<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/drivers/scsi/aacraid, branch v4.9</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi</title>
<updated>2016-10-07T16:28:53+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2016-10-07T16:28:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4dfddf503670d8def0fddb497e628130fc4522a8'/>
<id>4dfddf503670d8def0fddb497e628130fc4522a8</id>
<content type='text'>
Pull SCSI updates from James Bottomley:
 "This update includes the usual round of major driver updates (hpsa,
  be2iscsi, hisi_sas, zfcp, cxlflash). There's a new incarnation of hpsa
  called smartpqi for which a driver is added, there's some cleanup work
  of the ibm vscsi target and updates to libfc, plus a whole host of
  minor fixes and updates and finally the removal of several ISA drivers
  which seem not to have been used for years"

* tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (173 commits)
  scsi: mvsas: Mark symbols static where possible
  scsi: pm8001: Mark symbols static where possible
  scsi: arcmsr: Simplify user_len checking
  scsi: fcoe: fix off by one in eth2fc_speed()
  scsi: dtc: remove from tree
  scsi: t128: remove from tree
  scsi: pas16: remove from tree
  scsi: u14-34f: remove from tree
  scsi: ultrastor: remove from tree
  scsi: in2000: remove from tree
  scsi: wd7000: remove from tree
  scsi: scsi_dh_alua: Fix memory leak in alua_rtpg()
  scsi: lpfc: Mark symbols static where possible
  scsi: hpsa: correct call to hpsa_do_reset
  scsi: ufs: Get a TM service response from the correct offset
  scsi: ibmvfc: Fix I/O hang when port is not mapped
  scsi: megaraid_sas: clean function declarations in megaraid_sas_base.c up
  scsi: ipr: Remove redundant messages at adapter init time
  scsi: ipr: Don't log unnecessary 9084 error details
  scsi: smartpqi: raid bypass lba calculation fix
  ...
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull SCSI updates from James Bottomley:
 "This update includes the usual round of major driver updates (hpsa,
  be2iscsi, hisi_sas, zfcp, cxlflash). There's a new incarnation of hpsa
  called smartpqi for which a driver is added, there's some cleanup work
  of the ibm vscsi target and updates to libfc, plus a whole host of
  minor fixes and updates and finally the removal of several ISA drivers
  which seem not to have been used for years"

* tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (173 commits)
  scsi: mvsas: Mark symbols static where possible
  scsi: pm8001: Mark symbols static where possible
  scsi: arcmsr: Simplify user_len checking
  scsi: fcoe: fix off by one in eth2fc_speed()
  scsi: dtc: remove from tree
  scsi: t128: remove from tree
  scsi: pas16: remove from tree
  scsi: u14-34f: remove from tree
  scsi: ultrastor: remove from tree
  scsi: in2000: remove from tree
  scsi: wd7000: remove from tree
  scsi: scsi_dh_alua: Fix memory leak in alua_rtpg()
  scsi: lpfc: Mark symbols static where possible
  scsi: hpsa: correct call to hpsa_do_reset
  scsi: ufs: Get a TM service response from the correct offset
  scsi: ibmvfc: Fix I/O hang when port is not mapped
  scsi: megaraid_sas: clean function declarations in megaraid_sas_base.c up
  scsi: ipr: Remove redundant messages at adapter init time
  scsi: ipr: Don't log unnecessary 9084 error details
  scsi: smartpqi: raid bypass lba calculation fix
  ...
</pre>
</div>
</content>
</entry>
<entry>
<title>scsi: aacraid: mark aac_src_select_comm() static</title>
<updated>2016-09-09T11:08:38+00:00</updated>
<author>
<name>Baoyou Xie</name>
<email>baoyou.xie@linaro.org</email>
</author>
<published>2016-09-04T06:47:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a44199eee7fdd2791b39da88938e6de6f5058632'/>
<id>a44199eee7fdd2791b39da88938e6de6f5058632</id>
<content type='text'>
We get 1 warning when building kernel with W=1:
drivers/scsi/aacraid/src.c:616:5: warning: no previous prototype for 'aac_src_select_comm' [-Wmissing-prototypes]

In fact, this function is only used in the file in which it is declared
and don't need a declaration, but can be made static.  so this patch
marks this function with 'static'.

Signed-off-by: Baoyou Xie &lt;baoyou.xie@linaro.org&gt;
Acked-by: Arnd Bergmann &lt;arnd@arndb.de&gt;
Acked-by: Dave Carroll &lt;david.carroll@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
We get 1 warning when building kernel with W=1:
drivers/scsi/aacraid/src.c:616:5: warning: no previous prototype for 'aac_src_select_comm' [-Wmissing-prototypes]

In fact, this function is only used in the file in which it is declared
and don't need a declaration, but can be made static.  so this patch
marks this function with 'static'.

