Re: [PATCH 1/4] scsi: target: Fix WRITE_SAME NDOB size check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/20/22 1:45 AM, Christoph Hellwig wrote:
> On Sun, Jun 19, 2022 at 11:25:33AM -0500, michael.christie@xxxxxxxxxx wrote:
>> sg_write_same allows it. We found the bug because some user just decided
>> to do:
>>
>> sg_write_same ... -nbod .. /dev/sdb
>>
>> and it crashed the box.
> 
> Oh.
> 
>> I didn't know about the MI_REPORT_SUPPORTED_OPERATION_CODES part of it.
>> I don't need support for the feature. I just want to fix the crash.
>> I prefer just returning failure since nothing ever has ever used it if
>> other people prefer that as well.
> 
> I think the feature is generally useful, and I know Martin had patches
> to use it in Linux.  But I think a minimal fix for the remotely

I'll work with Martin to find if there is an oracle user to test and on a
longer term feature addition.

> exploitable crash has the highest priority.  Where does it crash?

It crashes when we first access the sg in file and iblock's
execute_write_same functions.

> Maybe we just need a better sanity check somewhere if a command
> claims to transfer data but has not payload?

I'll look into it and send a patch.






[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux