linux/drivers/ata
Arnd Bergmann 287e6611ab libata: fix HDIO_GET_32BIT ioctl
As reported by Soohoon Lee, the HDIO_GET_32BIT ioctl does not
work correctly in compat mode with libata.

I have investigated the issue further and found multiple problems
that all appeared with the same commit that originally introduced
HDIO_GET_32BIT handling in libata back in linux-2.6.8 and presumably
also linux-2.4, as the code uses "copy_to_user(arg, &val, 1)" to copy
a 'long' variable containing either 0 or 1 to user space.

The problems with this are:

* On big-endian machines, this will always write a zero because it
  stores the wrong byte into user space.

* In compat mode, the upper three bytes of the variable are updated
  by the compat_hdio_ioctl() function, but they now contain
  uninitialized stack data.

* The hdparm tool calling this ioctl uses a 'static long' variable
  to store the result. This means at least the upper bytes are
  initialized to zero, but calling another ioctl like HDIO_GET_MULTCOUNT
  would fill them with data that remains stale when the low byte
  is overwritten. Fortunately libata doesn't implement any of the
  affected ioctl commands, so this would only happen when we query
  both an IDE and an ATA device in the same command such as
  "hdparm -N -c /dev/hda /dev/sda"

* The libata code for unknown reasons started using ATA_IOC_GET_IO32
  and ATA_IOC_SET_IO32 as aliases for HDIO_GET_32BIT and HDIO_SET_32BIT,
  while the ioctl commands that were added later use the normal
  HDIO_* names. This is harmless but rather confusing.

