From ded5f6924c50a1b04bc7d1d1880741916e6c8ac8 Mon Sep 17 00:00:00 2001 From: Sasha Levin Date: Fri, 27 Jan 2023 22:46:14 -0500 Subject: [PATCH] Fixes for 5.4 Signed-off-by: Sasha Levin --- ...-allocation-size-for-scsi_host_alloc.patch | 40 +++++++++++++++++++ queue-5.4/series | 1 + 2 files changed, 41 insertions(+) create mode 100644 queue-5.4/scsi-hpsa-fix-allocation-size-for-scsi_host_alloc.patch diff --git a/queue-5.4/scsi-hpsa-fix-allocation-size-for-scsi_host_alloc.patch b/queue-5.4/scsi-hpsa-fix-allocation-size-for-scsi_host_alloc.patch new file mode 100644 index 00000000000..ea32346c21a --- /dev/null +++ b/queue-5.4/scsi-hpsa-fix-allocation-size-for-scsi_host_alloc.patch @@ -0,0 +1,40 @@ +From 69240bf71ae46afac78c9fe01c93c387b62cbea0 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 18 Jan 2023 06:12:55 +0300 +Subject: scsi: hpsa: Fix allocation size for scsi_host_alloc() + +From: Alexey V. Vissarionov + +[ Upstream commit bbbd25499100c810ceaf5193c3cfcab9f7402a33 ] + +The 'h' is a pointer to struct ctlr_info, so it's just 4 or 8 bytes, while +the structure itself is much bigger. + +Found by Linux Verification Center (linuxtesting.org) with SVACE. + +Fixes: edd163687ea5 ("hpsa: add driver for HP Smart Array controllers.") +Link: https://lore.kernel.org/r/20230118031255.GE15213@altlinux.org +Signed-off-by: Alexey V. Vissarionov +Acked-by: Don Brace +Signed-off-by: Martin K. Petersen +Signed-off-by: Sasha Levin +--- + drivers/scsi/hpsa.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c +index ba125ed7e06a..e670cce0cb6e 100644 +--- a/drivers/scsi/hpsa.c ++++ b/drivers/scsi/hpsa.c +@@ -5810,7 +5810,7 @@ static int hpsa_scsi_host_alloc(struct ctlr_info *h) + { + struct Scsi_Host *sh; + +- sh = scsi_host_alloc(&hpsa_driver_template, sizeof(h)); ++ sh = scsi_host_alloc(&hpsa_driver_template, sizeof(struct ctlr_info)); + if (sh == NULL) { + dev_err(&h->pdev->dev, "scsi_host_alloc failed\n"); + return -ENOMEM; +-- +2.39.0 + diff --git a/queue-5.4/series b/queue-5.4/series index 16b2ba9da10..ab84fc7bbcf 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -73,3 +73,4 @@ netfilter-conntrack-do-not-renew-entry-stuck-in-tcp-.patch fs-reiserfs-remove-useless-new_opts-in-reiserfs_remount.patch revert-revert-xhci-set-hcd-flag-to-defer-primary-roo.patch bluetooth-hci_sync-cancel-cmd_timer-if-hci_open-fail.patch +scsi-hpsa-fix-allocation-size-for-scsi_host_alloc.patch -- 2.47.3