evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/drivers/scsi
History
Felipe Franciosi 1cda5468c0 scsi: virtio_scsi: don't send sc payload with tmfs 
commit 3722e6a52174d7c3a00e6f5efd006ca093f346c1 upstream.

The virtio scsi spec defines struct virtio_scsi_ctrl_tmf as a set of
device-readable records and a single device-writable response entry:

    struct virtio_scsi_ctrl_tmf
    {
        // Device-readable part
        le32 type;
        le32 subtype;
        u8 lun[8];
        le64 id;
        // Device-writable part
        u8 response;
    }

The above should be organised as two descriptor entries (or potentially
more if using VIRTIO_F_ANY_LAYOUT), but without any extra data after "le64
id" or after "u8 response".

The Linux driver doesn't respect that, with virtscsi_abort() and
virtscsi_device_reset() setting cmd->sc before calling virtscsi_tmf().  It
results in the original scsi command payload (or writable buffers) added to
the tmf.

This fixes the problem by leaving cmd->sc zeroed out, which makes
virtscsi_kick_cmd() add the tmf to the control vq without any payload.

Cc: stable@vger.kernel.org
Signed-off-by: Felipe Franciosi <felipe@nutanix.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-03-23 08:44:35 +01:00
..
aacraid scsi: aacraid: Fix typo in blink status 2018-11-10 07:41:40 -08:00
aic7xxx aic7xxx: Fix queue depth handling 2016-04-12 09:08:39 -07:00
aic94xx scsi: aic94xx: fix an error code in aic94xx_init() 2018-09-15 09:40:39 +02:00
arcmsr scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware 2016-11-10 16:36:35 +01:00
arm scsi: fas216: fix sense buffer initialization 2018-05-30 07:48:54 +02:00
be2iscsi be2iscsi: set the boot_kset pointer to NULL in case of failure 2016-04-12 09:08:39 -07:00
bfa scsi: bfa: convert to strlcpy/strlcat 2018-12-13 09:21:29 +01:00
bnx2fc scsi: bnx2fc: Fix NULL dereference in error handling 2019-01-13 10:05:31 +01:00
bnx2i scsi: bnx2i: add error handling for ioremap_nocache 2018-10-10 08:52:06 +02:00
csiostor scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() 2019-03-23 08:44:19 +01:00
cxgbi scsi: cxgb4i: fix Tx skb leak 2017-12-25 14:22:14 +01:00
cxlflash scsi: cxlflash: Improve EEH recovery time 2017-05-08 07:46:02 +02:00
device_handler scsi: scsi_dh_emc: return success in clariion_std_inquiry() 2017-10-21 17:09:05 +02:00
dpt
esas2r scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
fcoe scsi: fcoe: drop frames in ELS LOGO error path 2018-09-05 09:18:36 +02:00
fnic scsi: fnic: Avoid sending reset to firmware when another reset is in progress 2017-08-06 19:19:47 -07:00
ibmvscsi scsi: ibmvscsi: Improve strings handling 2018-10-10 08:52:05 +02:00
isci scsi: isci: initialize shost fully before calling scsi_add_host() 2019-03-23 08:44:16 +01:00
libfc scsi: libfc: free skb when receiving invalid flogi resp 2019-03-23 08:44:26 +01:00
libsas scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached 2019-03-23 08:44:18 +01:00
lpfc scsi: lpfc: Correct LCB RJT handling 2019-02-20 10:13:04 +01:00
megaraid scsi: megaraid: fix out-of-bound array accesses 2019-01-26 09:42:55 +01:00
mpt3sas scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM 2018-05-30 07:49:03 +02:00
mvsas mvsas: fix misleading indentation 2017-03-18 19:09:58 +08:00
osd Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2015-04-14 09:50:27 -07:00
pcmcia scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
pm8001 SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
qla2xxx scsi: qla2xxx: do not queue commands when unloading 2018-12-01 09:46:40 +01:00
qla4xxx scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param 2019-03-23 08:44:16 +01:00
snic scsi: snic: Return error code on memory allocation failure 2017-08-06 19:19:47 -07:00
sym53c8xx_2 scsi: sym53c8xx_2: iterator underflow in sym_getsync() 2018-05-30 07:48:57 +02:00
ufs scsi: ufshcd: release resources if probe fails 2018-12-01 09:46:40 +01:00
.gitignore
3w-9xxx.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-9xxx.h 3w-9xxx: fix command completion race 2015-04-27 10:10:19 -07:00
