From: Bart Van Assche <bvanassche-HInyCGIudOg@public.gmane.org>
To: Sebastian Riemer
<sebastian.riemer-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
Cc: Roland Dreier <roland-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
David Dillow <dillowda-1Heg1YXhbW8@public.gmane.org>,
Vu Pham <vuhuong-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>,
linux-rdma <linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH 05/14] IB/srp: Maintain a single connection per I_T nexus
Date: Thu, 13 Jun 2013 17:07:50 +0200 [thread overview]
Message-ID: <51B9E046.3030008@acm.org> (raw)
In-Reply-To: <51B9CFC3.8080008-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
On 06/13/13 15:57, Sebastian Riemer wrote:
> You've only changed the style of this function. Functionality is still
> the same. Fine for me.
>
> But why do you put it that high in the source code?
> Do you (still) need it for something else?
>
> I would put it directly in front of srp_create_target() or even in front
> of that option parsing stuff for correct bottom-up.
Good idea. Will move the definition of that function down.
>> static int srp_connect_target(struct srp_target_port *target)
>> {
>> int retries = 3;
>> @@ -2261,6 +2291,14 @@ static ssize_t srp_create_target(struct device *dev,
>> if (ret)
>> goto err;
>>
>> + if (!srp_conn_unique(target->srp_host, target)) {
>> + shost_printk(KERN_INFO, target->scsi_host,
>> + PFX "Already connected to target port %.*s\n",
>> + (int)count, buf);
>> + ret = -EEXIST;
>> + goto err;
>> + }
>> +
>
> Yes, this looks good! Nice idea to print the connection string!
> Would be even cooler without trailing '\n' from within 'buf' but that's
> okay.
>
> I was a little bit afraid of overflows here so I did security testing.
> But srp_parse_options() already rejected my evil connection strings. :-)
>
> I've tried things like this:
> id_ext=0002c903004ed0b2,\
> ioc_guid=0002c903004ed0b2,\
> dgid=fe800000000000000002c903004ed0b4,\
> pkey=ffff,service_id=0002c903004ed0b2,\
> xxxxxxxxxxxxxxxxxxxxxxxxx... until 4096 chars
>
> id_ext=0002c903004ed0b2,\
> ioc_guid=0002c903004ed0b2,\
> dgid=fe800000000000000002c903004ed0b4,\
> pkey=ffff,service_id=0002c903004ed0b2,\
> id_ext=0002c903004ed0b2,\
> ioc_guid=0002c903004ed0b2,\
> dgid=fe800000000000000002c903004ed0b4,\
> pkey=ffff,service_id=0002c903004ed0b2,\
> ... until 4096 chars
>
> This string looked kind of funny. Also in the kernel message it was a
> little bit longer than usual but the parsing detected that I have too
> many parameters. So everything is fine in terms of security.
The "%.*s" should only copy the data provided by the user, even if it
is not '\0' terminated. Stripping the trailing newline is probably
possible with something like the (untested) code below (will only work
if there is only one newline in the input string and if it's at the
end):
shost_printk(KERN_INFO, target->scsi_host,
PFX "Already connected to target port %.*s\n",
(int)count - (memchr(buf, '\n', count) ==
buf + count - 1), buf);
Bart.
