From: Jeff Garzik <jeff@garzik.org>
To: Jens Axboe <jens.axboe@oracle.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Daniel Drake <dsd@gentoo.org>,
linux list <linux-kernel@vger.kernel.org>,
linux-ide@vger.kernel.org
Subject: Re: "Fix ATAPI transfer lengths" causes CD writing regression
Date: Wed, 31 Oct 2007 12:05:40 -0400 [thread overview]
Message-ID: <4728A7D4.8050008@garzik.org> (raw)
In-Reply-To: <20071031122639.GN5059@kernel.dk>
Jens Axboe wrote:
> Right, that's of course problematic... There has to be a way to recover
> that situation though, or you can't export any user command issue
> facility.
You cannot hope to handle all possible effects arising from an app
providing an invalid sg header / cdb.
Once you start talking "recovery" you are already screwed: we are
talking about low-level hardware commands that are passed straight to
the hardware. It is trivial to lock up hardware, brick hardware, and
corrupt data at that level.
If this is NOT a privileged app, we must update the command validation
to ensure that invalid commands are not transported to the hardware.
If this is a privileged app, our work is done. Fix the app. We gave
root rope, and he took it.
I even venture to say that "accept anything, clean up afterwards" is
/impossible/ to implement, in addition to being dangerous.
Jeff
next prev parent reply other threads:[~2007-10-31 16:05 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-30 15:14 "Fix ATAPI transfer lengths" causes CD writing regression Daniel Drake
2007-10-30 15:34 ` Alan Cox
2007-10-30 17:45 ` Daniel Drake
2007-10-30 18:26 ` Frans Pop
2007-10-30 19:01 ` Alan Cox
2007-10-30 19:21 ` Daniel Drake
2007-10-31 11:49 ` Alan Cox
2007-10-31 11:57 ` Jens Axboe
2007-10-31 12:20 ` Jeff Garzik
2007-10-31 12:26 ` Jens Axboe
2007-10-31 16:05 ` Jeff Garzik [this message]
2007-10-31 16:29 ` Alan Cox
2007-10-31 16:34 ` Daniel Drake
2007-10-31 17:55 ` Jens Axboe
2007-11-01 0:40 ` Tejun Heo
2007-11-01 7:24 ` Tejun Heo
2007-11-01 10:50 ` Alan Cox
2007-10-31 12:49 ` Alan Cox
2007-11-01 9:48 ` Jeff Garzik
2007-11-01 10:53 ` Alan Cox
2007-11-01 11:09 ` Jeff Garzik
2007-11-01 14:15 ` Alan Cox
2007-11-01 15:33 ` Daniel Drake
2007-11-01 15:57 ` Alan Cox
2007-11-01 16:06 ` Tejun Heo
2007-11-01 16:04 ` Tejun Heo
2007-11-02 21:19 ` Daniel Drake
2007-11-03 1:17 ` Tejun Heo
2007-11-03 12:34 ` Jeff Garzik
2007-11-03 20:02 ` Daniel Drake
2007-11-04 0:07 ` Tejun Heo
2007-11-04 4:02 ` Albert Lee
2007-11-04 23:42 ` Alan Cox
2007-11-05 0:05 ` Tejun Heo
2007-11-05 13:03 ` Alan Cox
2007-11-06 10:18 ` Tejun Heo
2007-11-06 12:48 ` Alan Cox
2007-11-05 0:15 ` Daniel Drake
2007-11-02 17:58 ` Jeff Garzik
2007-10-30 16:02 ` Jeff Garzik
2007-10-30 16:10 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4728A7D4.8050008@garzik.org \
--to=jeff@garzik.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=dsd@gentoo.org \
--cc=jens.axboe@oracle.com \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.