Unbreak the build for the previous commit against kernel versions
before v5.16.
See also commit 3080ea5553cc ("stddef: Introduce DECLARE_FLEX_ARRAY()
helper") # v5.16.
One-element arrays as fake flex arrays are deprecated and we are moving
towards adopting C99 flexible-array members, instead. So, replace
one-element array declaration in struct ct_sns_gpnft_rsp, which is
ultimately being used inside a union:
drivers/scsi/qla2xxx/qla_def.h:
3240 struct ct_sns_gpnft_pkt {
3241 union {
3242 struct ct_sns_req req;
3243 struct ct_sns_gpnft_rsp rsp;
3244 } p;
3245 };
Refactor the rest of the code, accordingly.
This issue was found with the help of Coccinelle.
Link: https://github.com/KSPP/linux/issues/245
Link: https://github.com/KSPP/linux/issues/193
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/ZH+/rZ1R1cBjIxjS@work
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[ commit 512a365368c7 upstream ]
System crash due to use after free.
Current code allows terminate_rport_io to exit before making
sure all IOs has returned. For FCP-2 device, IO's can hang
on in HW because driver has not tear down the session in FW at
first sign of cable pull. When dev_loss_tmo timer pops,
terminate_rport_io is called and upper layer is about to
free various resources. Terminate_rport_io trigger qla to do
the final cleanup, but the cleanup might not be fast enough where it
leave qla still holding on to the same resource.
Wait for IO's to return to upper layer before resources are freed.
Cc: stable@vger.kernel.org
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Link: https://lore.kernel.org/r/20230428075339.32551-7-njavali@marvell.com
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[ commit fc0cba0c7be8 upstream ]
System crash, where driver is accessing scsi layer's
memory (scsi_cmnd->device->host) to search for a well known internal
pointer (vha). The scsi_cmnd was released back to upper layer which
could be freed, but the driver is still accessing it.
7 [ffffa8e8d2c3f8d0] page_fault at ffffffff86c010fe
[exception RIP: __qla2x00_eh_wait_for_pending_commands+240]
RIP: ffffffffc0642350 RSP: ffffa8e8d2c3f988 RFLAGS: 00010286
RAX: 0000000000000165 RBX: 0000000000000002 RCX: 00000000000036d8
RDX: 0000000000000000 RSI: ffff9c5c56535188 RDI: 0000000000000286
RBP: ffff9c5bf7aa4a58 R8: ffff9c589aecdb70 R9: 00000000000003d1
R10: 0000000000000001 R11: 0000000000380000 R12: ffff9c5c5392bc78
R13: ffff9c57044ff5c0 R14: ffff9c56b5a3aa00 R15: 00000000000006db
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
8 [ffffa8e8d2c3f9c8] qla2x00_eh_wait_for_pending_commands at ffffffffc0646dd5 [qla2xxx]
9 [ffffa8e8d2c3fa00] __qla2x00_async_tm_cmd at ffffffffc0658094 [qla2xxx]
Remove access of freed memory. Currently the driver was checking to see if
scsi_done was called by seeing if the sp->type has changed. Instead,
check to see if the command has left the oustanding_cmds[] array as
sign of scsi_done was called.
Cc: stable@vger.kernel.org
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Link: https://lore.kernel.org/r/20230428075339.32551-6-njavali@marvell.com
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[ commit b843adde8d49 upstream ]
strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NULL-terminated [1].
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
Use sendmsg() conditionally with MSG_SPLICE_PAGES in write_data()
rather than calling sendpage().
Support for the following net layer changes in the Linux kernel v6.5:
- dc97391e6610 ("sock: Remove ->sendpage*() in favour of
sendmsg(MSG_SPLICE_PAGES)")
This patch carries out a refactoring of the sendpage functionality in
the write_data() function:
1. Reorganize the logic used to select the sock_sendpage function.
2. Streamline the data sending loop by reducing conditional branches and
eliminating labels.
3. Adjust the error handling for -EINTR and -EAGAIN to make the code
cleaner and easier to follow.
This patch doesn't change any functionality.
