| Message ID | 20210104234137.438275-1-arnd@kernel.org (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression | expand |
On Tue, Jan 05, 2021 at 12:41:04AM +0100, Arnd Bergmann wrote: > Phil Oester reported that a fix for a possible buffer overrun that I > sent caused a regression that manifests in this output: > > Event Message: A PCI parity error was detected on a component at bus 0 device 5 function 0. > Severity: Critical > Message ID: PCI1308 > > The original code tried to handle the sense data pointer differently > when using 32-bit 64-bit DMA addressing, which would lead to a 32-bit > dma_addr_t value of 0x11223344 to get stored > > 32-bit kernel: 44 33 22 11 ?? ?? ?? ?? > 64-bit LE kernel: 44 33 22 11 00 00 00 00 > 64-bit BE kernel: 00 00 00 00 44 33 22 11 > > or a 64-bit dma_addr_t value of 0x1122334455667788 to get stored as > > 32-bit kernel: 88 77 66 55 ?? ?? ?? ?? > 64-bit kernel: 88 77 66 55 44 33 22 11 > > In my patch, I tried to ensure that the same value is used on both > 32-bit and 64-bit kernels, and picked what seemed to be the most sensible > combination, storing 32-bit addresses in the first four bytes (as 32-bit > kernels already did), and 64-bit addresses in eight consecutive bytes > (as 64-bit kernels already did), but evidently this was incorrect. > > Always storing the dma_addr_t pointer as 64-bit little-endian, > i.e. initializing the second four bytes to zero in case of 32-bit > addressing, apparently solved the problem for Phil, and is consistent > with what all 64-bit little-endian machines did before. > > I also checked in the history that in previous versions of the code, > the pointer was always in the first four bytes without padding, and that > previous attempts to fix 64-bit user space, big-endian architectures > and 64-bit DMA were clearly flawed and seem to have introduced made > this worse. > > Reported-by: Phil Oester <kernel@linuxace.com> > Fixes: 381d34e376e3 ("scsi: megaraid_sas: Check user-provided offsets") > Fixes: 107a60dd71b5 ("scsi: megaraid_sas: Add support for 64bit consistent DMA") > Fixes: 94cd65ddf4d7 ("[SCSI] megaraid_sas: addded support for big endian architecture") > Fixes: 7b2519afa1ab ("[SCSI] megaraid_sas: fix 64 bit sense pointer truncation") > Signed-off-by: Arnd Bergmann <arnd@arndb.de> This solves the issue on our Dell servers, thanks Arnd. Phil
On Tue, 5 Jan 2021 00:41:04 +0100, Arnd Bergmann wrote: > Phil Oester reported that a fix for a possible buffer overrun that I > sent caused a regression that manifests in this output: > > Event Message: A PCI parity error was detected on a component at bus 0 device 5 function 0. > Severity: Critical > Message ID: PCI1308 > > [...] Applied to 5.11/scsi-fixes, thanks! [1/1] scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression https://git.kernel.org/mkp/scsi/c/b112036535ed
diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c index 6e4bf05c6d77..3b574c453414 100644 --- a/drivers/scsi/megaraid/megaraid_sas_base.c +++ b/drivers/scsi/megaraid/megaraid_sas_base.c @@ -8205,11 +8205,9 @@ megasas_mgmt_fw_ioctl(struct megasas_instance *instance, goto out; } + /* always store 64 bits regardless of addressing */ sense_ptr = (void *)cmd->frame + ioc->sense_off; - if (instance->consistent_mask_64bit) - put_unaligned_le64(sense_handle, sense_ptr); - else - put_unaligned_le32(sense_handle, sense_ptr); + put_unaligned_le64(sense_handle, sense_ptr); } /*