lore.kernel.org/r/20210810085023.GA23998@kili Fixes: 61d8658b4a43 ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.") Acked-by: Manish Rangankar <mrangankar@marvell.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.10.53, v5.10.52, v5.10.51, v5.10.50, v5.10.49, v5.13, v5.10.46, v5.10.43 |
|
#
adb98ec7 |
| 03-Jun-2021 |
Javed Hasan <jhasan@marvell.com> |
scsi: qedf: Add vendor identifier attribute
Link: https://lore.kernel.org/r/20210603121623.10084-3-jhasan@marvell.com Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com> Signed-off-by: Javed
scsi: qedf: Add vendor identifier attribute
Link: https://lore.kernel.org/r/20210603121623.10084-3-jhasan@marvell.com Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com> Signed-off-by: Javed Hasan <jhasan@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|
Revision tags: v5.10.42 |
|
#
1b67f3d7 |
| 02-Jun-2021 |
Saurav Kashyap <skashyap@marvell.com> |
scsi: qedf: Update the max_id value in host structure
host->max_id defines the maximum target id that the SCSI midlayer will attempt to manually scan. The default is 8. Update the value to the max s
scsi: qedf: Update the max_id value in host structure
host->max_id defines the maximum target id that the SCSI midlayer will attempt to manually scan. The default is 8. Update the value to the max sessions the driver supports.
[mkp: applied by hand]
Link: https://lore.kernel.org/r/20210602104653.17278-1-jhasan@marvell.com Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com> Signed-off-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Javed Hasan <jhasan@marvell.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
show more ...
|