Dan Carpenter e6f77540c0 scsi: qla2xxx: Fix an integer overflow in sysfs code ... The value of "size" comes from the user. When we add "start + size" it could lead to an integer overflow bug. It means we vmalloc() a lot more memory than we had intended. I believe that on 64 bit systems vmalloc() can succeed even if we ask it to allocate huge 4GB buffers. So we would get memory corruption and likely a crash when we call ha->isp_ops->write_optrom() and ->read_optrom(). Only root can trigger this bug. Link: https://bugzilla.kernel.org/show_bug.cgi?id=194061 Cc: <stable@vger.kernel.org> Fixes: b7cc176c9e ("[SCSI] qla2xxx: Allow region-based flash-part accesses.") Reported-by: shqking <shqking@gmail.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>		2017-08-30 22:06:20 -04:00
..
Kconfig	scsi: qla2xxx: avoid unused-function warning	2017-07-01 17:14:58 -04:00
Makefile	scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration	2017-06-27 21:21:47 -04:00
qla_attr.c	scsi: qla2xxx: Fix an integer overflow in sysfs code	2017-08-30 22:06:20 -04:00
qla_bsg.c	scsi: qla2xxx: fix a bunch of typos and spelling mistakes	2017-07-01 17:12:31 -04:00
qla_bsg.h
qla_dbg.c	scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration	2017-06-27 21:21:47 -04:00
qla_dbg.h	scsi: qla2xxx: Include Exchange offload/Extended Login into FW dump	2017-06-27 21:21:41 -04:00
qla_def.h	scsi: qla2xxx: Send FC4 type NVMe to the management server	2017-06-27 21:21:47 -04:00
qla_devtbl.h
qla_dfs.c	scsi: qla2xxx: Move target stat counters from vha to qpair.	2017-06-27 21:21:41 -04:00
qla_fw.h	scsi: qla2xxx: Add FC-NVMe command handling	2017-06-27 21:21:47 -04:00
qla_gbl.h	scsi: qla2xxx: Send FC4 type NVMe to the management server	2017-06-27 21:21:47 -04:00
qla_gs.c	scsi: qla2xxx: Use FC-NVMe FC4 type for FDMI registration	2017-06-27 21:24:00 -04:00
qla_init.c	scsi: qla2xxx: fix a bunch of typos and spelling mistakes	2017-07-01 17:12:31 -04:00
qla_inline.h	scsi: qla2xxx: Add function call to qpair for door bell	2017-06-27 21:21:41 -04:00
qla_iocb.c	scsi: qla2xxx: Protect access to qpair members with qpair->qp_lock	2017-07-01 16:49:27 -04:00
qla_isr.c	Merge branch 'for-linus' of git://git.kernel.dk/linux-block	2017-07-11 15:36:52 -07:00
qla_mbx.c	scsi: qla2xxx: fix a bunch of typos and spelling mistakes	2017-07-01 17:12:31 -04:00
qla_mid.c	scsi: qla2xxx: Fix mailbox failure while deleting Queue pairs	2017-06-27 21:21:40 -04:00
qla_mr.c	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2017-03-02 14:52:05 -08:00
qla_mr.h
qla_nvme.c	qla2xxx: Fix NVMe entry_type for iocb packet on BE system	2017-07-01 17:20:42 -04:00
qla_nvme.h	scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration	2017-06-27 21:21:47 -04:00
qla_nx2.c	scsi: qla2xxx: fix a bunch of typos and spelling mistakes	2017-07-01 17:12:31 -04:00
qla_nx2.h	qla2xxx: Move two arrays from header files to .c files	2017-01-17 11:26:41 -08:00
qla_nx.c	scsi: qla2xxx: fix a bunch of typos and spelling mistakes	2017-07-01 17:12:31 -04:00
qla_nx.h	scsi: qla2xxx: remove writeq/readq function definitions	2017-06-12 20:48:08 -04:00
qla_os.c	scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration	2017-06-27 21:21:47 -04:00
qla_settings.h
qla_sup.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
qla_target.c	scsi: qla2xxx: Off by one in qlt_ctio_to_cmd()	2017-07-12 17:20:21 -04:00
qla_target.h	scsi: qla2xxx: Remove datasegs_per_cmd and datasegs_per_cont field	2017-06-27 21:21:41 -04:00
qla_tmpl.c	scsi: qla2xxx: Fix system crash while triggering FW dump	2017-08-08 11:49:50 -04:00
qla_tmpl.h
qla_version.h	scsi: qla2xxx: Update Driver version to 10.00.00.00-k	2017-06-27 21:24:13 -04:00
tcm_qla2xxx.c	scsi: qla2xxx: Move target stat counters from vha to qpair.	2017-06-27 21:21:41 -04:00
tcm_qla2xxx.h	qla2xxx: Track I-T nexus as single fc_port struct	2017-02-08 23:34:07 -08:00