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2013-06-13 15:07 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-12 13:17 [PATCH 0/14] IB SRP initiator patches for kernel 3.11 Bart Van Assche
2013-06-12 13:28 ` [PATCH 07/14] scsi_transport_srp: Add transport layer error handling Bart Van Assche
[not found] ` <51B8777B.5050201-HInyCGIudOg@public.gmane.org>
2013-06-13 19:43 ` Vu Pham
2013-06-14 13:19 ` Bart Van Assche
[not found] ` <51BB1857.7040802-HInyCGIudOg@public.gmane.org>
2013-06-14 17:59 ` Vu Pham
[not found] ` <51BB5A04.3080901-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2013-06-15 9:52 ` Bart Van Assche
[not found] ` <51BC3945.9030900-HInyCGIudOg@public.gmane.org>
2013-06-17 6:18 ` Hannes Reinecke
2013-06-17 7:04 ` Bart Van Assche
2013-06-17 7:14 ` Hannes Reinecke
2013-06-17 7:29 ` Bart Van Assche
[not found] ` <51BEBAEA.4080202-HInyCGIudOg@public.gmane.org>
2013-06-17 8:10 ` Hannes Reinecke
2013-06-17 10:13 ` Sebastian Riemer
2013-06-18 16:59 ` Vu Pham
[not found] ` <51C09202.2040503-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2013-06-19 13:00 ` Bart Van Assche
2013-06-23 21:13 ` Mike Christie
[not found] ` <51C764FB.6070207-hcNo3dDEHLuVc3sceRu5cw@public.gmane.org>
2013-06-24 7:37 ` Bart Van Assche
[not found] ` <51B87501.4070005-HInyCGIudOg@public.gmane.org>
2013-06-12 13:20 ` [PATCH 01/14] IB/srp: Fix remove_one crash due to resource exhaustion Bart Van Assche
[not found] ` <51B875A4.7040903-HInyCGIudOg@public.gmane.org>
2013-06-12 13:38 ` Bart Van Assche
[not found] ` <51B879CF.1080802-HInyCGIudOg@public.gmane.org>
2013-06-12 14:24 ` Sebastian Riemer
2013-06-27 21:01 ` David Dillow
[not found] ` <1372366870.32164.30.camel-zHLflQxYYDO4Hhoo1DtQwJ9G+ZOsUmrO@public.gmane.org>
2013-06-27 23:45 ` Roland Dreier
[not found] ` <CAL1RGDWVgAKSL-GNZCkP1FEt9r_y5QWp+74NzDcga6+tcvWpXw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2013-06-28 7:41 ` Sebastian Riemer
2013-06-12 13:21 ` [PATCH 02/14] IB/srp: Fix race between srp_queuecommand() and srp_claim_req() Bart Van Assche
[not found] ` <51B875EE.3030702-HInyCGIudOg@public.gmane.org>
2013-06-12 14:58 ` Sebastian Riemer
[not found] ` <51B88C7C.4030209-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-12 15:14 ` Bart Van Assche
[not found] ` <51B8903E.3000609-HInyCGIudOg@public.gmane.org>
2013-06-27 21:02 ` David Dillow
[not found] ` <1372366945.32164.32.camel-zHLflQxYYDO4Hhoo1DtQwJ9G+ZOsUmrO@public.gmane.org>
2013-06-28 7:36 ` Bart Van Assche
2013-06-12 13:23 ` [PATCH 03/14] IB/srp: Avoid that srp_reset_host() is skipped after a TL error Bart Van Assche
[not found] ` <51B87638.50102-HInyCGIudOg@public.gmane.org>
2013-06-13 9:30 ` Sebastian Riemer
[not found] ` <51B99120.9000503-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-13 9:57 ` Bart Van Assche
2013-06-27 21:03 ` David Dillow
2013-06-12 13:24 ` [PATCH 04/14] IB/srp: Skip host settle delay Bart Van Assche
[not found] ` <51B87689.8030806-HInyCGIudOg@public.gmane.org>
2013-06-13 9:53 ` Sebastian Riemer
[not found] ` <51B996A1.6080604-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-13 13:06 ` Or Gerlitz
2013-06-27 21:04 ` David Dillow
2013-06-12 13:25 ` [PATCH 05/14] IB/srp: Maintain a single connection per I_T nexus Bart Van Assche
[not found] ` <51B876BF.4070400-HInyCGIudOg@public.gmane.org>
