From: "Matthew R. Ochs" <mrochs@linux.vnet.ibm.com>
To: linux-scsi@vger.kernel.org,
James Bottomley <James.Bottomley@HansenPartnership.com>,
"Nicholas A. Bellinger" <nab@linux-iscsi.org>,
Brian King <brking@linux.vnet.ibm.com>,
Ian Munsie <imunsie@au1.ibm.com>,
Daniel Axtens <dja@ozlabs.au.ibm.com>,
Andrew Donnellan <andrew.donnellan@au1.ibm.com>,
Tomas Henzl <thenzl@redhat.com>,
David Laight <David.Laight@ACULAB.COM>
Cc: Michael Neuling <mikey@neuling.org>,
linuxppc-dev@lists.ozlabs.org,
"Manoj N. Kumar" <manoj@linux.vnet.ibm.com>
Subject: [PATCH v4 18/32] cxlflash: Fix AFU version access/storage and add check
Date: Fri, 25 Sep 2015 18:17:04 -0500 [thread overview]
Message-ID: <1443223024-9618-1-git-send-email-mrochs@linux.vnet.ibm.com> (raw)
In-Reply-To: <1443222593-8828-1-git-send-email-mrochs@linux.vnet.ibm.com>
The AFU version is stored as a non-terminated string of bytes within
a 64-bit little-endian register. Presently the value is read directly
(no MMIO accessor) and is stored in a buffer that is not big enough
to contain a NULL terminator. Additionally the version obtained is not
evaluated against a known value to prevent usage with unsupported AFUs.
All of these deficiencies can lead to a variety of problems.
To remedy, use the correct MMIO accessor to read the version value into
a null-terminated buffer and add a check to prevent an incompatible AFU
from being used with this driver.
Signed-off-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Signed-off-by: Manoj N. Kumar <manoj@linux.vnet.ibm.com>
Reviewed-by: Brian King <brking@linux.vnet.ibm.com>
---
drivers/scsi/cxlflash/common.h | 2 +-
drivers/scsi/cxlflash/main.c | 18 ++++++++++++------
drivers/scsi/cxlflash/sislite.h | 2 +-
3 files changed, 14 insertions(+), 8 deletions(-)
diff --git a/drivers/scsi/cxlflash/common.h b/drivers/scsi/cxlflash/common.h
index faf7f56..3be5754 100644
--- a/drivers/scsi/cxlflash/common.h
+++ b/drivers/scsi/cxlflash/common.h
@@ -179,7 +179,7 @@ struct afu {
u32 cmd_couts; /* Number of command checkouts */
u32 internal_lun; /* User-desired LUN mode for this AFU */
- char version[8];
+ char version[16];
u64 interface_version;
struct cxlflash_cfg *parent; /* Pointer back to parent cxlflash_cfg */
diff --git a/drivers/scsi/cxlflash/main.c b/drivers/scsi/cxlflash/main.c
index d45388f..b6a2584 100644
--- a/drivers/scsi/cxlflash/main.c
+++ b/drivers/scsi/cxlflash/main.c
@@ -1751,14 +1751,20 @@ static int init_afu(struct cxlflash_cfg *cfg)
goto err1;
}
- /* don't byte reverse on reading afu_version, else the string form */
- /* will be backwards */
- reg = afu->afu_map->global.regs.afu_version;
- memcpy(afu->version, ®, 8);
+ /* No byte reverse on reading afu_version or string will be backwards */
+ reg = readq(&afu->afu_map->global.regs.afu_version);
+ memcpy(afu->version, ®, sizeof(reg));
afu->interface_version =
readq_be(&afu->afu_map->global.regs.interface_version);