3w-sas.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-sas.h 3w-sas: fix command completion race 2015-04-27 10:04:39 -07:00
3w-xxxx.c scsi: 3ware: fix return 0 on the error path of probe 2018-09-19 22:48:58 +02:00
3w-xxxx.h 3w-xxxx: fix command completion race 2015-04-27 10:05:55 -07:00
53c700.c 53c700: fix BUG on untagged commands 2016-07-27 09:47:39 -07:00
53c700.h
53c700.scr
53c700_d.h_shipped
a100u2w.c scsi: a100u2w: trivial typo in printk 2015-08-07 15:03:42 +02:00
a100u2w.h
a2091.c
a2091.h
a3000.c
a3000.h
a4000t.c
advansys.c scsi: advansys: fix uninitialized data access 2018-02-25 11:03:43 +01:00
aha152x.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
aha152x.h
aha1542.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
aha1542.h aha1542: fix include guard and remove useless changelog 2015-04-09 18:08:31 -07:00
aha1740.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
aha1740.h scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
am53c974.c am53c974: Fix crash during modprobe 2015-04-17 10:13:56 -07:00
atari_NCR5380.c
atari_scsi.c
atp870u.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
atp870u.h scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
BusLogic.c
BusLogic.h
bvme6000_scsi.c
ch.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2015-04-14 09:50:27 -07:00
constants.c scsi: fix upper bounds check of sense key in scsi_sense_key_string() 2016-09-15 08:27:54 +02:00
dc395x.c
dc395x.h
dmx3191d.c
dpt_i2o.c dpt_i2o: fix build warning 2018-02-25 11:03:44 +01:00
dpti.h
dtc.c
dtc.h
eata.c
eata_generic.h
eata_pio.c
eata_pio.h
esp_scsi.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
esp_scsi.h scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
fdomain.c scsi: fdomain: drop fdomain_pci_tbl when built-in 2018-02-25 11:03:45 +01:00
fdomain.h
FlashPoint.c FlashPoint: fix build warning 2015-11-09 16:32:14 -08:00
g_NCR5380.c ncr5380: shut up gcc indentation warning 2018-02-25 11:03:51 +01:00
g_NCR5380.h
g_NCR5380_mmio.c
gdth.c
gdth.h
gdth_ioctl.h
gdth_proc.c
gdth_proc.h
gvp11.c
gvp11.h
hosts.c Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
hpsa.c scsi: hpsa: fix volume offline state 2018-01-23 19:50:15 +01:00
hpsa.h scsi: hpsa: limit outstanding rescans 2017-12-20 10:04:55 +01:00
hpsa_cmd.h scsi: hpsa: update check for logical volume status 2017-12-20 10:04:54 +01:00
hptiop.c hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer 2015-08-12 13:14:57 -07:00
hptiop.h hptiop: Support HighPoint RR36xx HBAs and Support SAS tape and SAS media changer 2015-08-12 13:14:57 -07:00
imm.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
imm.h
in2000.c
in2000.h
initio.c SCSI: initio: remove duplicate module device table 2018-02-25 11:03:45 +01:00
initio.h
ipr.c scsi: ipr: Fix missed EH wakeup 2018-03-22 09:23:21 +01:00
ipr.h ipr: Driver version 2.6.3. 2015-11-09 19:32:41 -05:00
ips.c ips: remove pointless #warning 2015-06-02 17:24:54 -07:00
ips.h
iscsi_boot_sysfs.c
iscsi_tcp.c
iscsi_tcp.h
jazz_esp.c
Kconfig scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m 2017-05-14 13:32:57 +02:00
lasi700.c
libiscsi.c scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task 2019-03-23 08:44:33 +01:00
libiscsi_tcp.c
mac53c94.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
mac53c94.h
mac_esp.c scsi: esp_scsi: Track residual for PIO transfers 2018-11-21 09:27:32 +01:00
mac_scsi.c
Makefile mpt3sas: Single driver module which supports both SAS 2.0 & SAS 3.0 HBAs 2015-11-11 19:50:11 -05:00
megaraid.c scsi: megaraid: silence a static checker bug 2018-08-06 16:24:37 +02:00
megaraid.h
mesh.c powerpc: Move Power Macintosh drivers to generic byteswappers 2015-03-23 14:29:40 +11:00
mesh.h
mvme16x_scsi.c
mvme147.c
mvme147.h
mvumi.c scsi: mvumi: use __maybe_unused to hide pm functions 2018-02-25 11:03:45 +01:00
mvumi.h
ncr53c8xx.c
ncr53c8xx.h
NCR53c406a.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
NCR5380.c
NCR5380.h
NCR_D700.c
NCR_D700.h
NCR_Q720.c
NCR_Q720.h
nsp32.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
nsp32.h
nsp32_debug.c
nsp32_io.h
osst.c
osst.h
osst_detect.h
osst_options.h
pas16.c
pas16.h
pmcraid.c SCSI queue for 4.4. 2015-11-12 07:06:18 -05:00
pmcraid.h
ppa.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
ppa.h
ps3rom.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
qla1280.c qla1280: Don't allocate 512kb of host tags 2016-05-18 17:06:52 -07:00
qla1280.h
qlogicfas.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
qlogicfas408.c
qlogicfas408.h
qlogicpti.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
qlogicpti.h
raid_class.c
script_asm.pl
scsi.c scsi: use host wide tags by default 2015-11-09 17:11:57 -08:00
scsi.h
scsi_common.c scsi_common: do not clobber fixed sense information 2016-04-12 09:09:05 -07:00
scsi_debug.c scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded 2016-11-10 16:36:35 +01:00
scsi_devinfo.c scsi: scsi_devinfo: cleanly zero-pad devinfo strings 2018-12-13 09:21:30 +01:00
scsi_dh.c scsi: scsi_dh: replace too broad "TP9" string with the exact models 2018-08-06 16:24:39 +02:00
scsi_error.c scsi: fix race between simultaneous decrements of ->host_failed 2016-07-27 09:47:39 -07:00
scsi_ioctl.c
scsi_lib.c scsi: use 'scsi_device_from_queue()' for scsi_dh 2017-03-12 06:37:26 +01:00
scsi_lib_dma.c
scsi_logging.c
scsi_logging.h
scsi_module.c
scsi_netlink.c
scsi_pm.c Revert "SCSI: Fix NULL pointer dereference in runtime PM" 2015-12-10 12:24:44 -05:00
scsi_priv.h scsi_dh: fix use-after-free when removing scsi device 2015-10-27 11:22:37 +09:00
scsi_proc.c
scsi_sas_internal.h
scsi_scan.c scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state 2018-11-10 07:41:37 -08:00
scsi_sysctl.c
scsi_sysfs.c scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state 2018-11-10 07:41:37 -08:00
scsi_trace.c
scsi_transport_api.h
scsi_transport_fc.c scsi_transport_fc: Add support for 25Gbit speed 2015-04-10 07:40:32 -07:00
scsi_transport_iscsi.c scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly 2017-10-05 09:41:44 +02:00
scsi_transport_sas.c scsi_transport_sas: Remove check for SAS expander when querying bay/enclosure IDs. 2015-09-06 11:13:41 -07:00
scsi_transport_spi.c [SCSI] Fix printk typos in drivers/scsi 2015-08-07 14:28:45 +02:00
scsi_transport_srp.c scsi: scsi_transport_srp: Fix shost to rport translation 2018-06-06 16:46:23 +02:00
scsi_typedefs.h
scsicam.c
sd.c scsi: sd: Fix cache_type_store() 2019-01-26 09:42:50 +01:00
sd.h sd: Fix rw_max for devices that report an optimal xfer size 2016-10-28 03:01:33 -04:00
sd_dif.c block: Consolidate static integrity profile properties 2015-10-21 14:42:38 -06:00
ses.c scsi: ses: don't get power status of SES device slot on probe 2018-03-22 09:23:24 +01:00
sg.c scsi: sg: fix minor memory leak in error path 2018-08-06 16:24:42 +02:00
sgiwd93.c
sim710.c scsi: sim710: fix build warning 2018-02-25 11:03:44 +01:00
sni_53c710.c
sr.c scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled 2018-08-15 17:42:05 +02:00
sr.h
sr_ioctl.c sr: pass down correctly sized SCSI sense buffer 2018-12-17 21:55:16 +01:00
sr_vendor.c
st.c mm: replace get_user_pages_unlocked() write/force parameters with gup_flags 2018-12-17 21:55:16 +01:00
st.h st: implement tape statistics 2015-06-02 08:03:25 -07:00
st_options.h
stex.c stex: Remove use of struct timeval 2015-11-09 17:42:19 -08:00
storvsc_drv.c scsi: storvsc: Increase cmd_per_lun for higher speed devices 2018-05-30 07:48:58 +02:00
sun3_scsi.c
sun3_scsi.h
sun3_scsi_vme.c
sun3x_esp.c arch, drivers: don't include <asm/io.h> directly, use <linux/io.h> instead 2015-08-10 23:07:05 -04:00
sun_esp.c
sym53c416.c scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
sym53c416.h
t128.c
t128.h
u14-34f.c
ultrastor.c
ultrastor.h
virtio_scsi.c scsi: virtio_scsi: don't send sc payload with tmfs 2019-03-23 08:44:35 +01:00
vmw_pvscsi.c scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload 2018-12-21 14:09:52 +01:00
vmw_pvscsi.h
wd33c93.c
wd33c93.h
wd719x.c [SCSI] Fix printk typos in drivers/scsi 2015-08-07 14:28:45 +02:00
wd719x.h scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
wd7000.c
xen-scsifront.c scsi: xen-scsifront: add error handling for xenbus_printf 2018-08-24 13:26:54 +02:00
zalon.c
zorro7xx.c