Signed-off-by: Baoyou Xie &lt;baoyou.xie@linaro.org&gt;
Acked-by: Arnd Bergmann &lt;arnd@arndb.de&gt;
Acked-by: Dave Carroll &lt;david.carroll@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Check size values after double-fetch from user</title>
<updated>2016-08-09T01:34:02+00:00</updated>
<author>
<name>Dave Carroll</name>
<email>david.carroll@microsemi.com</email>
</author>
<published>2016-08-05T19:44:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3'/>
<id>fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3</id>
<content type='text'>
In aacraid's ioctl_send_fib() we do two fetches from userspace, one the
get the fib header's size and one for the fib itself. Later we use the
size field from the second fetch to further process the fib. If for some
reason the size from the second fetch is different than from the first
fix, we may encounter an out-of- bounds access in aac_fib_send(). We
also check the sender size to insure it is not out of bounds. This was
reported in https://bugzilla.kernel.org/show_bug.cgi?id=116751 and was
assigned CVE-2016-6480.

Reported-by: Pengfei Wang &lt;wpengfeinudt@gmail.com&gt;
Fixes: 7c00ffa31 '[SCSI] 2.6 aacraid: Variable FIB size (updated patch)'
Cc: stable@vger.kernel.org
Signed-off-by: Dave Carroll &lt;david.carroll@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In aacraid's ioctl_send_fib() we do two fetches from userspace, one the
get the fib header's size and one for the fib itself. Later we use the
size field from the second fetch to further process the fib. If for some
reason the size from the second fetch is different than from the first
fix, we may encounter an out-of- bounds access in aac_fib_send(). We
also check the sender size to insure it is not out of bounds. This was
reported in https://bugzilla.kernel.org/show_bug.cgi?id=116751 and was
assigned CVE-2016-6480.

Reported-by: Pengfei Wang &lt;wpengfeinudt@gmail.com&gt;
Fixes: 7c00ffa31 '[SCSI] 2.6 aacraid: Variable FIB size (updated patch)'
Cc: stable@vger.kernel.org
Signed-off-by: Dave Carroll &lt;david.carroll@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: use kmemdup</title>
<updated>2016-07-13T03:16:31+00:00</updated>
<author>
<name>Muhammad Falak R Wani</name>
<email>falakreyaz@gmail.com</email>
</author>
<published>2016-05-19T14:08:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=22e9f5a61666ed1145a09fbe49ac1a6f2ae7be8e'/>
<id>22e9f5a61666ed1145a09fbe49ac1a6f2ae7be8e</id>
<content type='text'>
Use kmemdup when some other buffer is immediately copied into allocated
region. It replaces call to allocation followed by memcpy, by a single
call to kmemdup.

Signed-off-by: Muhammad Falak R Wani &lt;falakreyaz@gmail.com&gt;
Reviewed-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Use kmemdup when some other buffer is immediately copied into allocated
region. It replaces call to allocation followed by memcpy, by a single
call to kmemdup.

Signed-off-by: Muhammad Falak R Wani &lt;falakreyaz@gmail.com&gt;
Reviewed-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: do not activate events on non-SRC adapters</title>
<updated>2016-05-22T18:53:07+00:00</updated>
<author>
<name>Hannes Reinecke</name>
<email>hare@suse.de</email>
</author>
<published>2016-05-18T08:16:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=787ab6e97024926f38773287d9f98a9b330bce23'/>
<id>787ab6e97024926f38773287d9f98a9b330bce23</id>
<content type='text'>
Only SRC-based adapters support the AifReqEvent function, so there is no
point in trying to activate it on older, non-SRC based adapters.  Doing
so lead to crashes on older adapters.

Signed-off-by: Hannes Reinecke &lt;hare@suse.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.com&gt;
Reviewed-by: Raghava Aditya Renukunta &lt;RaghavaAaditya.Renukunta@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Only SRC-based adapters support the AifReqEvent function, so there is no
point in trying to activate it on older, non-SRC based adapters.  Doing
so lead to crashes on older adapters.

Signed-off-by: Hannes Reinecke &lt;hare@suse.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.com&gt;
Reviewed-by: Raghava Aditya Renukunta &lt;RaghavaAaditya.Renukunta@microsemi.com&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Update driver version</title>
<updated>2016-04-29T23:08:24+00:00</updated>
<author>
<name>Raghava Aditya Renukunta</name>
<email>RaghavaAditya.Renukunta@microsemi.com</email>
</author>
<published>2016-04-26T06:32:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=139112fb34db6361082b992d7b5fbb9d223c2c33'/>
<id>139112fb34db6361082b992d7b5fbb9d223c2c33</id>
<content type='text'>
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Fix for KDUMP driver hang</title>
<updated>2016-04-29T23:08:24+00:00</updated>
<author>
<name>Raghava Aditya Renukunta</name>
<email>RaghavaAditya.Renukunta@microsemi.com</email>
</author>
<published>2016-04-26T06:32:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=78cbccd3bd683c295a44af8050797dc4a41376ff'/>
<id>78cbccd3bd683c295a44af8050797dc4a41376ff</id>
<content type='text'>
When KDUMP is triggered the driver first talks to the firmware in INTX
mode, but the adapter firmware is still in MSIX mode. Therefore the first
driver command hangs since the driver is waiting for an INTX response and
firmware gives a MSIX response. If when the OS is installed on a RAID
drive created by the adapter KDUMP will hang since the driver does not
receive a response in sync mode.

