This patch tries to address race condition between abort handler and
completion handler. When scsi command result is set by both abort and
completion handler, scsi_done() is only called after refcount on SRB
structure goes to zero. The abort handler sets this result prematurely even
when the refcount is non-zero value. Fix this by setting SCSI cmd->result
before scsi_done() is called.
Signed-off-by: Giridhar Malavali <gmalavali@marvell.com>
Signed-off-by: Himanshu Madhani <hmadhani@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This patch avoids that a kernel warning appears when smp_processor_id() is
called with preempt debugging enabled.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Remove those functions that are not called from outside the removed
functions.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This patch does not change any functionality but avoids that the compiler
complains about set-but-not-used variables when building with W=1.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Arrays should be defined in .c files instead of in a header file. This
patch reduces the size of the lpfc kernel module.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This patch avoids that the compiler warns about missing fall-through
annotation when building with W=1.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This patch avoid that smatch complains about misleading indentation.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This patch avoids that the compiler complains about missing declarations
when building with W=1.
Cc: James Smart <james.smart@broadcom.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
"<name>-fixed-regulator" device tree property can be safely removed because
below things are fixed or resolved,
1. "<name>-max-microamp" becomes optional property: Undefined
"<name>-max-microamp" will not cause initialization fail if
"<name>-fixed-regulator" is not defined.
2. Current switching operation (by regulator_set_load) now has rules:
Regulators will have undefined current limit if "<name>-fixed-regulator"
is not defined. But this is safe because only regulator which has
configured current limit from "<name>-max-microamp" property is allowed
to change its load.
Although "<name>-fixed-regulator" is not used in any dt-bindings in tree,
this patch is still safe for regulators already defined
"<name>-fixed-regulator". To be more clear, if a regulator defined
"<name>-fixed-regulator" before, the behavior difference after this patch
is,
1. "<name>-max-microamp":
If a regulator defined "<name>-fixed-regulator", it is not necessary
to define "<name>-max-microamp" property in device tree and it is
expected to have an undefined current limit, i.e., "max_uA" field
is zero in struct ufs_vreg. This is exactly the same as patched.
2. "vcc-supply-1p8" or volatge range settings:
* For vcc, vccq or vccq2, these three regulators shall not define
"<name>-fixed-regulator" because defining it will lead to
undefined voltage range and thus voltage switching will be
unexpected.
* For other regulators with undefined voltage range, voltage range
will be still undefined after patched.
Therefore this patch is safe for all existed regulators with
"<name>-fixed-regulator" property already defined.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
In dt-bindings for ufs, "<name>-max-microamp" property indicates current
limit and is mandatory if "<name>-fixed-regulator" is not defined on a
specified regulator.
However, in some platforms, regulators without "<name>-fixed-regulator"
property may not need to define their current limit because they may want
to define voltage range only for proper voltage switching in different
power modes, especially for vcc, vccq or vccq2.
Currently missing "<name>-max-microamp" property in device tree will lead
initialization to fail, thus such limitation shall be resolved to tolerate
this kind of regulators.
After resolving this, regulators without "<name>-max-microamp" property
will have undefined "max current" value, i.e., zero value in "max_uA" field
in struct ufs_vreg. Because we do bypass current switching operation (by
regulator_set_load) in case of undefined current limit, this patch shall be
safe.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Currently if a regulator has "<name>-fixed-regulator" property in device
tree, it will skip current limit initialization. This lead to a zero
"max_uA" value in struct ufs_vreg.
However, "regulator_set_load" operation shall be required on regulators
which have valid current limits, otherwise a zero "max_uA" set by
"regulator_set_load" may cause unexpected behavior when this regulator is
enabled or set as high power mode.
Similarly, in device's icc_level configuration flow, the target icc_level
shall be updated if regulator also has valid current limit, otherwise a
wrong icc_level will be calculated by zero "max_uA" and thus causes
unexpected results after it is written to device.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
For regulators used by UFS, vcc, vccq and vccq2 will have voltage range
initialized by ufshcd_populate_vreg(), however other regulators may have
undefined voltage range if dt-bindings have no such definition.
In above undefined case, both "min_uV" and "max_uV" fields in ufs_vreg
struct will be zero values and these values will be configured on
regulators in different power modes.
Currently this may have no harm if both "min_uV" and "max_uV" always keep
"zero values" because regulator_set_voltage() will always bypass such
invalid values and return "good" results.
