Re: [PATCH] scsi: qla2xxx avoid a panic due to BUG() if a WRITE_SAME command is sent to a device that has no protection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Laurence,

> On Jun 28, 2023, at 4:34 AM, Laurence Oberman <loberman@xxxxxxxxxx> wrote:
> 
> In the current code, If a device does not have protection, qla2xx will
> land up defaulting to a BUG() and will panic the system when
> sg_write_same is sent.This is because SCSI_PROT_NORMAL is matched and
> falls through to the BUG() call.
> The write_same command to a device without protection is not handled
> safely.
> 
> Fix this by making two changes:
> Set the bundling variable also to 0 for SCSI_PROT_NORMAL
> Modify the switch statement to match on SCSI_PROT_NORMAL and handle it
> appropriately removing the call to BUG()
> 

This should go to stable kernel as well. 

Cc: stable@xxxxxxxxxxxxxxx <mailto:stable@xxxxxxxxxxxxxxx>

> Supersedes prior suggested patch.
> 
> Suggested-by: David Jeffery <djeffery@xxxxxxxxxx>
> Tested-by: Laurence Oberman <loberman@xxxxxxxxxx>
> Signed-off-by: Laurence Oberman <loberman@xxxxxxxxxx>
> ---
> drivers/scsi/qla2xxx/qla_iocb.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/scsi/qla2xxx/qla_iocb.c
> b/drivers/scsi/qla2xxx/qla_iocb.c
> index b9b3e6f80ea9..82a5d195e401 100644
> --- a/drivers/scsi/qla2xxx/qla_iocb.c
> +++ b/drivers/scsi/qla2xxx/qla_iocb.c
> @@ -1381,7 +1381,8 @@ qla24xx_build_scsi_crc_2_iocbs(srb_t *sp, struct
> cmd_type_crc_2 *cmd_pkt,
> if ((scsi_get_prot_op(cmd) == SCSI_PROT_READ_INSERT) ||
>    (scsi_get_prot_op(cmd) == SCSI_PROT_WRITE_STRIP) ||
>    (scsi_get_prot_op(cmd) == SCSI_PROT_READ_STRIP) ||
> -    (scsi_get_prot_op(cmd) == SCSI_PROT_WRITE_INSERT))
> +    (scsi_get_prot_op(cmd) == SCSI_PROT_WRITE_INSERT) ||
> +    (scsi_get_prot_op(cmd) == SCSI_PROT_NORMAL))
> bundling = 0;
> 
> /* Allocate CRC context from global pool */
> @@ -1443,6 +1444,9 @@ qla24xx_build_scsi_crc_2_iocbs(srb_t *sp, struct
> cmd_type_crc_2 *cmd_pkt,
> dif_bytes = (data_bytes / blk_size) * 8;
> 
> switch (scsi_get_prot_op(GET_CMD_SP(sp))) {
> + case SCSI_PROT_NORMAL:
> + total_bytes = data_bytes;
> + break;
> case SCSI_PROT_READ_INSERT:
> case SCSI_PROT_WRITE_STRIP:
> total_bytes = data_bytes;
> -- 
> 2.39.3

The change itself looks good. 

Reviewed-by: Himanshu Madhani <himanshu.madhani@xxxxxxxxxx <mailto:himanshu.madhani@xxxxxxxxxx>>

-- 
Himanshu Madhani Oracle Linux Engineering
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux