lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181220090921.GP19692@kadam>
Date:   Thu, 20 Dec 2018 12:09:21 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Kangjie Lu <kjlu@....edu>
Cc:     pakki001@....edu, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Kees Cook <keescook@...omium.org>,
        Arnd Bergmann <arnd@...db.de>,
        Aymen Qader <qader.aymen@...il.com>,
        devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rts5208: add a missing check for the status of command
 sending

On Thu, Dec 20, 2018 at 01:57:01AM -0600, Kangjie Lu wrote:
> ms_send_cmd() may fail. The fix checks the return value of it, and if it
> fails, returns the error "STATUS_FAIL" upstream.
> 
> Signed-off-by: Kangjie Lu <kjlu@....edu>
> ---
>  drivers/staging/rts5208/ms.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/staging/rts5208/ms.c b/drivers/staging/rts5208/ms.c
> index f53adf15c685..5a9e562465e9 100644
> --- a/drivers/staging/rts5208/ms.c
> +++ b/drivers/staging/rts5208/ms.c
> @@ -2731,7 +2731,9 @@ static int mspro_rw_multi_sector(struct scsi_cmnd *srb,
>  		}
>  
>  		if (val & MS_INT_BREQ)

You would need to add a curly brace here.


> -			ms_send_cmd(chip, PRO_STOP, WAIT_INT);
> +			retval = ms_send_cmd(chip, PRO_STOP, WAIT_INT);
> +			if (retval != STATUS_SUCCESS)
> +				return STATUS_FAIL;

You can't overwrite "retval".  We already had an error code save there
but now you're changing to STATUS_SUCCESS.

Anyway, I think the original error handling is probably correct and we
should leave it as-is.  We're already trying to handle an error
situation by resetting stuff.  Then if we get another error while we
take these extreme measures to recover, we shouldn't give up.  We should
just keep on trying to reset instead of returning early.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