However improper values shall be fixed to avoid potential bugs. Simply
bypass voltage configuration if voltage range is not defined.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
There are two fields related to regulator current limit in struct ufs_vreg:
"min_uA" and "max_uA".
"max_uA" is probed by "<name>-max-microamp" property from device tree and
used for
- regulator_set_load operations
- icc_level configuration in device
However "min_uA" field is not used anywhere, thus we can remove it.
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Marc Gonzalez <marc.w.gonzalez@free.fr>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The rc variable is not needed in bnx2fc_abts_cleanup(). Remove it and
just return SUCCESS.
[mkp: commit desc]
Signed-off-by: Ding Xiang <dingxiang@cmss.chinamobile.com>
Acked-by: Manish Rangankar <mrangankar@marvell.com>
Reviewed-by: Mukesh Ojha <mojha@codeaurora.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- lport was getting used without initialization, initialize it to fix a
warning.
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Handle refcount of rdata during error conditions.
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Here is the relevant logs for the problem we are solving:
qedf_flush_active_ios:1707]:3: Flush active i/o's num=0x17 fcport=0xffff948168fbcc80 port_id=0x550200 scsi_id=0.
qedf_flush_active_ios:1708]:3: Locking flush mutex.
qedf_flush_active_ios:1758]:3: Not outstanding, xid=0xaaf, cmd_type=3 refcount=1.
qedf_flush_active_ios:1896]:3: Flushed 0x16 I/Os, active=0x1.
qedf_flush_active_ios:1901]:3: Flushed 0x16 I/Os, active=0x1 cnt=60.
qedf_send_rrq:295]:3: Sending RRQ orig io = ffffb48b8f7d7158, orig_xid = 0xaaf
qedf_initiate_els:37]:3: Sending ELS
qedf_initiate_els:68]:3: initiate_els els_req = 0xffffb48b8f6d3098 cb_arg = ffff948fd5e4de80 xid = 4c6
qedf_init_mp_req:2172]:3: Entered.
qedf_init_mp_task:727]:3: Initializing MP task for cmd_type=4
qedf_initiate_els:134]:3: Ringing doorbell for ELS req
qedf_flush_active_ios:1901]:3: Flushed 0x16 I/Os, active=0x2 cnt=20.
qedf_cmd_timeout:96]:3: ELS timeout, xid=0x4c6.
qedf_rrq_compl:186]:3: Entered.
qedf_rrq_compl:204]:3: rrq_compl: orig io = ffffb48b8f7d7158, orig xid = 0xaaf, rrq_xid = 0x4c6, refcount=1
qedf_flush_active_ios:1935]:3: Unlocking flush mutex.
qedf_upload_connection:1579]:3: Uploading connection port_id=550200.
We found an ABTS command for which CMD_OUTSTANDING was cleared (line 3).
For this command, delayed send_rrq was queued, but would take 10 secs to
execute. Adding capability to detect that (based on io_req->state that is
being introduced), and attempt to cancel rrq_work. If we succeed, we drop
the reference and free the io_req. If we cannot, then the els will get sent
out and we will wait for 10 secs for it to complete.
Signed-off-by: Shyam Sundar <ssundar@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
cmd_type is over written to QEDF_CLEANUP during cleanup, so check for
tm_flags.
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- The flag will help in to figure out if io_req is cleaned or not.
Signed-off-by: Shyam Sundar <ssundar@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Command is already completed with underrun so no need to send ABTS.
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- I/Os, aborts and tmf should not be queued if flush is in progress.
Signed-off-by: Shyam Sundar <ssundar@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Check proper values before servicing CVL.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The fc_rport_priv structure is reference counted, so we need to ensure that
the reference is increased before accessing the structure.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
On completions where we do not have a bad scsi_cmnd pointer we should
return before the the label lest we do a double kref_put.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Wait for all the connections to get uploaded.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Check the validity of various pointers before processing.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
test_bit() is atomic, test_bit() || test_bit() is not. So protect
consecutive bit tests with a lock to avoid races.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
fc_rport_create() needs to be called with disc_mutex held. And we should
re-assign the 'rdata' pointer in case it got changed.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
qedf_xmit() calls fc_rport_lookup(), but discards the returned rdata
structure almost immediately without decreasing the refcount. This leads
to a refcount leak and the rdata never to be freed.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Check if link is UP before sending and processing any packets on wire.
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When receiving an unsolicited frame we could crash on a list traversal in
fc_rport_lookup while searching the rport which is associated with our
lport.