This patch introduces several improvements to the 'write iop loop' in
the write_data() function:
1. Move iop-related variables under the scope of the 'write iop loop'.
2. Eliminate the 'retry' label, use 'continue' instead for simplicity.
3. Remove the redundant 'rest' variable, use just 'res' instead.
This patch doesn't change any functionality.
This patch introduces several improvements to the write_data() function:
1. Remove the redundant 'sendpage' function pointer variable.
2. Update variables related to size to use the size_t type for better
type correctness and safety.
3. Introduce a new variable, 'parent_req', to store the
'write_cmnd->parent_req' pointer and reduce redundant accesses.
4. Fix several checkpatch warnings.
This patch doesn't change any functionality.
Support for the following block layer changes in the Linux kernel v6.5:
- 05bdb9965305 ("block: replace fmode_t with a block-specific type for
block open flags")
- 0718afd47f70 ("block: introduce holder ops")
- 2736e8eeb0cc ("block: use the holder as indication for exclusive opens")
Enable exclusive opening of block devices to prevent concurrent usage.
Additionally, remove the redundant 'holder' argument for
'blkdev_get_by_path()' where exclusive opening isn't utilized.
The prepare_to_wait_exclusive_head() function was modified in
commit d8894cbd11 ("scst.h: Refactor wait_event_locked() to enhance
usability and clarity"). It now returns an error if the current
interruptible thread has pending signals.
This patch introduces the scst_wait_for_cmd() helper function for the
scst_cmd_thread(). This new function handles the return value of the
prepare_to_wait_exclusive_head() appropriately.
This patch fixes the following Coverity complaint:
CID 321410 (#1 of 1): Unchecked return value (CHECKED_RETURN)
check_return: Calling prepare_to_wait_exclusive_head without
checking return value.
The scst_wait_event_interruptible_lock_irq() function now implicitly
checks for pending signals. Therefore, there is no need to check for
these signals explicitly. This patch replaces the explicit check with a
simple evaluation of the function's return value.
This patch doesn't change any functionality.
This patch replaces percpu_ref_kill() with percpu_ref_kill_and_confirm()
to guarantee safe usage of references in atomic mode immediately
afterwards.
This change ensures accurate checking of active commands following the
initial reference killing.
Reported-by: Lev Vainblat <lev@zadarastorage.com>
This patch changes the processing threads to use INTERRUPTIBLE sleep
states in the scst_wait_event_...() functions. This aims to avoid
warnings from the hung task detection checker and to prevent
unnecessary load counting.
Fixes: d8894cbd11 ("scst.h: Refactor wait_event_locked() to enhance usability and clarity")
This patch modifies scst_sync_ext_block_dev() to support INTERRUPTIBLE
waiting and handle signal-induced waiting cancellation. To achieve this,
the waitqueue head is moved from the stack and allocated with the blocker.
Additionally, reference counting and its management are added to the
blocker to handle memory freeing from multiple contexts.
Fixes: https://github.com/SCST-project/scst/issues/164
This patch divides the scst_ext_block_dev() function into two separate
functions to improve code readability and simplify maintenance:
1. scst_sync_ext_block_dev() - This function is for synchronous blocking
and serves as the equivalent of calling the old scst_ext_block_dev()
function with the SCST_EXT_BLOCK_SYNC flag.
2. scst_ext_block_dev() - This function is for asynchronous blocking.
Additionally, the patch introduces the helper function
scst_dev_ext_block() to reduce code duplication between the
scst_sync_ext_block_dev() and scst_ext_block_dev() functions.
This patch doesn't change any functionality.
1. Set the default process state to TASK_UNINTERRUPTIBLE during sleep.
This change is made because our current code does not check whether a
process was interrupted by a signal.
2. Prefix all SCST wait_event-related macros with 'scst_'. This helps to
distinguish SCST-specific macros from those provided by the Linux
kernel itself.
3. Add the capability to return an error code when a process in a
non-TASK_UNINTERRUPTIBLE state is interrupted by a signal.
4. Divide the wait_event_locked function based on each lock type,
resulting in the following new functions: scst_wait_event_lock(),
scst_wait_event_lock_bh(), and scst_wait_event_lock_irq().