This addresses all four issues by changing the code to use put_user()
on an 'unsigned long' variable in HDIO_GET_32BIT, like the IDE subsystem
does, and by clarifying the names of the ioctl commands.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reported-by: Soohoon Lee <Soohoon.Lee@f5.com>
Tested-by: Soohoon Lee <Soohoon.Lee@f5.com>
Cc: stable@vger.kernel.org
Signed-off-by: Tejun Heo <tj@kernel.org>
2016-02-11 10:07:18 -05:00
..
acard-ahci.c ahci: Store irq number in struct ahci_host_priv 2015-06-03 01:37:49 -04:00
ahci_brcmstb.c drivers: ata: wake port before DMA stop for ALPM 2016-01-25 15:20:44 -05:00
ahci_ceva.c drivers: ata: add support for Ceva sata host controller 2015-06-10 11:15:17 +09:00
ahci_da850.c ata: ahci_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
ahci_imx.c ata: ahci_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
ahci_mvebu.c sata/mvebu: use #ifdef around suspend/resume code 2015-11-20 14:59:43 -05:00
ahci_platform.c Revert "ahci: added support for Freescale AHCI sata" 2015-09-08 12:30:06 -04:00
ahci_qoriq.c ahci: qoriq: Adjust the default register values on ls1021a 2015-12-16 10:24:35 -05:00
ahci_st.c ata: ahci_st: fixup layering violations / drvdata errors 2015-04-20 13:36:38 -04:00
ahci_sunxi.c ata: ahci_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
ahci_tegra.c ata: ahci_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
ahci_xgene.c ahci_xgene: Implement the workaround to fix the missing of the edge interrupt for the HOST_IRQ_STAT. 2016-02-11 09:54:15 -05:00
ahci.c ahci: Intel DNV device IDs SATA 2016-02-10 11:35:55 -05:00
ahci.h ata: Remove the AHCI_HFLAG_EDGE_IRQ support from libahci. 2016-02-11 09:54:04 -05:00
ata_generic.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
ata_piix.c ata_piix: Add Device IDs for Intel 9 Series PCH 2014-08-28 08:53:40 -04:00
Kconfig ata: ahci_brcmstb: add support for MIPS-based platforms 2015-12-31 21:19:35 -05:00
libahci_platform.c ahci: Store irq number in struct ahci_host_priv 2015-06-03 01:37:49 -04:00
libahci.c ata: Remove the AHCI_HFLAG_EDGE_IRQ support from libahci. 2016-02-11 09:54:04 -05:00
libata-acpi.c ACPI and power management updates for 3.15-rc1 2014-04-01 12:48:54 -07:00
libata-core.c libata: blacklist a Viking flash model for MWDMA corruption 2016-01-25 15:24:13 -05:00
libata-eh.c libata-eh.c: Introduce new ata port flag for controller which lockup on read log page 2015-12-07 10:25:57 -05:00
libata-pmp.c ata: pmp: add quirk for Marvell 4140 SATA PMP 2015-07-14 17:46:38 -04:00
libata-scsi.c libata: fix HDIO_GET_32BIT ioctl 2016-02-11 10:07:18 -05:00
libata-sff.c libata: fix sff host state machine locking while polling 2016-02-01 11:33:21 -05:00
libata-trace.c libata: Add tracepoints 2015-03-27 11:59:22 -04:00
libata-transport.c libata: add ATA_HORKAGE_NOTRIM 2015-07-15 11:22:35 -04:00
libata-transport.h
libata-zpodd.c libata: zpodd: eliminate odd_can_poweroff 2014-03-14 11:23:47 -04:00
libata.h Revert "libata: Implement NCQ autosense" 2015-08-03 12:01:54 -04:00
Makefile ahci: added a new driver for supporting Freescale AHCI sata 2015-09-08 12:30:06 -04:00
pata_acpi.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_ali.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_amd.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_arasan_cf.c Merge branch 'for-4.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2015-09-02 08:00:54 -07:00
pata_artop.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_at32.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_at91.c ata: at91: use syscon to configure the smc 2015-05-20 16:36:50 +02:00
pata_atiixp.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_atp867x.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_bf54x.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_cmd64x.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_cmd640.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_cs5520.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_cs5530.c ata: Delete unnecessary checks before the function call "pci_dev_put" 2015-02-03 07:04:44 -05:00
pata_cs5535.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_cs5536.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_cypress.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_efar.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_ep93xx.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_hpt3x2n.c ata: delete non-required instances of include <linux/init.h> 2014-02-13 16:40:56 -05:00
pata_hpt3x3.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_hpt37x.c ata: delete non-required instances of include <linux/init.h> 2014-02-13 16:40:56 -05:00
pata_hpt366.c ata: hpt366: fix constant cast warning 2015-05-21 17:37:51 -04:00
pata_icside.c Drivers: ata: remove __dev* attributes. 2013-01-03 15:57:03 -08:00
pata_imx.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_isapnp.c PNP: ata/pata_isapnp: Use module_pnp_driver to register driver 2015-03-18 22:39:17 +01:00
pata_it821x.c pata_it821x: use "const char *" for string literals 2015-10-15 10:58:53 -04:00
pata_it8213.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_ixp4xx_cf.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_jmicron.c PCI: Disable async suspend/resume for JMicron multi-function SATA/AHCI 2015-08-24 15:27:11 -05:00
pata_legacy.c pata_legacy: Remove dead code 2014-03-11 08:30:53 -04:00
pata_macio.c ata: pata_macio: Fix module autoload for OF platform driver 2015-09-17 11:14:25 -04:00
pata_marvell.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_mpc52xx.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_mpiix.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_netcell.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_ninja32.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_ns87410.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_ns87415.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_octeon_cf.c pata_octeon_cf: fix broken build 2015-06-08 18:03:04 +09:00
pata_of_platform.c ata: pata_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
pata_oldpiix.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_opti.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_optidma.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_palmld.c ata: drop owner assignment from platform_drivers 2014-10-20 16:20:17 +02:00
pata_pcmcia.c ata: delete non-required instances of include <linux/init.h> 2014-02-13 16:40:56 -05:00
pata_pdc202xx_old.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_pdc2027x.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_piccolo.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_platform.c ata: pata_platform: fix owner module reference mismatch for scsi host 2015-01-28 18:45:23 -05:00
pata_pxa.c ata: pata_pxa: dmaengine conversion 2015-09-10 17:02:04 -04:00
pata_radisys.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_rb532_cf.c MIPS: Remove all the uses of custom gpio.h 2015-09-03 12:08:02 +02:00
pata_rdc.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_rz1000.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_samsung_cf.c libata: samsung_cf: fix handling platform_get_irq result 2015-09-25 11:50:15 -04:00
pata_sc1200.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_sch.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_serverworks.c pata_serverworks: disable 64-KB DMA transfers on Broadcom OSB4 IDE Controller 2014-10-07 17:10:14 -04:00
pata_sil680.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
pata_sis.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_sl82c105.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_triflex.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pata_via.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
pdc_adma.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_dwc_460ex.c sata_dwc_460ex: indent an if statement 2015-03-30 13:14:40 -04:00
sata_fsl.c ata/sata_fsl.c: add ATA_FLAG_NO_LOG_PAGE to blacklist the controller for log page reads 2015-12-07 10:25:57 -05:00
sata_highbank.c ahci: Store irq number in struct ahci_host_priv 2015-06-03 01:37:49 -04:00
sata_inic162x.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_mv.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_nv.c ata:sata_nv - Change 1 to true for bool type variable. 2015-05-25 20:06:55 -04:00
sata_promise.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_promise.h
sata_qstor.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_rcar.c ata: sata_rcar: Remove obsolete platform_device_id entries 2015-11-24 09:54:36 -05:00
sata_sil24.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_sil.c sata_sil: disable trim 2015-11-30 10:02:49 -05:00
sata_sis.c ata: use CONFIG_PM_SLEEP instead of CONFIG_PM where applicable in host drivers 2014-05-09 22:37:49 -04:00
sata_svw.c powerpc updates for 4.1 2015-04-16 13:53:32 -05:00
sata_sx4.c sata_sx4: correctly handling failed allocation 2015-12-31 21:33:42 -05:00
sata_uli.c ata: delete non-required instances of include <linux/init.h> 2014-02-13 16:40:56 -05:00
sata_via.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sata_vsc.c ata: remove deprecated use of pci api 2015-04-08 10:55:05 -04:00
sis.h