OSDN Git Service

(root) / uclinux-h8 / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6ff8556)
[SCSI] lpfc 8.3.45: Fix sysfs buffer overrun in read of lpfc_fcp_cpu_map for 128...
authorJames Smart <james.smart@emulex.com>
Thu, 20 Feb 2014 14:57:18 +0000 (09:57 -0500)
committerJames Bottomley <JBottomley@Parallels.com>
Sat, 15 Mar 2014 17:18:57 +0000 (10:18 -0700)
Signed-off-by: James Smart <james.smart@emulex.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
drivers/scsi/lpfc/lpfc_attr.c patch | blob | history
drivers/scsi/lpfc/lpfc_init.c patch | blob | history
drivers/scsi/lpfc/lpfc_sli4.h patch | blob | history

diff --git a/drivers/scsi/lpfc/lpfc_attr.c b/drivers/scsi/lpfc/lpfc_attr.c
index ba8b77a..8d5b6ce 100644 (file)
--- a/drivers/scsi/lpfc/lpfc_attr.c
+++ b/drivers/scsi/lpfc/lpfc_attr.c
@@ -4288,7 +4288,7 @@ lpfc_fcp_cpu_map_show(struct device *dev, struct device_attribute *attr,
        struct lpfc_vport *vport = (struct lpfc_vport *)shost->hostdata;
        struct lpfc_hba   *phba = vport->phba;
        struct lpfc_vector_map_info *cpup;
-       int  idx, len = 0;
+       int  len = 0;
 
        if ((phba->sli_rev != LPFC_SLI_REV4) ||
            (phba->intr_type != MSIX))
@@ -4316,23 +4316,39 @@ lpfc_fcp_cpu_map_show(struct device *dev, struct device_attribute *attr,
                break;
        }
 
-       cpup = phba->sli4_hba.cpu_map;
-       for (idx = 0; idx < phba->sli4_hba.num_present_cpu; idx++) {
+       while (phba->sli4_hba.curr_disp_cpu < phba->sli4_hba.num_present_cpu) {
+               cpup = &phba->sli4_hba.cpu_map[phba->sli4_hba.curr_disp_cpu];
+
+               /* margin should fit in this and the truncated message */
                if (cpup->irq == LPFC_VECTOR_MAP_EMPTY)
                        len += snprintf(buf + len, PAGE_SIZE-len,
                                        "CPU %02d io_chan %02d "
                                        "physid %d coreid %d\n",
-                                       idx, cpup->channel_id, cpup->phys_id,
+                                       phba->sli4_hba.curr_disp_cpu,
+                                       cpup->channel_id, cpup->phys_id,
                                        cpup->core_id);
                else
                        len += snprintf(buf + len, PAGE_SIZE-len,
                                        "CPU %02d io_chan %02d "
                                        "physid %d coreid %d IRQ %d\n",
-                                       idx, cpup->channel_id, cpup->phys_id,
+                                       phba->sli4_hba.curr_disp_cpu,
+                                       cpup->channel_id, cpup->phys_id,
                                        cpup->core_id, cpup->irq);
 
-               cpup++;
+               phba->sli4_hba.curr_disp_cpu++;
+
+               /* display max number of CPUs keeping some margin */
+               if (phba->sli4_hba.curr_disp_cpu <
+                               phba->sli4_hba.num_present_cpu &&
+                               (len >= (PAGE_SIZE - 64))) {
+                       len += snprintf(buf + len, PAGE_SIZE-len, "more...\n");
+                       break;
+               }
        }
+
+       if (phba->sli4_hba.curr_disp_cpu == phba->sli4_hba.num_present_cpu)
+               phba->sli4_hba.curr_disp_cpu = 0;
+
        return len;
 }
 
diff --git a/drivers/scsi/lpfc/lpfc_init.c b/drivers/scsi/lpfc/lpfc_init.c
index 157ad1c..f31a368 100644 (file)
--- a/drivers/scsi/lpfc/lpfc_init.c
+++ b/drivers/scsi/lpfc/lpfc_init.c
@@ -5280,6 +5280,7 @@ lpfc_sli4_driver_resource_unset(struct lpfc_hba *phba)
        kfree(phba->sli4_hba.cpu_map);
        phba->sli4_hba.num_present_cpu = 0;
        phba->sli4_hba.num_online_cpu = 0;
+       phba->sli4_hba.curr_disp_cpu = 0;
 
        /* Free memory allocated for msi-x interrupt vector entries */
        kfree(phba->sli4_hba.msix_entries);
@@ -6850,6 +6851,7 @@ lpfc_sli4_queue_verify(struct lpfc_hba *phba)
        }
        phba->sli4_hba.num_online_cpu = i;
        phba->sli4_hba.num_present_cpu = lpfc_present_cpu;
+       phba->sli4_hba.curr_disp_cpu = 0;
 
        if (i < cfg_fcp_io_channel) {
                lpfc_printf_log(phba,
diff --git a/drivers/scsi/lpfc/lpfc_sli4.h b/drivers/scsi/lpfc/lpfc_sli4.h
index e432590..9b8cda8 100644 (file)
--- a/drivers/scsi/lpfc/lpfc_sli4.h
+++ b/drivers/scsi/lpfc/lpfc_sli4.h
@@ -607,6 +607,7 @@ struct lpfc_sli4_hba {
        struct lpfc_vector_map_info *cpu_map;
        uint16_t num_online_cpu;
        uint16_t num_present_cpu;
+       uint16_t curr_disp_cpu;
 };
 
 enum lpfc_sge_type {
About OSDN
Find Software
Develop Software
Help