Fixed by: Change the firmware to INTX mode if it is in MSIX mode before
sending the first sync command.

Cc: stable@vger.kernel.org
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When KDUMP is triggered the driver first talks to the firmware in INTX
mode, but the adapter firmware is still in MSIX mode. Therefore the first
driver command hangs since the driver is waiting for an INTX response and
firmware gives a MSIX response. If when the OS is installed on a RAID
drive created by the adapter KDUMP will hang since the driver does not
receive a response in sync mode.

Fixed by: Change the firmware to INTX mode if it is in MSIX mode before
sending the first sync command.

Cc: stable@vger.kernel.org
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Remove code to needlessly complete fib</title>
<updated>2016-04-29T23:08:24+00:00</updated>
<author>
<name>Raghava Aditya Renukunta</name>
<email>RaghavaAditya.Renukunta@microsemi.com</email>
</author>
<published>2016-04-26T06:32:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=eef76f16295d34d7fab6994b82dda60ce002f91d'/>
<id>eef76f16295d34d7fab6994b82dda60ce002f91d</id>
<content type='text'>
Currently driver completes double completed or spurious interrupted fibs.
This  is not necessary and causes the SCSI mid layer to issue aborts and
resets, since completing a fib  prematurely might trigger a race condition
resulting in the driver not calling the scsi_done callback.

Fixed by removing the call to fib complete.

Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently driver completes double completed or spurious interrupted fibs.
This  is not necessary and causes the SCSI mid layer to issue aborts and
resets, since completing a fib  prematurely might trigger a race condition
resulting in the driver not calling the scsi_done callback.

Fixed by removing the call to fib complete.

Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Log firmware AIF messages</title>
<updated>2016-04-29T23:08:24+00:00</updated>
<author>
<name>Raghava Aditya Renukunta</name>
<email>RaghavaAditya.Renukunta@microsemi.com</email>
</author>
<published>2016-04-26T06:32:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=9cb62fa24e0d22dbe991c315d6c454a341ea3f76'/>
<id>9cb62fa24e0d22dbe991c315d6c454a341ea3f76</id>
<content type='text'>
Firmware AIF messages about cache loss and data recovery are being missed
by the driver since currently they are not captured but rather let go.
This patch to capture those messages and log them for the user.

Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Firmware AIF messages about cache loss and data recovery are being missed
by the driver since currently they are not captured but rather let go.
This patch to capture those messages and log them for the user.

Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>aacraid: Fix for aac_command_thread hang</title>
<updated>2016-04-29T23:08:24+00:00</updated>
<author>
<name>Raghava Aditya Renukunta</name>
<email>RaghavaAditya.Renukunta@microsemi.com</email>
</author>
<published>2016-04-26T06:31:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fc4bf75ea300a5e62a2419f89dd0e22189dd7ab7'/>
<id>fc4bf75ea300a5e62a2419f89dd0e22189dd7ab7</id>
<content type='text'>
Typically under error conditions, it is possible for aac_command_thread()
to miss the wakeup from kthread_stop() and go back to sleep, causing it
to hang aac_shutdown.

In the observed scenario, the adapter is not functioning correctly and so
aac_fib_send() never completes (or time-outs depending on how it was
called). Shortly after aac_command_thread() starts it performs
aac_fib_send(SendHostTime) which hangs. When aac_probe_one
/aac_get_adapter_info send time outs, kthread_stop is called which breaks
the command thread out of it's hang.

The code will still go back to sleep in schedule_timeout() without
checking kthread_should_stop() so it causes aac_probe_one to hang until
the schedule_timeout() which is 30 minutes.

Fixed by: Adding another kthread_should_stop() before schedule_timeout()
Cc: stable@vger.kernel.org
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Typically under error conditions, it is possible for aac_command_thread()
to miss the wakeup from kthread_stop() and go back to sleep, causing it
to hang aac_shutdown.

In the observed scenario, the adapter is not functioning correctly and so
aac_fib_send() never completes (or time-outs depending on how it was
called). Shortly after aac_command_thread() starts it performs
aac_fib_send(SendHostTime) which hangs. When aac_probe_one
/aac_get_adapter_info send time outs, kthread_stop is called which breaks
the command thread out of it's hang.

The code will still go back to sleep in schedule_timeout() without
checking kthread_should_stop() so it causes aac_probe_one to hang until
the schedule_timeout() which is 30 minutes.

Fixed by: Adding another kthread_should_stop() before schedule_timeout()
Cc: stable@vger.kernel.org
Signed-off-by: Raghava Aditya Renukunta &lt;RaghavaAditya.Renukunta@microsemi.com&gt;
Reviewed-by: Johannes Thumshirn &lt;jthumshirn@suse.de&gt;
Signed-off-by: Martin K. Petersen &lt;martin.petersen@oracle.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