Initialize the lport's discovery node after allocating the lport in
__qedf_probe().
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- Correct memory barriers to make sure all cmnds are flushed.
Signed-off-by: Andrew Vasquez <andrewv@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
- If a TMF and cleanup are issued at the same time they could cause a call
trace if issued against the same xid as the io_req->tm_done completion
is used for both.
- Set and clear cleanup bit in cleanup routine.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
An I/O can be in any state when flush is called, it can be in abort,
waiting for abort, RRQ send and waiting or TMF send.
- HZ can be different on different architecture, correctly set abort
timeout value.
- Flush can complete the I/Os prematurely, handle refcount for aborted
I/Os and for which RRQ is pending.
- Differentiate LUN/TARGET reset, as cleanup needs to be send to firmware
accordingly.
- Add flush mutex to sync cleanup call from abort and flush routine.
- Clear abort/outstanding bit on timeout.
Signed-off-by: Shyam Sundar <shyam.sundar@marvell.com>
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The purpose of flush routine is to cleanup I/Os to the firmware and
complete them to scsi middle layer. This routine is invoked before
connection is uploaded because of rport going away.
- Don't process any I/Os, aborts, TMFs coming when flush in progress.
- Add flags to handle cleanup and release of I/Os because flush can
prematurely complete I/Os.
- Original command can get completed to driver when cleanup for same is
posted to firmware, handle this condition.
- Modify flush to handle I/Os in all the states like abort, TMF, RRQ and
timeouts.
Signed-off-by: Shyam Sundar <ssundar@marvell.com>
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When mapping the pages from a scatter/gather list from the SCSI layer we
only need to follow these rules:
- Max SGEs for each I/O request is 256
- No size limit on each SGE
- No need to split OS provided SGEs to 4K before sending to firmware.
- Slow SGE is applicable only when:
- There are > 8 SGEs and any middle SGE is less than a page size (4K)
Make necessary changes so that driver follows these rules. Applicable only
for Write requests (not for Read requests). No need to check SGE address
alignment requirements (first, middle or last) before declaring slow SGE.
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
There is currently an overlap where exchange IDs between what is used for
offloaded commands and by libfc for ELS commands. Correct this so that
exchange ID range is:
Offloaded requests: 0 to 0xfff
libfc requests: 0x1000 to 0xfffe
Signed-off-by: Chad Dupuis <cdupuis@marvell.com>
Signed-off-by: Saurav Kashyap <skashyap@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Clang warns when it sees a logical not on the left side of a conditional
statement because it thinks the logical not should be applied to the whole
statement, not just the left side:
drivers/scsi/qla2xxx/qla_nx.c:3703:7: warning: logical not is only
applied to the left hand side of this comparison
[-Wlogical-not-parentheses]
This particular instance was already fixed by commit 0bfe7d3cae ("scsi:
qla2xxx: Simplify conditional check") upstream but it was reintroduced by
commit 3695310e37 ("scsi: qla2xxx: Update flash read/write routine") in
the 5.2/scsi-queue.
Fixes: 3695310e37 ("scsi: qla2xxx: Update flash read/write routine")
Link: https://github.com/ClangBuiltLinux/linux/issues/80
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Make sd_probe() easier to read by inlining sd_probe_part2(). This patch
does not change any functionality.
Cc: Lee Duncan <lduncan@suse.com>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Luis Chamberlain <mcgrof@kernel.org>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
As explained during the 2018 LSF/MM session about increasing SCSI disk
probing concurrency, the problems with the current probing approach are as
follows:
- The driver core is unaware of asynchronous SCSI LUN probing.
wait_for_device_probe() waits for all asynchronous probes except
asynchronous SCSI disk probes.
- There is unnecessary serialization between sd_probe() and sd_remove().
This can lead to a deadlock.
Hence this patch that modifies the sd driver such that it uses the driver
core framework for asynchronous probing. The async domains and
get_device()/put_device() pairs that became superfluous due to this change
are removed.
This patch does not affect the time needed for loading the scsi_debug
kernel module with parameters delay=0 and max_luns=256.
This patch depends on commit ef0ff68351 ("driver core: Probe devices
asynchronously instead of the driver") that went upstream in kernel version
v5.1-rc1.
