Oleksandr Natalenko af6fd0b3bc scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly ... [ Upstream commit 25dbc20dea ] The qedf_dbg_fp_int_cmd_read() function invokes sprintf() directly on a __user pointer, which may crash the kernel. Avoid doing that by vmalloc()'ating a buffer for scnprintf() and then calling simple_read_from_buffer() which does a proper copy_to_user() call. Fixes: 61d8658b4a ("scsi: qedf: Add QLogic FastLinQ offload FCoE driver framework.") Link: https://lore.kernel.org/lkml/20230724120241.40495-1-oleksandr@redhat.com/ Link: https://lore.kernel.org/linux-scsi/20230726101236.11922-1-skashyap@marvell.com/ Cc: Saurav Kashyap <skashyap@marvell.com> Cc: Rob Evers <revers@redhat.com> Cc: Johannes Thumshirn <Johannes.Thumshirn@wdc.com> Cc: David Laight <David.Laight@ACULAB.COM> Cc: Jozef Bacik <jobacik@redhat.com> Cc: Laurence Oberman <loberman@redhat.com> Cc: "James E.J. Bottomley" <jejb@linux.ibm.com> Cc: "Martin K. Petersen" <martin.petersen@oracle.com> Cc: GR-QLogic-Storage-Upstream@marvell.com Cc: linux-scsi@vger.kernel.org Reviewed-by: Laurence Oberman <loberman@redhat.com> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Tested-by: Laurence Oberman <loberman@redhat.com> Acked-by: Saurav Kashyap <skashyap@marvell.com> Signed-off-by: Oleksandr Natalenko <oleksandr@redhat.com> Link: https://lore.kernel.org/r/20230731084034.37021-4-oleksandr@redhat.com Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2023-09-13 09:42:52 +02:00
..
accessibility
acpi	ACPI: x86: s2idle: Fix a logic error parsing AMD constraints table	2023-09-13 09:42:29 +02:00
amba
android	binder: fix memory leak in binder_init()	2023-08-16 18:27:24 +02:00
ata	ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()	2023-09-13 09:42:23 +02:00
atm
auxdisplay
base	regmap: rbtree: Use alloc_flags for memory allocations	2023-09-13 09:42:31 +02:00
bcma
block	ublk: remove check IO_URING_F_SQE128 in ublk_ch_uring_cmd	2023-08-30 16:11:11 +02:00
bluetooth	Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()	2023-09-13 09:42:34 +02:00
bus	bus: ti-sysc: Fix cast to enum warning	2023-09-13 09:42:43 +02:00
cdrom
char	ipmi:ssif: Fix a memory leak when scanning for an adapter	2023-09-13 09:42:44 +02:00
clk	clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op	2023-09-13 09:42:47 +02:00
clocksource
comedi
connector
counter
cpufreq	cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()	2023-09-13 09:42:30 +02:00
cpuidle	powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT	2023-09-13 09:42:48 +02:00
crypto	crypto: caam - fix unchecked return value error	2023-09-13 09:42:33 +02:00
cxl	cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()	2023-08-03 10:24:04 +02:00
dax
dca
devfreq
dio
dma	idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM	2023-09-13 09:42:24 +02:00
dma-buf	dma-buf/sw_sync: Avoid recursive lock during fence signal	2023-08-30 16:11:12 +02:00
edac	EDAC/igen6: Fix the issue of no error events	2023-09-13 09:42:45 +02:00
eisa
extcon
firewire	firewire: net: fix use after free in fwnet_finish_incoming_packet()	2023-08-23 17:52:24 +02:00
firmware	firmware: cs_dsp: Fix new control name check	2023-09-13 09:42:44 +02:00
fpga
fsi	fsi: master-ast-cf: Add MODULE_FIRMWARE macro	2023-09-06 21:27:02 +01:00
gnss
gpio	gpio: sim: pass the GPIO device's software node to irq domain	2023-08-30 16:11:13 +02:00
gpu	drm/radeon: Use RMW accessors for changing LNKCTL	2023-09-13 09:42:47 +02:00
greybus
hid	HID: wacom: remove the battery when the EKR is off	2023-09-06 21:27:01 +01:00
hsi
hte
hv
hwmon	hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()	2023-09-13 09:42:35 +02:00
hwspinlock
hwtracing
i2c	i2c: designware: Handle invalid SMBus block data response length value	2023-08-23 17:52:31 +02:00
i3c
idle
iio	iio: accel: adxl313: Fix adxl313_i2c_id[] table	2023-09-13 09:42:52 +02:00
