scsi: initio: Add checks for errors in initio_msgin()
Commit Message
The initio_msgin() calls initio_msgin_accept(), initio_msgin_reject()
and initio_msgin_extend(), but does not check if they are succeed.
It is not consistent with the other code of the driver.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 72d39fea9017 ("[SCSI] initio: Convert into a real Linux driver and update to modern style")
Signed-off-by: Semyon Verchenko <semverchenko@factor-ts.ru>
Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
---
drivers/scsi/initio.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
Comments
On 26.11.2022 00:04, Alexey Khoroshilov wrote:
> The initio_msgin() calls initio_msgin_accept(), initio_msgin_reject()
> and initio_msgin_extend(), but does not check if they are succeed.
> It is not consistent with the other code of the driver.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: 72d39fea9017 ("[SCSI] initio: Convert into a real Linux driver and update to modern style")
> Signed-off-by: Semyon Verchenko <semverchenko@factor-ts.ru>
> Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
> ---
> drivers/scsi/initio.c | 15 ++++++++++-----
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/scsi/initio.c b/drivers/scsi/initio.c
> index 375261d67619..ee451aa34143 100644
> --- a/drivers/scsi/initio.c
> +++ b/drivers/scsi/initio.c
> @@ -2065,7 +2065,8 @@ static int initio_msgin(struct initio_host * host)
> case SAVE_POINTERS:
> case RESTORE_POINTERS:
> case NOP:
> - initio_msgin_accept(host);
> + if (initio_msgin_accept(host) == -1)
> + return -1;
> break;
> case MESSAGE_REJECT: /* Clear ATN first */
> outb((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)),
> @@ -2074,20 +2075,24 @@ static int initio_msgin(struct initio_host * host)
> if ((active_tc->flags & (TCF_SYNC_DONE | TCF_NO_SYNC_NEGO)) == 0) /* do sync nego */
> outb(((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)) | TSC_SET_ATN),
> host->addr + TUL_SSignal);
> - initio_msgin_accept(host);
> + if (initio_msgin_accept(host) == -1)
> + return -1;
> break;
> case EXTENDED_MESSAGE: /* extended msg */
> - initio_msgin_extend(host);
> + if (initio_msgin_extend(host) == -1)
> + return -1;
> break;
> case IGNORE_WIDE_RESIDUE:
> - initio_msgin_accept(host);
> + if (initio_msgin_accept(host) == -1)
> + return -1;
> break;
> case COMMAND_COMPLETE:
> outb(TSC_FLUSH_FIFO, host->addr + TUL_SCtrl0);
> outb(TSC_MSG_ACCEPT, host->addr + TUL_SCmd);
> return initio_wait_done_disc(host);
> default:
> - initio_msgout_reject(host);
> + if (initio_msgout_reject(host) == -1)
> + return -1;
> break;
> }
> if (host->phase != MSG_IN)
>
Just a friendly reminder)
@@ -2065,7 +2065,8 @@ static int initio_msgin(struct initio_host * host)
case SAVE_POINTERS:
case RESTORE_POINTERS:
case NOP:
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case MESSAGE_REJECT: /* Clear ATN first */
outb((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)),
@@ -2074,20 +2075,24 @@ static int initio_msgin(struct initio_host * host)
if ((active_tc->flags & (TCF_SYNC_DONE | TCF_NO_SYNC_NEGO)) == 0) /* do sync nego */
outb(((inb(host->addr + TUL_SSignal) & (TSC_SET_ACK | 7)) | TSC_SET_ATN),
host->addr + TUL_SSignal);
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case EXTENDED_MESSAGE: /* extended msg */
- initio_msgin_extend(host);
+ if (initio_msgin_extend(host) == -1)
+ return -1;
break;
case IGNORE_WIDE_RESIDUE:
- initio_msgin_accept(host);
+ if (initio_msgin_accept(host) == -1)
+ return -1;
break;
case COMMAND_COMPLETE:
outb(TSC_FLUSH_FIFO, host->addr + TUL_SCtrl0);
outb(TSC_MSG_ACCEPT, host->addr + TUL_SCmd);
return initio_wait_done_disc(host);
default:
- initio_msgout_reject(host);
+ if (initio_msgout_reject(host) == -1)
+ return -1;
break;
}
if (host->phase != MSG_IN)