[SRU P][PATCH 0/4] CVE-2025-38239 megaraid_sas: Features and Bug Fixes

Stefan Bader stefan.bader at canonical.com
Tue Aug 19 10:09:04 UTC 2025 

On 14.08.25 02:52, Michael Reed wrote:
> From: Michael Reed <Michael.Reed at canonical.com>
> 
> BugLink: https://bugs.launchpad.net/bugs/2107492
> 

There are a couple of issues with this. First I would like to see the 
security issues separated from the generic bug fixes / driver updates. 
Further the bug report / cover email are rather confusing as they do not 
really match what got submitted and do not clearly indicate why this is 
the case.

> SRU Justification:
> 
> garaid_sas: Fix for a potential deadlock
> 5f60d5f6bbc1 move asm/unaligned.h to linux/unaligned.h
> 571d81b482f0 scsi: megaraid_sas: Remove trailing space after \n newline
> b97c0741c7dc scsi: Expand all create*_workqueue() invocations
> 29b4a4975077 scsi: megaraid_sas: struct MR_HOST_DEVICE_LIST: Replace 1-element array with flexible array
> ed8ab02c85b3 scsi: megaraid_sas: struct MR_LD_VF_MAP: Replace 1-element arrays with flexible arrays
> aa57abe6a7f9 megaraid_sas: don't set QUEUE_FLAG_NOMERGES
> 529ed2d8b670 scsi: megaraid_sas: Use PCI_IRQ_INTX instead of PCI_IRQ_LEGACY
> b57089d32c2c scsi: megaraid_sas: Switch to using ->device_configure
> e75f7555e1e7 scsi: megaraid: Indent Kconfig option help text
> 
> CVE-2025-38239
> 752eb816b55 scsi: megaraid_sas: Fix invalid node index

I assume this was the list for the Noble/6.8 kernel and the 4 patches 
sent for Plucky/6.14 is what is left (the delta between 6.8 and 6.14. So 
the justification in the bug report at least should be updated to 
clearly state what is to be expected for which series. Mind that the SRU 
justification in the bug report targets the distro SRU team. That can be 
someone outside the kernel team. We copy this into the cover emails to 
avoid duplication but the cover email is what should have information 
that helps the reviewers. More of a technical background reasoning. Like 
a quick reminder why we do full driver backports for this driver while 
the normal SRU rules say bug fixes only.

> 
> [Test Plan]
> - Driver load/unlaod
> - virtual drive creation (R0, R1) and deletion
> - JBOD creation and deletion
> - IO run with different profiles (4k...1M) on VDs and JBODs,
> - Controller reset while running IOs
> - Event handling

Not as a complaint but I wished we could refer here to a test suite 
anyone with that hardware might run and which could be used for the 
verification.

> 
> [Where problems could occur]
> 
> Regression Risk is low. The changes are confined to the megaraid_sas driver

This is not what the SRU team wants to see here. Rather they would like 
to have a hint hint what a user might see if things go wrong. That is 
exceptionally hard to say for general update driver to latest version 
changes. Quickly glancing at the 3 non-CVE changes it might be 
compilation errors and problems around RESERVE/RELEASE (whatever those 
do in the context of SCSI). And the driver version changes.

-Stefan
> 
> [Other Info]
> 
> https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/plucky/+ref/lp_2107492_megaraid_sas_update_3
> 
> See original description
> 
> Bart Van Assche (1):
>    scsi: usb: Rename the RESERVE and RELEASE constants
> 
> Chandrakanth Patil (1):
>    scsi: megaraid_sas: Driver version update to 07.734.00.00-rc1
> 
> Chen Yu (1):
>    scsi: megaraid_sas: Fix invalid node index
> 
> Dr. David Alan Gilbert (1):
>    scsi: megaraid_sas: Make most module parameters static
> 
>   drivers/message/fusion/mptscsih.c            |  4 ++--
>   drivers/scsi/aacraid/aachba.c                |  4 ++--
>   drivers/scsi/arm/acornscsi.c                 |  2 +-
>   drivers/scsi/ips.c                           |  8 ++++----
>   drivers/scsi/megaraid.c                      | 10 +++++-----
>   drivers/scsi/megaraid/megaraid_mbox.c        | 10 +++++-----
>   drivers/scsi/megaraid/megaraid_sas.h         |  4 ++--
>   drivers/scsi/megaraid/megaraid_sas_base.c    | 16 ++++++++++------
>   drivers/target/target_core_device.c          |  8 ++++----
>   drivers/target/target_core_pr.c              |  6 +++---
>   drivers/target/target_core_spc.c             | 20 ++++++++++----------
>   drivers/usb/gadget/function/f_mass_storage.c |  4 ++--
>   drivers/usb/storage/debug.c                  |  4 ++--
>   include/scsi/scsi_proto.h                    |  4 ++--
>   include/trace/events/scsi.h                  |  4 ++--
>   include/trace/events/target.h                |  4 ++--
>   16 files changed, 58 insertions(+), 54 deletions(-)
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250819/cb7f065e/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250819/cb7f065e/attachment-0001.sig>

More information about the kernel-team mailing list