[0/3] scsi: Fix a handful of memcpy() field overflows

Message ID	20210528181337.792268-1-keescook@chromium.org (mailing list archive)
Headers	show Return-Path: <linux-scsi-owner@kernel.org> From: Kees Cook <keescook@chromium.org> To: "Martin K . Petersen" <martin.petersen@oracle.com> Cc: Kees Cook <keescook@chromium.org>, Hannes Reinecke <hare@suse.de>, "James E.J. Bottomley" <jejb@linux.ibm.com>, "Gustavo A. R. Silva" <gustavoars@kernel.org>, Bradley Grove <linuxdrivers@attotech.com>, Artur Paszkiewicz <artur.paszkiewicz@intel.com>, linux-kernel@vger.kernel.org, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH 0/3] scsi: Fix a handful of memcpy() field overflows Date: Fri, 28 May 2021 11:13:34 -0700 Message-Id: <20210528181337.792268-1-keescook@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	scsi: Fix a handful of memcpy() field overflows \| expand [0/3] scsi: Fix a handful of memcpy() field overflows [1/3] scsi: fcoe: Statically initialize flogi_maddr [2/3] scsi: esas2r: Switch to flexible array member [3/3] scsi: isci: Use correctly sized target buffer for memcpy()

Message ID

20210528181337.792268-1-keescook@chromium.org (mailing list archive)

Headers

From: Kees Cook <keescook@chromium.org>
To: "Martin K . Petersen" <martin.petersen@oracle.com>
Cc: Kees Cook <keescook@chromium.org>, Hannes Reinecke <hare@suse.de>,
        "James E.J. Bottomley" <jejb@linux.ibm.com>,
        "Gustavo A. R. Silva" <gustavoars@kernel.org>,
        Bradley Grove <linuxdrivers@attotech.com>,
        Artur Paszkiewicz <artur.paszkiewicz@intel.com>,
        linux-kernel@vger.kernel.org, linux-scsi@vger.kernel.org,
        linux-hardening@vger.kernel.org
Subject: [PATCH 0/3] scsi: Fix a handful of memcpy() field overflows
Date: Fri, 28 May 2021 11:13:34 -0700
Message-Id: <20210528181337.792268-1-keescook@chromium.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

scsi: Fix a handful of memcpy() field overflows | expand

Message

Kees Cook May 28, 2021, 6:13 p.m. UTC

While working on improving FORTIFY_SOURCE's memcpy() coverage, there are
a few fixes that don't require any helper changes, etc.

-Kees

Kees Cook (3):
  scsi: fcoe: Statically initialize flogi_maddr
  scsi: esas2r: Switch to flexible array member
  scsi: isci: Use correctly sized target buffer for memcpy()

 drivers/scsi/esas2r/atioctl.h | 2 +-
 drivers/scsi/fcoe/fcoe.c      | 6 ++----
 drivers/scsi/isci/task.c      | 4 ++--
 3 files changed, 5 insertions(+), 7 deletions(-)

Comments

Martin K. Petersen June 2, 2021, 3:38 a.m. UTC | #1

Kees,

> While working on improving FORTIFY_SOURCE's memcpy() coverage, there are
> a few fixes that don't require any helper changes, etc.

Applied patches 2 and 3 to 5.14/scsi-staging, please update patch 1.

Thanks!

Kees Cook June 2, 2021, 6 p.m. UTC | #2

On Tue, Jun 01, 2021 at 11:38:47PM -0400, Martin K. Petersen wrote:
> Kees,
> 
> > While working on improving FORTIFY_SOURCE's memcpy() coverage, there are
> > a few fixes that don't require any helper changes, etc.
> 
> Applied patches 2 and 3 to 5.14/scsi-staging, please update patch 1.
> 
> Thanks!

Awesome; thanks! I've sent v2 for patch 1 now.

Martin K. Petersen June 8, 2021, 3:05 a.m. UTC | #3

On Fri, 28 May 2021 11:13:34 -0700, Kees Cook wrote:

> While working on improving FORTIFY_SOURCE's memcpy() coverage, there are
> a few fixes that don't require any helper changes, etc.
> 
> -Kees
> 
> Kees Cook (3):
>   scsi: fcoe: Statically initialize flogi_maddr
>   scsi: esas2r: Switch to flexible array member
>   scsi: isci: Use correctly sized target buffer for memcpy()
> 
> [...]

Applied to 5.14/scsi-queue, thanks!

[2/3] scsi: esas2r: Switch to flexible array member
      https://git.kernel.org/mkp/scsi/c/66fc475bd9e1
[3/3] scsi: isci: Use correctly sized target buffer for memcpy()
      https://git.kernel.org/mkp/scsi/c/5250db63d140