Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v5.3 2019-08-07T18:23:57Z 2019-08-07T18:23:57Z Jens Axboe axboe@kernel.dk 2019-08-07T18:23:57Z urn:sha1:752ead44491e8c91e14d7079625c5916b30921c5 Abort processing of a command if we run out of mapped data in the SG list. This should never happen, but a previous bug caused it to be possible. Play it safe and attempt to abort nicely if we don't have more SG segments left. Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-08-07T18:20:52Z Jens Axboe axboe@kernel.dk 2019-08-07T18:20:52Z urn:sha1:2d7271501720038381d45fb3dcbe4831228fc8cc For passthrough requests, libata-scsi takes what the user passes in as gospel. This can be problematic if the user fills in the CDB incorrectly. One example of that is in request sizes. For read/write commands, the CDB contains fields describing the transfer length of the request. These should match with the SG_IO header fields, but libata-scsi currently does no validation of that. Check that the number of blocks in the CDB for passthrough requests matches what was mapped into the request. If the CDB asks for more data then the validated SG_IO header fields, error it. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-08-06T13:44:59Z Gustavo A. R. Silva gustavo@embeddedor.com 2019-08-06T08:08:08Z urn:sha1:db341a049ec7e87053c91008cb452d0bfa6dde72 Fix the following warning (Building: rb532_defconfig mips): drivers/ata/pata_rb532_cf.c: In function ‘rb532_pata_driver_remove’: drivers/ata/pata_rb532_cf.c:161:24: warning: unused variable ‘info’ [-Wunused-variable] struct rb532_cf_info *info = ah->private_data; ^~~~ Fixes: cd56f35e52d9 ("ata: rb532_cf: Convert to use GPIO descriptors") Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-07-31T14:51:17Z Miquel Raynal miquel.raynal@bootlin.com 2019-07-31T12:26:51Z urn:sha1:090bb803708198e5ab6b0046398c7ed9f4d12d6b Retrieving PHYs can defer the probe, do not spawn an error when -EPROBE_DEFER is returned, it is normal behavior. Fixes: b1a9edbda040 ("ata: libahci: allow to use multiple PHYs") Reviewed-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-07-29T22:00:14Z Kees Cook keescook@chromium.org 2019-07-29T21:47:22Z urn:sha1:71d6c505b4d9e6f76586350450e785e3d452b346 Jeffrin reported a KASAN issue: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70 Read of size 16 at addr ffffffff91f41f80 by task scsi_eh_1/149 ... The buggy address belongs to the variable: cdb.48319+0x0/0x40 Much like commit 18c9a99bce2a ("libata: zpodd: small read overflow in eject_tray()"), this fixes a cdb[] buffer length, this time in zpodd_get_mech_type(): We read from the cdb[] buffer in ata_exec_internal_sg(). It has to be ATAPI_CDB_LEN (16) bytes long, but this buffer is only 12 bytes. Reported-by: Jeffrin Jose T <jeffrin@rajagiritech.edu.in> Fixes: afe759511808c ("libata: identify and init ZPODD devices") Link: https://lore.kernel.org/lkml/201907181423.E808958@keescook/ Tested-by: Jeffrin Jose T <jeffrin@rajagiritech.edu.in> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-07-16T14:27:09Z Ding Xiang dingxiang@cmss.chinamobile.com 2019-07-16T09:54:08Z urn:sha1:c56cbfae62b7d572c7994c927202d337633cc7d9 devm_ioremap_resource already contains error message, so remove the redundant dev_err message Signed-off-by: Ding Xiang <dingxiang@cmss.chinamobile.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-07-09T17:59:26Z Linus Torvalds torvalds@linux-foundation.org 2019-07-09T17:59:26Z urn:sha1:cdc5ffc4100549654e19e6f068cf1fc0871a85c2 Pull libata updates from Jens Axboe: "These are the changes that are reviewed, tested, and queued up for this merge window. This contains: - Removal of redundant memset after dmam_alloc_coherent (Fuqian) - Expand blacklist check for ST1000LM024, making it independent of firmware version (Hans) - Request sense fix (Tejun) - ahci_sunxi FIFO fix (Uenal)" * tag 'for-5.3/libata-20190708' of git://git.kernel.dk/linux-block: drivers: ata: ahci_sunxi: Increased SATA/AHCI DMA TX/RX FIFOs libata: Drop firmware version check from the ST1000LM024 quirk ata: sata_sil24: Remove call to memset after dmam_alloc_coherent ata:sata_qstor: Remove call to memset after dmam_alloc_coherent ata: sata_nv: Remove call to memset after dmam_alloc_coherent ata: pdc_adma: Remove call to memset after dmam_alloc_coherent ata: libahci: Remove call to memset after dmam_alloc_coherent ata: acard-ahci: Remove call to memset after dmam_alloc_coherent libata: don't request sense data on !ZAC ATA devices 2019-07-05T16:17:18Z Uenal Mutlu um@mutluit.com 2019-05-13T14:24:10Z urn:sha1:120357ea176e420d313cf8cf2ff35fbe233d3bab Increasing the SATA/AHCI DMA TX/RX FIFOs (P0DMACR.TXTS and .RXTS, ie. TX_TRANSACTION_SIZE and RX_TRANSACTION_SIZE) from default 0x0 each to 0x3 each, gives a write performance boost of 120 MiB/s to 132 MiB/s from lame 36 MiB/s to 45 MiB/s previously. Read performance is above 200 MiB/s. [tested on SSD using dd bs=4K/8K/12K/16K/20K/24K/32K: peak-perf at 12K] Tested on the SBCs Banana Pi R1 (aka Lamobo R1) and Banana Pi M1 which are based on the Allwinner A20 32bit-SoC (ARMv7-a / arm-linux-gnueabihf). These devices are RaspberryPi-like small devices. This problem of slow SATA write-speed with these small devices lasts for about 7 years now (beginning with the A10 SoC). Many commentators throughout the years wrongly assumed the slow write speed was a hardware limitation. This patch finally solves the problem, which in fact was just a hard-to-find software problem due to lack of SATA/AHCI documentation by the SoC-maker Allwinner Technology. Lists of the affected sunxi and other boards and SoCs with SATA using the ahci_sunxi driver: $ grep -i -e "^&ahci" arch/arm/boot/dts/sun*dts and http://linux-sunxi.org/SATA#Devices_with_SATA_ports See also http://linux-sunxi.org/Category:Devices_with_SATA_port Tested-by: Chen-Yu Tsai <wens@csie.org> Acked-by: Maxime Ripard <maxime.ripard@bootlin.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Uenal Mutlu <um@mutluit.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-07-02T21:53:09Z Hans de Goede hdegoede@redhat.com 2019-07-01T16:58:13Z urn:sha1:8756a25b07e6fe878c1a3a40e71a322b18ba57af There are several firmware versions between version 2AR10001 and 2BA30001, presumably these also have broken FPDMA_AA activation, so lets play it safe and apply the quirk to all firmware versions. Suggested-by: Martin K. Petersen <martin.petersen@oracle.com> Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> 2019-06-29T15:42:23Z Fuqian Huang huangfq.daxian@gmail.com 2019-06-27T17:34:34Z urn:sha1:e675697eaca208edcebb42fd8c30a71bd5258c40 In commit af7ddd8a627c ("Merge tag 'dma-mapping-4.21' of git://git.infradead.org/users/hch/dma-mapping"),, dmam_alloc_coherent has already zeroed the memory. So memset is not needed. Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com> Signed-off-by: Jens Axboe <axboe@kernel.dk>