Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp14155217pxu; Mon, 4 Jan 2021 14:28:05 -0800 (PST) X-Google-Smtp-Source: ABdhPJwYk5CUJ6K6eitG3hkyZqU1JQS4mXz5B0weBd4PrRFB/pzC0V+rV91ruPXx+V4L8jt0OL/2 X-Received: by 2002:a17:906:b04f:: with SMTP id bj15mr66190892ejb.383.1609799285738; Mon, 04 Jan 2021 14:28:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609799285; cv=none; d=google.com; s=arc-20160816; b=dwuUGixwZIMd7GvZ/SsdPqhf9jjIa3tdJLVG7q4SDNQWoazED2RacPjkjTbo8Ea4Eo JaaHQ2HVPAjZTKTYFJphzu3YPMmC19jZcVx2mimYw5qlOyWDGF3GdB+FUViaRV3gBBrN t73nHmf7XNmzH5gvUJF7o/jUYBEW186/RU+F3HTRHVKky0mqK53lJQ2CXc7gKszP0d5+ wwoqj6y+utKrdJyPpbR8q5VNJL14wGLfP9JklNYeJ6mBbKxzXDuc0YDwBsiwGRkIU6l5 zfXhIQl3jDVPl0XZPI0mn8lE4zvLqvdfw9eewzjOBbDpKFblZJsTy65mj+MK3VY4Ri/x Sgpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=wr/+crqetMq7+HWqzuKoLxnTc4LTOK2OqbmJUAxWHHY=; b=ZT/nJ/O57wo17FFYF1HIY6cSYjmHBQ+FUMkCdu/s7ZFrFXy3oUaXYtpVUHtSe2qdyg jiHHxDUnbuCkGMg9M57AQtnboVzphhC8gejCXv/T0gbcYQ1rQte5DcNDsWGfM4s3f/AX k/Fcogspvt7U7K01NjlpwmH+kvk1LslNQBcrFMAwtDQpWk9eODqedNIVQL6ERFSkTDc9 ifRCZ56WE7Sjym4/nlVVK5wRBOpzCXfJe6evDej943XQgSmry+zL6ctMxxTeealQVabX Rv8vvBehjAdb4Y+N3hvbymzP7T3RK8iYB6EAEgTZdufCBWjzw5QKzp89mIp43DlAksnz rgpg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dIu7OlXT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bu24si32545311edb.378.2021.01.04.14.27.42; Mon, 04 Jan 2021 14:28:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dIu7OlXT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726766AbhADWZ5 (ORCPT + 99 others); Mon, 4 Jan 2021 17:25:57 -0500 Received: from mail.kernel.org ([198.145.29.99]:46518 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726289AbhADWZ5 (ORCPT ); Mon, 4 Jan 2021 17:25:57 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 6850822522; Mon, 4 Jan 2021 22:25:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1609799116; bh=Moh1Im9+alXtJJK1YOL7K6rqnZB2FhHs23YlgDF6keU=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=dIu7OlXTpr40Bd3Y1w4HFmWQiZG32R8yHx66zUYLCVMFon6hcTpiLC9UrL0NXrbyQ OXINU/zPk1KxO5uPCbWtsws3hAi3GCrbzdFuPY52Prn3lqBYY2v6vwi5ZDMItZ2AzZ Yn7hfxFROn7TVC8foTgohNzaOUkprRlte4PrZo4GrZZTJkzWUeM5IqNsjZXtRGOtd4 AJkGoEnP6Oful8hRotrqetvfSKGKOIACtuV0MHd/+yhNoHjY8k/Y6Y+56PfjWbEzUa tTo1PSshm0FIgFcxY7waGbMQLxBJXcaqTJsf5Ziz5cki0Rzlq3LjztUNHadz+XHHrS OxMCoy0U2l70w== Received: by mail-oo1-f44.google.com with SMTP id x23so6655732oop.1; Mon, 04 Jan 2021 14:25:16 -0800 (PST) X-Gm-Message-State: AOAM531HbdXubHCDLwBSu3i7RQxAEpDhdnPAkGcDBGWWUBwhmPiVLXcN Kjpjs6+jXAGhWvM8ALmvYO/oIm8K3LmC2x99JV0= X-Received: by 2002:a4a:2cc9:: with SMTP id o192mr49383360ooo.66.1609799115782; Mon, 04 Jan 2021 14:25:15 -0800 (PST) MIME-Version: 1.0 References: <20200908213715.3553098-1-arnd@arndb.de> <20200908213715.3553098-2-arnd@arndb.de> <20201231001553.GB16945@home.linuxace.com> <20210104174826.GA76610@home.linuxace.com> In-Reply-To: <20210104174826.GA76610@home.linuxace.com> From: Arnd Bergmann Date: Mon, 4 Jan 2021 23:24:59 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/3] scsi: megaraid_sas: check user-provided offsets To: Phil Oester Cc: Arnd Bergmann , Kashyap Desai , Sumit Saxena , Shivasharan S , "James E.J. Bottomley" , "Martin K. Petersen" , Christoph Hellwig , "# 3.4.x" , Anand Lodnoor , Chandrakanth Patil , Hannes Reinecke , megaraidlinux.pdl@broadcom.com, linux-scsi , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 4, 2021 at 6:48 PM Phil Oester wrote: > > On Sun, Jan 03, 2021 at 05:26:29PM +0100, Arnd Bergmann wrote: > > Thank you for the report and bisecting the issue, and sorry this broke > > your system! > > > > Fortunately, the patch is fairly small, so there are only a limited number > > of things that could go wrong. I haven't tried to analyze that message, > > but I have two ideas: > > > > a) The added ioc->sense_off check gets triggered and the code relies > > on the data being written outside of the structure > > > > b) the address actually needs to always be written as a 64-bit value > > regardless of the instance->consistent_mask_64bit flag, as the > > driver did before. This looked like it was done in error. > > > > Can you try the patch below instead of the revert and see if that > > resolves the regression, and if it triggers the warning message I > > add? > > Thanks Arnd, I tried your patch and it resolves the regression. It does not > trigger the warning message you added. Ok, thanks for testing! That would mean the range check is correct, but the sense pointer must indeed be treated as a 64-bit entity regardless of instance->consistent_mask_64bit, or at least the upper 32 bit must be zero when the flag is unset, rather than the recycled previous value. I'll send a proper fix shortly, it would be nice if you could give it another spin, but the behavior should be the same as this patch. Arnd