- pr_debug("%s: afu version %s, interface version 0x%llX\n",
- __func__, afu->version, afu->interface_version);
+ if ((afu->interface_version + 1) == 0) {
+ pr_err("Back level AFU, please upgrade. AFU version %s "
+ "interface version 0x%llx\n", afu->version,
+ afu->interface_version);
+ rc = -EINVAL;
+ goto err1;
+ } else
+ pr_debug("%s: afu version %s, interface version 0x%llX\n",
+ __func__, afu->version, afu->interface_version);
rc = start_afu(cfg);
if (rc) {
diff --git a/drivers/scsi/cxlflash/sislite.h b/drivers/scsi/cxlflash/sislite.h
index 63bf394..8425d1a 100644
--- a/drivers/scsi/cxlflash/sislite.h
+++ b/drivers/scsi/cxlflash/sislite.h
@@ -340,7 +340,7 @@ struct sisl_global_regs {
#define SISL_AFUCONF_MBOX_CLR_READ 0x0010ULL
__be64 afu_config;
__be64 rsvd[0xf8];
- __be64 afu_version;
+ __le64 afu_version;
__be64 interface_version;
};
--
2.1.0
next prev parent reply other threads:[~2015-09-25 23:17 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-25 23:09 [PATCH v4 00/32] cxlflash: Miscellaneous bug fixes and corrections Matthew R. Ochs
2015-09-25 23:12 ` [PATCH v4 01/32] cxlflash: Fix to avoid invalid port_sel value Matthew R. Ochs
2015-09-25 23:12 ` [PATCH v4 02/32] cxlflash: Replace magic numbers with literals Matthew R. Ochs
2015-09-29 5:40 ` Andrew Donnellan
2015-09-25 23:12 ` [PATCH v4 03/32] cxlflash: Fix read capacity timeout Matthew R. Ochs
2015-09-25 23:13 ` [PATCH v4 04/32] cxlflash: Fix potential oops following LUN removal Matthew R. Ochs
2015-09-25 23:13 ` [PATCH v4 05/32] cxlflash: Fix data corruption when vLUN used over multiple cards Matthew R. Ochs
2015-09-25 23:14 ` [PATCH v4 06/32] cxlflash: Fix to avoid sizeof(bool) Matthew R. Ochs
2015-09-28 22:35 ` Daniel Axtens
2015-09-25 23:14 ` [PATCH v4 07/32] cxlflash: Fix context encode mask width Matthew R. Ochs
2015-09-28 22:39 ` Daniel Axtens
2015-09-25 23:14 ` [PATCH v4 08/32] cxlflash: Fix to avoid CXL services during EEH Matthew R. Ochs
2015-09-28 22:07 ` Brian King
2015-09-28 23:05 ` Daniel Axtens
2015-09-29 19:28 ` Matthew R. Ochs
2015-09-25 23:14 ` [PATCH v4 09/32] cxlflash: Correct naming of limbo state and waitq Matthew R. Ochs
2015-09-28 23:09 ` Daniel Axtens
2015-09-25 23:14 ` [PATCH v4 10/32] cxlflash: Make functions static Matthew R. Ochs
2015-09-25 23:14 ` [PATCH v4 11/32] cxlflash: Refine host/device attributes Matthew R. Ochs
2015-09-29 4:29 ` Andrew Donnellan
2015-09-25 23:15 ` [PATCH v4 12/32] cxlflash: Fix to avoid spamming the kernel log Matthew R. Ochs
2015-09-29 5:05 ` Andrew Donnellan
2015-09-29 20:37 ` Matthew R. Ochs
2015-09-25 23:16 ` [PATCH v4 13/32] cxlflash: Fix to avoid stall while waiting on TMF Matthew R. Ochs
2015-09-25 23:16 ` [PATCH v4 14/32] cxlflash: Fix location of setting resid Matthew R. Ochs
2015-09-25 23:16 ` [PATCH v4 15/32] cxlflash: Fix host link up event handling Matthew R. Ochs
2015-09-25 23:16 ` [PATCH v4 16/32] cxlflash: Fix async interrupt bypass logic Matthew R. Ochs
2015-09-25 23:16 ` [PATCH v4 17/32] cxlflash: Remove dual port online dependency Matthew R. Ochs
2015-09-28 23:37 ` Daniel Axtens
2015-09-29 19:38 ` Matthew R. Ochs
2015-09-30 23:50 ` Daniel Axtens
2015-10-01 15:00 ` Matthew R. Ochs
2015-09-25 23:17 ` Matthew R. Ochs [this message]
2015-09-25 23:17 ` [PATCH v4 19/32] cxlflash: Correct usage of scsi_host_put() Matthew R. Ochs
2015-09-25 23:17 ` [PATCH v4 20/32] cxlflash: Fix to prevent workq from accessing freed memory Matthew R. Ochs
2015-09-25 23:17 ` [PATCH v4 21/32] cxlflash: Correct behavior in device reset handler following EEH Matthew R. Ochs
2015-09-25 23:17 ` [PATCH v4 22/32] cxlflash: Remove unnecessary scsi_block_requests Matthew R. Ochs
2015-09-25 23:18 ` [PATCH v4 23/32] cxlflash: Fix function prolog parameters and return codes Matthew R. Ochs
2015-09-29 4:36 ` Andrew Donnellan
2015-09-29 20:31 ` Matthew R. Ochs
2015-09-25 23:18 ` [PATCH v4 24/32] cxlflash: Fix MMIO and endianness errors Matthew R. Ochs
2015-09-29 1:52 ` Andrew Donnellan
2015-09-25 23:18 ` [PATCH v4 25/32] cxlflash: Fix to prevent EEH recovery failure Matthew R. Ochs
2015-09-29 1:25 ` Daniel Axtens
2015-09-29 20:11 ` Matthew R. Ochs
2015-09-30 23:53 ` Daniel Axtens
2015-09-25 23:18 ` [PATCH v4 26/32] cxlflash: Correct spelling, grammar, and alignment mistakes Matthew R. Ochs
2015-09-29 1:18 ` Andrew Donnellan
2015-09-25 23:19 ` [PATCH v4 27/32] cxlflash: Fix to prevent stale AFU RRQ Matthew R. Ochs
2015-09-29 1:36 ` Daniel Axtens
2015-09-29 20:22 ` Matthew R. Ochs
2015-09-30 23:51 ` Daniel Axtens
2015-09-25 23:19 ` [PATCH v4 28/32] MAINTAINERS: Add cxlflash driver Matthew R. Ochs
2015-09-25 23:19 ` [PATCH v4 29/32] cxlflash: Fix to double the delay each time Matthew R. Ochs
2015-09-29 1:19 ` Andrew Donnellan
2015-09-29 1:40 ` Daniel Axtens
2015-09-29 20:28 ` Matthew R. Ochs
2015-09-30 0:08 ` Daniel Axtens
2015-09-25 23:19 ` [PATCH v4 30/32] cxlflash: Fix to avoid corrupting adapter fops Matthew R. Ochs
2015-09-28 22:13 ` Brian King
2015-09-29 0:54 ` Andrew Donnellan
2015-09-30 0:18 ` Daniel Axtens
2015-09-25 23:19 ` [PATCH v4 31/32] cxlflash: Correct trace string Matthew R. Ochs
2015-09-29 1:20 ` Andrew Donnellan
2015-09-25 23:19 ` [PATCH v4 32/32] cxlflash: Fix to avoid potential deadlock on EEH Matthew R. Ochs
2015-09-28 23:41 ` Brian King
2015-09-29 19:40 ` Matthew R. Ochs
2015-09-30 0:33 ` Daniel Axtens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1443223024-9618-1-git-send-email-mrochs@linux.vnet.ibm.com \
--to=mrochs@linux.vnet.ibm.com \
--cc=David.Laight@ACULAB.COM \
--cc=James.Bottomley@HansenPartnership.com \
--cc=andrew.donnellan@au1.ibm.com \
--cc=brking@linux.vnet.ibm.com \
--cc=dja@ozlabs.au.ibm.com \
--cc=imunsie@au1.ibm.com \
--cc=linux-scsi@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=manoj@linux.vnet.ibm.com \
--cc=mikey@neuling.org \
--cc=nab@linux-iscsi.org \
--cc=thenzl@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).