Cc: Lee Duncan <lduncan@suse.com>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Luis Chamberlain <mcgrof@kernel.org>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
There are a couple of statements that are incorrectly indented, fix these.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The variable len is not being inintialized and the uninitialized value is
being returned. However, this return path is never reached because the
default case in the switch statement returns -ENOSYS. Clean up the code by
replacing the return -ENOSYS with a break for the default case and
returning -ENOSYS at the end of the function. This allows len to be
removed.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When building with -Wsometimes-uninitialized, Clang warns:
drivers/scsi/gdth.c:3662:6: warning: variable 'paddr' is used
uninitialized whenever 'if' condition is false
[-Wsometimes-uninitialized]
Don't attempt to call dma_free_coherent when buf is NULL (meaning that
we never called dma_alloc_coherent and initialized paddr), which avoids
this warning.
Link: https://github.com/ClangBuiltLinux/linux/issues/402
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Fixes gcc '-Wunused-but-set-variable' warning:
drivers/scsi/pm8001/pm8001_hwi.c: In function 'mpi_smp_completion':
drivers/scsi/pm8001/pm8001_hwi.c:2901:6: warning:
variable 'param' set but not used [-Wunused-but-set-variable]
drivers/scsi/pm8001/pm8001_hwi.c: In function 'pm8001_bytes_dmaed':
drivers/scsi/pm8001/pm8001_hwi.c:3247:24: warning:
variable 'sas_ha' set but not used [-Wunused-but-set-variable]
They're never used since introduction, so can be removed.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Jack Wang <jinpu.wang@cloud.ionos.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Clang -Wuninitialized notices that on is_qla40XX we never allocate any DMA
memory in get_fw_boot_info() but attempt to free it anyway:
drivers/scsi/qla4xxx/ql4_os.c:5915:7: error: variable 'buf_dma' is used uninitialized whenever 'if' condition is false
[-Werror,-Wsometimes-uninitialized]
if (!(val & 0x07)) {
^~~~~~~~~~~~~
drivers/scsi/qla4xxx/ql4_os.c:5985:47: note: uninitialized use occurs here
dma_free_coherent(&ha->pdev->dev, size, buf, buf_dma);
^~~~~~~
drivers/scsi/qla4xxx/ql4_os.c:5915:3: note: remove the 'if' if its condition is always true
if (!(val & 0x07)) {
^~~~~~~~~~~~~~~~~~~
drivers/scsi/qla4xxx/ql4_os.c:5885:20: note: initialize the variable 'buf_dma' to silence this warning
dma_addr_t buf_dma;
^
= 0
Skip the call to dma_free_coherent() here.
Fixes: 2a991c2159 ("[SCSI] qla4xxx: Boot from SAN support for open-iscsi")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
clang -Wuninitialized incorrectly sees a variable being used without
initialization:
drivers/scsi/lpfc/lpfc_nvme.c:2102:37: error: variable 'localport' is uninitialized when used here
[-Werror,-Wuninitialized]
lport = (struct lpfc_nvme_lport *)localport->private;
^~~~~~~~~
drivers/scsi/lpfc/lpfc_nvme.c:2059:38: note: initialize the variable 'localport' to silence this warning
struct nvme_fc_local_port *localport;
^
= NULL
1 error generated.
This is clearly in dead code, as the condition leading up to it is always
false when CONFIG_NVME_FC is disabled, and the variable is always
initialized when nvme_fc_register_localport() got called successfully.
Change the preprocessor conditional to the equivalent C construct, which
makes the code more readable and gets rid of the warning.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Change snprintf to scnprintf. There are generally two cases where using
snprintf causes problems.
1) Uses of size += snprintf(buf, SIZE - size, fmt, ...)
In this case, if snprintf would have written more characters than what the
buffer size (SIZE) is, then size will end up larger than SIZE. In later
uses of snprintf, SIZE - size will result in a negative number, leading
to problems. Note that size might already be too large by using
size = snprintf before the code reaches a case of size += snprintf.
2) If size is ultimately used as a length parameter for a copy back to user
space, then it will potentially allow for a buffer overflow and information
disclosure when size is greater than SIZE. When the size is used to index
the buffer directly, we can have memory corruption. This also means when
size = snprintf... is used, it may also cause problems since size may become
large. Copying to userspace is mitigated by the HARDENED_USERCOPY kernel
configuration.
The solution to these issues is to use scnprintf which returns the number of
characters actually written to the buffer, so the size variable will never
exceed SIZE.
Signed-off-by: Silvio Cesare <silvio.cesare@gmail.com>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: James Smart <james.smart@broadcom.com>
Cc: Dick Kennedy <dick.kennedy@broadcom.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Greg KH <greg@kroah.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>