From: Christoph Hellwig <hch@infradead.org>
To: Daniel Wagner <dwagner@suse.de>
Cc: hch@infradead.org, Sagi Grimberg <sagi@grimberg.me>,
Frederick Knight <Frederick.Knight@netapp.com>,
Hannes Reinecke <hare@suse.de>,
James Smart <jsmart2021@gmail.com>,
John Meneghini <jmeneghi@redhat.com>,
Shinichiro Kawasaki <shinichiro.kawasaki@wdc.com>,
linux-nvme@lists.infradead.org
Subject: Re: [PATCH v3] nvmet: force reconnect when number of queue changes
Date: Tue, 18 Oct 2022 08:15:44 -0700 [thread overview]
Message-ID: <Y07DIJf9BjHzPewa@infradead.org> (raw)
In-Reply-To: <Y07A8HxPj4cM7RVT@infradead.org>
On Tue, Oct 18, 2022 at 08:06:24AM -0700, Christoph Hellwig wrote:
> On Mon, Oct 17, 2022 at 07:38:17PM +0200, Daniel Wagner wrote:
> > Hi Christoph,
> >
> > Please consider to add the patch for the current rc phase as it fixes an
> > invalid memory access and I would like to avoid that the code fuzzer
> > army is going after us :)
>
> I filed this under enhancement and planned to add it to 6.2. Canyou
> explain the invalid memory access a bit more?
I guess this would the minimal memory access fix?
---
From c881123281d429da61ebd049c0867f8520dbfcb3 Mon Sep 17 00:00:00 2001
From: Daniel Wagner <dwagner@suse.de>
Date: Fri, 7 Oct 2022 09:29:34 +0200
Subject: nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show
The item passed into nvmet_subsys_attr_qid_max_show is not a member of
struct nvmet_port, it is part of nvmet_subsys. Hence, don't try to
dereference it as struct nvme_ctrl pointer.
Fixes: 3e980f5995e0 ("nvmet: Expose max queues to configfs")
Reported-by: Shinichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Link: https://lore.kernel.org/r/20220913064203.133536-1-dwagner@suse.de
Signed-off-by: Daniel Wagner <dwagner@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Acked-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
drivers/nvme/target/configfs.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/nvme/target/configfs.c b/drivers/nvme/target/configfs.c
index e34a2896fedb2..9443ee1d4ae3d 100644
--- a/drivers/nvme/target/configfs.c
+++ b/drivers/nvme/target/configfs.c
@@ -1290,12 +1290,8 @@ static ssize_t nvmet_subsys_attr_qid_max_show(struct config_item *item,
static ssize_t nvmet_subsys_attr_qid_max_store(struct config_item *item,
const char *page, size_t cnt)
{
- struct nvmet_port *port = to_nvmet_port(item);
u16 qid_max;
- if (nvmet_is_port_enabled(port, __func__))
- return -EACCES;
-
if (sscanf(page, "%hu\n", &qid_max) != 1)
return -EINVAL;
--
2.30.2
next prev parent reply other threads:[~2022-10-18 15:18 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-07 7:29 [PATCH v3] nvmet: force reconnect when number of queue changes Daniel Wagner
2022-10-12 6:42 ` Sagi Grimberg
2022-10-12 6:57 ` Hannes Reinecke
2022-10-17 17:38 ` Daniel Wagner
2022-10-18 15:06 ` Christoph Hellwig
2022-10-18 15:15 ` Christoph Hellwig [this message]
2022-10-19 6:42 ` Daniel Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y07DIJf9BjHzPewa@infradead.org \
--to=hch@infradead.org \
--cc=Frederick.Knight@netapp.com \
--cc=dwagner@suse.de \
--cc=hare@suse.de \
--cc=jmeneghi@redhat.com \
--cc=jsmart2021@gmail.com \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
--cc=shinichiro.kawasaki@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.