2013-06-13 13:57 ` Sebastian Riemer
[not found] ` <51B9CFC3.8080008-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-13 15:07 ` Bart Van Assche [this message]
[not found] ` <51B9E046.3030008-HInyCGIudOg@public.gmane.org>
2013-06-13 15:35 ` Sebastian Riemer
2013-06-13 17:50 ` Vu Pham
[not found] ` <51BA0655.6090707-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2013-06-13 18:25 ` Bart Van Assche
[not found] ` <51BA0E8F.3030104-HInyCGIudOg@public.gmane.org>
2013-06-13 23:27 ` Vu Pham
[not found] ` <51BA555F.9060807-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2013-06-14 9:38 ` Sebastian Riemer
[not found] ` <51BAE482.1050304-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-14 17:07 ` Vu Pham
[not found] ` <51BB4DBB.4070800-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>
2013-06-17 9:41 ` Sebastian Riemer
2013-06-27 21:10 ` David Dillow
[not found] ` <1372367432.32164.36.camel-zHLflQxYYDO4Hhoo1DtQwJ9G+ZOsUmrO@public.gmane.org>
2013-06-28 7:40 ` Bart Van Assche
2013-06-12 13:26 ` [PATCH 06/14] IB/srp: Keep rport as long as the IB transport layer Bart Van Assche
2013-06-12 13:29 ` [PATCH 08/14] IB/srp: Add srp_terminate_io() Bart Van Assche
2013-06-12 13:30 ` [PATCH 09/14] IB/srp: Use SRP transport layer error recovery Bart Van Assche
2013-06-12 13:31 ` [PATCH 10/14] IB/srp: Start timers if a transport layer error occurs Bart Van Assche
2013-06-12 13:33 ` [PATCH 11/14] IB/srp: Fail SCSI commands silently Bart Van Assche
2013-06-12 13:35 ` [PATCH 12/14] IB/srp: Make HCA completion vector configurable Bart Van Assche
[not found] ` <51B87904.1070803-HInyCGIudOg@public.gmane.org>
2013-06-27 21:24 ` David Dillow
[not found] ` <1372368256.32164.41.camel-zHLflQxYYDO4Hhoo1DtQwJ9G+ZOsUmrO@public.gmane.org>
2013-06-28 8:18 ` Bart Van Assche
[not found] ` <51CD46F0.60301-HInyCGIudOg@public.gmane.org>
2013-06-28 12:04 ` David Dillow
[not found] ` <1372421041.28740.14.camel-a7a0dvSY7KqLUyTwlgNVppKKF0rrzTr+@public.gmane.org>
2013-06-28 12:29 ` Bart Van Assche
2013-06-12 13:36 ` [PATCH 13/14] IB/srp: Make transport layer retry count configurable Bart Van Assche
[not found] ` <51B8794F.6050003-HInyCGIudOg@public.gmane.org>
2013-06-27 21:22 ` David Dillow
[not found] ` <1372368138.32164.40.camel-zHLflQxYYDO4Hhoo1DtQwJ9G+ZOsUmrO@public.gmane.org>
2013-06-28 8:28 ` Bart Van Assche
[not found] ` <51CD4933.5080709-HInyCGIudOg@public.gmane.org>
2013-06-28 12:07 ` David Dillow
[not found] ` <1372421227.28740.17.camel-a7a0dvSY7KqLUyTwlgNVppKKF0rrzTr+@public.gmane.org>
2013-06-28 12:30 ` Bart Van Assche
2013-06-12 13:37 ` [PATCH 14/14] IB/srp: Bump driver version and release date Bart Van Assche
-- strict thread matches above, loose matches on Subject: below --
2013-06-12 14:29 RE:[PATCH 05/14] IB/srp: Maintain a single connection per I_T nexus Jack Wang
[not found] ` <51B885C7.1020701-EIkl63zCoXaH+58JC4qpiA@public.gmane.org>
2013-06-12 15:15 ` [PATCH " Bart Van Assche
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51B9E046.3030008@acm.org \
--to=bvanassche-hinycgiudog@public.gmane.org \
--cc=dillowda-1Heg1YXhbW8@public.gmane.org \
--cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=roland-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=sebastian.riemer-EIkl63zCoXaH+58JC4qpiA@public.gmane.org \
--cc=vuhuong-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox