On 06/30/2017 10:30 AM, Shivasharan S wrote:
> An application sending out of range AEN class code for
> registration, will result in kernel panic in MR driver.
>
> Signed-off-by: Kashyap Desai <kashyap.desai@xxxxxxxxxxxx>
> Signed-off-by: Shivasharan S <shivasharan.srikanteshwara@xxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> ---
> drivers/scsi/megaraid/megaraid_sas_base.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c
> index 3c50a7b..e490272 100644
> --- a/drivers/scsi/megaraid/megaraid_sas_base.c
> +++ b/drivers/scsi/megaraid/megaraid_sas_base.c
> @@ -5650,6 +5650,14 @@ megasas_register_aen(struct megasas_instance *instance, u32 seq_num,
> prev_aen.word =
> le32_to_cpu(instance->aen_cmd->frame->dcmd.mbox.w[1]);
>
> + if ((curr_aen.members.class < MFI_EVT_CLASS_DEBUG) ||
> + (curr_aen.members.class > MFI_EVT_CLASS_DEAD)) {
> + dev_info(&instance->pdev->dev,
> + "%s %d out of range class %d send by application\n",
> + __func__, __LINE__, curr_aen.members.class);
> + return 0;
> + }
> +
> /*
> * A class whose enum value is smaller is inclusive of all
> * higher values. If a PROGRESS (= -1) was previously
>
Reviewed-by: Hannes Reinecke <hare@xxxxxxxx>
Cheers,
Hannes
--
Dr. Hannes Reinecke Teamlead Storage & Networking
hare@xxxxxxx +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton
HRB 21284 (AG Nürnberg)