Fix the following compiler error:
ERROR: modpost: "scst_dlm_cluster_name" [...] undefined!
The error occurs because the declaration of scst_dlm_cluster_name is
located in the scst_dlm.c file, but it's used in the scst_sysfs.c file.
As a result, when building without DLM, this variable lacks a declaration.
To resolve this, the declaration is moved to the scst_main.c file, and the
variable scst_dlm_cluster_name is renamed to scst_cluster_name.
Fixes: 00f31004ab ("scst_sysfs: Add support for cluster_name")
This patch fixes the following warnings:
/lib/.../scst_cdrom.ko needs unknown symbol scst_obtain_device_parameters
/lib/.../scst_cdrom.ko needs unknown symbol scst_unregister_dev_driver
...
These warnings were caused by an incorrect module installation order:
the SCST module was being installed after the device handler modules
on which they depend. This patch rectifies the issue by altering the
order in which the modules are installed.
Additionally, this patch fixes the missing signatures for the device
handler modules.
This patch fixes the installation process for Linux kernels where the
default value of INSTALL_MOD_DIR differs from `extra`.
For instance, it unbreaks `make rpm` against Fedora's kernels, where
INSTALL_MOD_DIR is set to `updates`.
1. Correct a typo, changing `make release` to `make 2release`.
2. Add information about package-related targets to the help section.
3. Remove `dev_handler` directory during the uninstall process.
4. Eliminate the non-existent `tgt` target from the PHONY targets.
5. Introduce SCST_MOD_DIR and SCST_DH_MOD_DIR as helper variables.
The scstadmin.spec.in file contained a custom Requires line that
generated dependencies based on the full paths of the killall and rm
commands. This approach is unconventional and could cause issues with
dependency resolution.
This patch replaces the custom Requires line with the package names
providing the required commands, namely 'psmisc' for killall and
'coreutils' for rm. This change ensures proper dependency resolution
and adheres to recommended practices for specifying dependencies in
spec files.
Fixes: https://github.com/SCST-project/scst/issues/152
When target mode is enabled, the pci_irq_get_affinity() function may return
a NULL value in qla_mapq_init_qp_cpu_map() due to the qla24xx_enable_msix()
code that handles IRQ settings for target mode. This leads to a crash due
to a NULL pointer dereference.
This patch fixes the issue by adding a check for the NULL value returned by
pci_irq_get_affinity() and introducing a 'cpu_mapped' boolean flag to the
qla_qpair structure, ensuring that the qpair's CPU affinity is updated when
it has not been mapped to a CPU.
Fixes: 1d201c81d4cc ("scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called")
Signed-off-by: Gleb Chesnokov <gleb.chesnokov@scst.dev>
Link: https://lore.kernel.org/r/56b416f2-4e0f-b6cf-d6d5-b7c372e3c6a2@scst.dev
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[ commit d54820b22e40 upstream ]
Fixes: https://github.com/SCST-project/scst/issues/156
Backport the change from a previous commit to kernel versions prior to
v6.0, where commit f26e58bf6f54 ("PCI/AER: Enable error reporting when
AER is native") hasn't been introduced.
pci_enable_pcie_error_reporting() enables the device to send ERR_*
Messages. Since commit f26e58bf6f54 ("PCI/AER: Enable error reporting when
AER is native"), the PCI core does this for all devices during enumeration,
so the driver doesn't need to do it itself.
Remove the redundant pci_enable_pcie_error_reporting() call from the
driver. Also remove the corresponding pci_disable_pcie_error_reporting()
from the driver .remove() path.
Note that this only controls ERR_* Messages from the device. An ERR_*
Message may cause the Root Port to generate an interrupt, depending on the
AER Root Error Command register managed by the AER service driver.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Link: https://lore.kernel.org/r/20230307182842.870378-10-helgaas@kernel.org
Cc: Nilesh Javali <njavali@marvell.com>
Cc: GR-QLogic-Storage-Upstream@marvell.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[ commit c5c440bbff86 upstream ]
