From: Jens Axboe <jens.axboe@oracle.com>
To: Jeff Garzik <jeff@garzik.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Daniel Drake <dsd@gentoo.org>,
linux list <linux-kernel@vger.kernel.org>,
linux-ide@vger.kernel.org
Subject: Re: "Fix ATAPI transfer lengths" causes CD writing regression
Date: Wed, 31 Oct 2007 18:55:44 +0100 [thread overview]
Message-ID: <20071031175543.GB11514@kernel.dk> (raw)
In-Reply-To: <4728A7D4.8050008@garzik.org>
On Wed, Oct 31 2007, Jeff Garzik wrote:
> Jens Axboe wrote:
> >Right, that's of course problematic... There has to be a way to recover
> >that situation though, or you can't export any user command issue
> >facility.
>
> You cannot hope to handle all possible effects arising from an app
> providing an invalid sg header / cdb.
>
> Once you start talking "recovery" you are already screwed: we are
> talking about low-level hardware commands that are passed straight to
> the hardware. It is trivial to lock up hardware, brick hardware, and
> corrupt data at that level.
>
>
> If this is NOT a privileged app, we must update the command validation
> to ensure that invalid commands are not transported to the hardware.
>
> If this is a privileged app, our work is done. Fix the app. We gave
> root rope, and he took it.
Woaw, back the truck up a bit :-)
I'm talking about simple things - like asking for 8 bytes of sense data.
Simple mistakes. You cannot possibly check for everything like that in a
command filter, it's utterly impossible.
> I even venture to say that "accept anything, clean up afterwards" is
> /impossible/ to implement, in addition to being dangerous.
Certainly, that's not what I'm talking about.
--
Jens Axboe
next prev parent reply other threads:[~2007-10-31 17:55 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-30 15:14 "Fix ATAPI transfer lengths" causes CD writing regression Daniel Drake
2007-10-30 15:34 ` Alan Cox
2007-10-30 17:45 ` Daniel Drake
2007-10-30 18:26 ` Frans Pop
2007-10-30 19:01 ` Alan Cox
2007-10-30 19:21 ` Daniel Drake
2007-10-31 11:49 ` Alan Cox
2007-10-31 11:57 ` Jens Axboe
2007-10-31 12:20 ` Jeff Garzik
2007-10-31 12:26 ` Jens Axboe
2007-10-31 16:05 ` Jeff Garzik
2007-10-31 16:29 ` Alan Cox
2007-10-31 16:34 ` Daniel Drake
2007-10-31 17:55 ` Jens Axboe [this message]
2007-11-01 0:40 ` Tejun Heo
2007-11-01 7:24 ` Tejun Heo
2007-11-01 10:50 ` Alan Cox
2007-10-31 12:49 ` Alan Cox
2007-11-01 9:48 ` Jeff Garzik
2007-11-01 10:53 ` Alan Cox
2007-11-01 11:09 ` Jeff Garzik
2007-11-01 14:15 ` Alan Cox
2007-11-01 15:33 ` Daniel Drake
2007-11-01 15:57 ` Alan Cox
2007-11-01 16:06 ` Tejun Heo
2007-11-01 16:04 ` Tejun Heo
2007-11-02 21:19 ` Daniel Drake
2007-11-03 1:17 ` Tejun Heo
2007-11-03 12:34 ` Jeff Garzik
2007-11-03 20:02 ` Daniel Drake
2007-11-04 0:07 ` Tejun Heo
2007-11-04 4:02 ` Albert Lee
2007-11-04 23:42 ` Alan Cox
2007-11-05 0:05 ` Tejun Heo
2007-11-05 13:03 ` Alan Cox
2007-11-06 10:18 ` Tejun Heo
2007-11-06 12:48 ` Alan Cox
2007-11-05 0:15 ` Daniel Drake
2007-11-02 17:58 ` Jeff Garzik
2007-10-30 16:02 ` Jeff Garzik
2007-10-30 16:10 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071031175543.GB11514@kernel.dk \
--to=jens.axboe@oracle.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=dsd@gentoo.org \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.