linux/drivers
Kashyap, Desai dd3741d303 [SCSI] mpt2sas: Added sanity check for cb_idx and smid access.
Sometime it is seen that controller
firmware returns an invalid system message id (smid).

the oops is occurring becuase mpt_callbacks pointer is referenced to
either null or invalid virtual address.  this is due to cb_idx set
incorrectly from routine _base_get_cb_idx.  the cb_idx was set incorrectly
becuase there is no check to make sure smid is less than maxiumum
anticapted smid.   to fix this issue, we add a check in
_base_get_cb_idx to make sure smid is not greater than
ioc->hba_queue_depth.   in addition, a similar check was added to make
sure the reply address was less than the largest anticapated address.

Newer firmware has sovled this issue, however it good to have this sanity
check.

Signed-off-by: Kashyap Desai <kashyap.desai@lsi.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
2010-12-21 12:24:03 -06:00
..
accessibility
acpi Merge branch 'bugzilla-23002' into release 2010-12-13 22:40:54 -05:00
amba
ata sata_via: apply magic FIFO fix to vt6420 too 2010-11-19 13:16:26 -05:00
atm atm: correct sysfs 'device' link creation and parent relationships 2010-12-10 15:45:05 -08:00
auxdisplay
base PM: Allow devices to be removed during late suspend and early resume 2010-11-11 01:50:53 +01:00
block xen: Provide a variant of __RING_SIZE() that is an integer constant expression 2010-12-15 12:34:28 -08:00
bluetooth Bluetooth: Add new PID for Atheros 3011 2010-12-01 15:51:01 -02:00
cdrom cdrom: gdrom: ctrl_in/outX to __raw_read/writeX conversion. 2010-10-27 14:33:39 +09:00
char agp/intel: Fix wrong kunmap in i830_cleanup() 2010-12-05 10:40:17 +00:00
clocksource ARM: shmobile: remove sh_timer_config clk member 2010-10-31 10:40:39 -04:00
connector connector: add module alias 2010-12-10 12:27:49 -08:00
cpufreq
cpuidle
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2010-11-13 09:55:56 -08:00
dca
dio
dma Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx 2010-12-14 13:35:47 -08:00
edac amd64_edac: Fix interleaving check 2010-12-08 19:52:54 +01:00
eisa
firewire firewire: ohci: fix regression with Agere FW643 rev 06, disable MSI 2010-12-12 15:47:02 +01:00
firmware dmi: log board, system, and BIOS information 2010-10-27 18:03:05 -07:00
gpio cs5535-gpio: apply CS5536 errata workaround for GPIOs 2010-12-02 14:51:15 -08:00
gpu drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP 2010-12-09 17:59:24 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2010-12-02 17:40:04 -08:00
hwmon Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/staging 2010-12-14 13:36:26 -08:00
i2c i2c_intel_mid: Fix slash in sysfs name 2010-12-14 18:46:01 -08:00
ide ide: clean up timed out request handling 2010-10-26 10:17:30 -07:00
idle intel_idle: recognize ARAT on WSM-EX 2010-12-02 01:19:32 -05:00
ieee802154
infiniband IB/uverbs: Handle large number of entries in poll CQ 2010-12-08 15:23:49 -08:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2010-12-08 06:34:02 -08:00
isdn isdn: icn: Fix stack corruption bug. 2010-11-24 11:19:05 -08:00
leds leds: fix up dependencies 2010-12-02 14:51:15 -08:00
lguest
macintosh leds: fix up dependencies 2010-12-02 14:51:15 -08:00
mca
md md: protect against NULL reference when waiting to start a raid10. 2010-12-09 17:02:14 +11:00
media Merge branch 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild-2.6 2010-12-05 16:41:13 -08:00
memstick
message SCSI host lock push-down 2010-11-16 13:33:23 -08:00
mfd mfd: Fix a memory leak when unload mc13xxx-core module 2010-10-29 00:30:43 +02:00
misc drivers/misc/isl29020.c: remove incorrect kfree in isl29020_remove() 2010-11-25 06:50:47 +09:00
mmc mmc: sdhci: 8-bit bus width changes 2010-11-22 15:12:04 -05:00
mtd Merge branch 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6 2010-12-14 17:36:35 -08:00
net xen: Provide a variant of __RING_SIZE() that is an integer constant expression 2010-12-15 12:34:28 -08:00
nubus
of
oprofile Merge branches 'perf-fixes-for-linus' and 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2010-10-30 11:43:26 -07:00
parisc parisc: KittyHawk LCD fix 2010-12-04 11:18:25 -05:00
parport
pci Merge branch 'drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2010-11-25 07:42:03 +09:00
pcmcia ARM: 6456/1: Fix for building DEBUG with sa11xx_base.c as a module. 2010-12-04 12:47:48 +00:00
platform wmi: use memcmp instead of strncmp to compare GUIDs 2010-12-06 17:19:13 -05:00
pnp ACPI/PNP: avoid section mismatch warning 2010-12-11 02:01:47 -05:00
power power: Revert "power_supply: Mark twl4030_charger as broken" 2010-10-29 00:30:44 +02:00
pps
ps3
rapidio rapidio: use resource_size() 2010-11-12 07:55:30 -08:00
regulator regulator: tps6586x: correct register table 2010-12-09 09:23:43 +00:00
rtc Merge branches 'sh/rtc' and 'common/clkfwk' into sh/urgent 2010-11-10 18:15:44 +09:00
s390 [SCSI] zfcp: Issue FCP command without holding SCSI host_lock 2010-12-09 09:41:23 -06:00
sbus
scsi [SCSI] mpt2sas: Added sanity check for cb_idx and smid access. 2010-12-21 12:24:03 -06:00
serial Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/linux-2.6-kgdb 2010-12-14 14:35:04 -08:00
sfi
sh Merge branch 'common/clkfwk' into sh-fixes-for-linus 2010-11-19 16:43:23 +09:00
sn
spi dw_spi: Fix missing final read in some polling situations 2010-12-14 18:48:59 -08:00
ssb ssb: b43-pci-bridge: Add new vendor for BCM4318 2010-11-22 15:19:31 -05:00
staging Merge branch 'staging-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6 2010-12-02 12:59:11 -08:00
tc
telephony
thermal
tty Merge branch 'tty-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6 2010-12-02 12:58:16 -08:00
uio uio: Change mail address of Hans J. Koch 2010-11-10 16:57:11 -08:00
usb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-14 17:33:40 -08:00
uwb UWB: Return UWB_RSV_ALLOC_NOT_FOUND rather than crashing on NULL dereference if kzalloc fails 2010-11-11 07:14:07 -08:00
vhost vhost: correctly set bits of dirty pages 2010-11-29 10:26:55 +02:00
video fbdev: Fix fb_find_nearest_mode refresh comparison 2010-12-14 18:03:49 +09:00
virtio virtio: fix format of sysfs driver/vendor files 2010-11-24 15:21:12 +10:30
vlynq
w1 w1: don't allow arbitrary users to remove w1 devices 2010-10-27 18:03:17 -07:00
watchdog watchdog: it8712f_wdt: add note to Kconfig 2010-12-02 14:10:32 +00:00
xen Merge branch '2.6.37-rc4-pvhvm-fixes' of git://xenbits.xen.org/people/sstabellini/linux-pvhvm 2010-12-03 11:30:57 -08:00
zorro BKL: remove extraneous #include <smp_lock.h> 2010-11-17 08:59:32 -08:00
Kconfig
Makefile TTY: create drivers/tty and move the tty core files there 2010-11-05 08:10:33 -07:00