infiniband	RDMA/rxe: Fix incomplete state save in rxe_requester	2023-09-13 09:42:52 +02:00
input	Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN	2023-09-13 09:42:26 +02:00
interconnect	interconnect: qcom: sm8450: add enable_mask for bcm nodes	2023-08-16 18:27:25 +02:00
iommu	iommu: rockchip: Fix directory table address encoding	2023-09-13 09:42:50 +02:00
ipack
irqchip	irqchip/loongson-eiointc: Fix return value checking of eiointc_index	2023-09-13 09:42:29 +02:00
isdn	mISDN: Update parameter type of dsp_cmx_send()	2023-08-16 18:27:26 +02:00
leds	led: qcom-lpg: Fix resource leaks in for_each_available_child_of_node() loops	2023-08-23 17:52:23 +02:00
macintosh
mailbox
mcb
md	md: raid0: account for split bio in iostat accounting	2023-09-13 09:42:44 +02:00
media	media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init()	2023-09-13 09:42:51 +02:00
memory
memstick
message
mfd
misc	accel/habanalabs: add pci health check during heartbeat	2023-08-23 17:52:21 +02:00
mmc	mmc: au1xmmc: force non-modular build and remove symbol_get usage	2023-09-06 21:26:59 +01:00
most
mtd	mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()	2023-08-11 12:08:25 +02:00
mux
net	wifi: ath10k: Use RMW accessors for changing LNKCTL	2023-09-13 09:42:48 +02:00
nfc
ntb
nubus
nvdimm	nvdimm: Fix dereference after free in register_nvdimm_pmu()	2023-09-13 09:42:47 +02:00
nvme	nvme-rdma: fix potential unbalanced freeze & unfreeze	2023-08-16 18:27:30 +02:00
nvmem
of	of: unittest: Fix overlay type in apply/revert check	2023-09-13 09:42:44 +02:00
opp	OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()	2023-09-13 09:42:28 +02:00
parisc
parport
pci	PCI/ASPM: Use RMW accessors for changing LNKCTL	2023-09-13 09:42:46 +02:00
pcmcia	pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()	2023-08-23 17:52:24 +02:00
peci
perf	perf/imx_ddr: don't enable counter0 if none of 4 counters are used	2023-09-13 09:42:29 +02:00
phy	phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code	2023-09-13 09:42:20 +02:00
pinctrl	pinctrl: mcp23s08: check return value of devm_kasprintf()	2023-09-13 09:42:46 +02:00
platform	platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE notifications	2023-09-13 09:42:25 +02:00
pnp
power
powercap
pps
ps3
ptp
pwm
rapidio
ras
regulator
remoteproc
reset
rpmsg
rtc	rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff	2023-09-06 21:27:00 +01:00
s390	s390/pkey: fix PKEY_TYPE_EP11_AES handling for sysfs attributes	2023-09-13 09:42:29 +02:00
sbus
scsi	scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly	2023-09-13 09:42:52 +02:00
sh
siox
slimbus
soc	soc: qcom: smem: Fix incompatible types in comparison	2023-09-13 09:42:42 +02:00
soundwire	soundwire: fix enumeration completion	2023-08-03 10:24:15 +02:00
spi	spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe()	2023-09-13 09:42:31 +02:00
spmi
ssb
staging	media: rkvdec: increase max supported height for H.264	2023-09-13 09:42:50 +02:00
target
tc
tee
thermal	thermal/of: Fix potential uninitialized value access	2023-09-13 09:42:29 +02:00
thunderbolt	thunderbolt: Fix a backport error for display flickering issue	2023-09-02 09:16:20 +02:00
tty	serial: sprd: Fix DMA buffer leak issue	2023-09-13 09:42:52 +02:00
ufs	scsi: ufs: Try harder to change the power mode	2023-09-13 09:42:20 +02:00
uio
usb	usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()	2023-09-13 09:42:51 +02:00
vdpa	vdpa: Enable strict validation for netlinks ops	2023-08-23 17:52:31 +02:00
vfio	vfio/type1: fix cap_migration information leak	2023-09-13 09:42:47 +02:00
vhost
video	video/aperture: Move vga handling to pci function	2023-08-30 16:10:58 +02:00
virt
virtio	virtio-mmio: don't break lifecycle of vm_dev	2023-08-23 17:52:29 +02:00
vlynq
w1
watchdog	watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub)	2023-08-23 17:52:25 +02:00
xen	xen: speed up grant-table reclaim	2023-08-03 10:24:14 +02:00
zorro
Kconfig
Makefile