This series has two fixes for FDMI. Attributes length corrected for RHBA. Fixed the wrong condition check in fc_ct_ms_fill_attr().
Kindly apply this series to scsi-queue at your earliest convenience.
Javed Hasan (2): scsi: fc: Corrected RHBA attributes length libfc: Corrected the condition check and invalid argument passed
drivers/scsi/libfc/fc_encode.h | 8 +++++--- include/scsi/fc/fc_ms.h | 4 ++-- 2 files changed, 7 insertions(+), 5 deletions(-)
-As per document of FC-GS-5, attribute lengths of node_name and manufacturer should in range of "4 to 64 Bytes" only.
Fixes: e721eb0616f6 ("scsi: scsi_transport_fc: Match HBA Attribute Length with HBAAPI V2.0 definitions") Signed-off-by: Javed Hasan jhasan@marvell.com Reviewed-by: Himanshu Madhani himanshu.madhani@oracle.com CC: stable@vger.kernel.org --- Changes in v2: - Added stable@vger.kernel.org in cc --- include/scsi/fc/fc_ms.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/scsi/fc/fc_ms.h b/include/scsi/fc/fc_ms.h index 9e273fed0a85..800d53dc9470 100644 --- a/include/scsi/fc/fc_ms.h +++ b/include/scsi/fc/fc_ms.h @@ -63,8 +63,8 @@ enum fc_fdmi_hba_attr_type { * HBA Attribute Length */ #define FC_FDMI_HBA_ATTR_NODENAME_LEN 8 -#define FC_FDMI_HBA_ATTR_MANUFACTURER_LEN 80 -#define FC_FDMI_HBA_ATTR_SERIALNUMBER_LEN 80 +#define FC_FDMI_HBA_ATTR_MANUFACTURER_LEN 64 +#define FC_FDMI_HBA_ATTR_SERIALNUMBER_LEN 64 #define FC_FDMI_HBA_ATTR_MODEL_LEN 256 #define FC_FDMI_HBA_ATTR_MODELDESCR_LEN 256 #define FC_FDMI_HBA_ATTR_HARDWAREVERSION_LEN 256
-In correct condition check was leading to data corruption and so the invalid argument.
Fixes: 8fd9efca86d0 ("scsi: libfc: Work around -Warray-bounds warning") Signed-off-by: Javed Hasan jhasan@marvell.com Reviewed-by: Himanshu Madhani himanshu.madhani@oracle.com CC: stable@vger.kernel.org --- Changes in v2: - Added stable@vger.kernel.org in cc --- drivers/scsi/libfc/fc_encode.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/scsi/libfc/fc_encode.h b/drivers/scsi/libfc/fc_encode.h index 602c97a651bc..9ea4ceadb559 100644 --- a/drivers/scsi/libfc/fc_encode.h +++ b/drivers/scsi/libfc/fc_encode.h @@ -166,9 +166,11 @@ static inline int fc_ct_ns_fill(struct fc_lport *lport, static inline void fc_ct_ms_fill_attr(struct fc_fdmi_attr_entry *entry, const char *in, size_t len) { - int copied = strscpy(entry->value, in, len); - if (copied > 0) - memset(entry->value, copied, len - copied); + int copied; + + copied = strscpy((char *)&entry->value, in, len); + if (copied > 0 && (copied + 1) < len) + memset((entry->value + copied + 1), 0, len - copied - 1); }
/**
On Thu, 3 Jun 2021 03:14:02 -0700, Javed Hasan wrote:
This series has two fixes for FDMI. Attributes length corrected for RHBA. Fixed the wrong condition check in fc_ct_ms_fill_attr().
Kindly apply this series to scsi-queue at your earliest convenience.
Javed Hasan (2): scsi: fc: Corrected RHBA attributes length libfc: Corrected the condition check and invalid argument passed
[...]
Applied to 5.14/scsi-queue, thanks!
[1/2] scsi: fc: Corrected RHBA attributes length https://git.kernel.org/mkp/scsi/c/40445fd2c9fa [2/2] libfc: Corrected the condition check and invalid argument passed https://git.kernel.org/mkp/scsi/c/8f70328c068f
linux-stable-mirror@lists.linaro.org
-
Javed Hasan -
Martin K. Petersen