From: Jens Axboe <jens.axboe@oracle.com>
To: Jeff Garzik <jeff@garzik.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Daniel Drake <dsd@gentoo.org>,
linux list <linux-kernel@vger.kernel.org>,
linux-ide@vger.kernel.org
Subject: Re: "Fix ATAPI transfer lengths" causes CD writing regression
Date: Wed, 31 Oct 2007 18:55:44 +0100 [thread overview]
Message-ID: <20071031175543.GB11514@kernel.dk> (raw)
In-Reply-To: <4728A7D4.8050008@garzik.org>
On Wed, Oct 31 2007, Jeff Garzik wrote:
> Jens Axboe wrote:
> >Right, that's of course problematic... There has to be a way to recover
> >that situation though, or you can't export any user command issue
> >facility.
>
> You cannot hope to handle all possible effects arising from an app
> providing an invalid sg header / cdb.
>
> Once you start talking "recovery" you are already screwed: we are
> talking about low-level hardware commands that are passed straight to
> the hardware. It is trivial to lock up hardware, brick hardware, and
> corrupt data at that level.
>
>
> If this is NOT a privileged app, we must update the command validation
> to ensure that invalid commands are not transported to the hardware.
>
> If this is a privileged app, our work is done. Fix the app. We gave
> root rope, and he took it.
Woaw, back the truck up a bit :-)
I'm talking about simple things - like asking for 8 bytes of sense data.
Simple mistakes. You cannot possibly check for everything like that in a
command filter, it's utterly impossible.
> I even venture to say that "accept anything, clean up afterwards" is
> /impossible/ to implement, in addition to being dangerous.
Certainly, that's not what I'm talking about.
--
Jens Axboe
next prev parent reply other threads:[~2007-10-31 17:55 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-30 15:14 "Fix ATAPI transfer lengths" causes CD writing regression Daniel Drake
2007-10-30 15:34 ` Alan Cox
2007-10-30 17:45 ` Daniel Drake
2007-10-30 18:26 ` Frans Pop
2007-10-30 19:01 ` Alan Cox
2007-10-30 19:21 ` Daniel Drake
2007-10-31 11:49 ` Alan Cox
2007-10-31 11:57 ` Jens Axboe
2007-10-31 12:20 ` Jeff Garzik
2007-10-31 12:26 ` Jens Axboe
2007-10-31 16:05 ` Jeff Garzik
2007-10-31 16:29 ` Alan Cox
2007-10-31 16:34 ` Daniel Drake
2007-10-31 17:55 ` Jens Axboe [this message]
2007-11-01 0:40 ` Tejun Heo
2007-11-01 7:24 ` Tejun Heo
2007-11-01 10:50 ` Alan Cox
2007-10-31 12:49 ` Alan Cox
2007-11-01 9:48 ` Jeff Garzik
2007-11-01 10:53 ` Alan Cox
2007-11-01 11:09 ` Jeff Garzik
2007-11-01 14:15 ` Alan Cox
2007-11-01 15:33 ` Daniel Drake
2007-11-01 15:57 ` Alan Cox
2007-11-01 16:06 ` Tejun Heo
2007-11-01 16:04 ` Tejun Heo
2007-11-02 21:19 ` Daniel Drake
2007-11-03 1:17 ` Tejun Heo
2007-11-03 12:34 ` Jeff Garzik
2007-11-03 20:02 ` Daniel Drake
2007-11-04 0:07 ` Tejun Heo
2007-11-04 4:02 ` Albert Lee
2007-11-04 23:42 ` Alan Cox
2007-11-05 0:05 ` Tejun Heo
2007-11-05 13:03 ` Alan Cox
2007-11-06 10:18 ` Tejun Heo
2007-11-06 12:48 ` Alan Cox
2007-11-05 0:15 ` Daniel Drake
2007-11-02 17:58 ` Jeff Garzik
2007-10-30 16:02 ` Jeff Garzik
2007-10-30 16:10 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071031175543.GB11514@kernel.dk \
--to=jens.axboe@oracle.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=dsd@gentoo.org \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).