From: Kashyap Desai <kashyap.desai@broadcom.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: linux-kernel@vger.kernel.org, linux-scsi@vger.kernel.org
Subject: RE: out of range LBA using sg_raw
Date: Wed, 8 Mar 2017 21:29:28 +0530 [thread overview]
Message-ID: <eb88925faa247b2ae6e510fc7fd0cff9@mail.gmail.com> (raw)
In-Reply-To: <20170308151113.GB27450@infradead.org>
> -----Original Message-----
> From: Christoph Hellwig [mailto:hch@infradead.org]
> Sent: Wednesday, March 08, 2017 8:41 PM
> To: Kashyap Desai
> Cc: linux-kernel@vger.kernel.org; linux-scsi@vger.kernel.org
> Subject: Re: out of range LBA using sg_raw
>
> Hi Kashyap,
>
> for SG_IO passthrough requests we can't validate command validity for
> commands as the block layer treats them as opaque. The SCSI device
> implementation needs to handle incorrect parameter to be robust.
>
> For your fast path bypass the megaraid driver assumes part of the SCSI
device
> implementation, so it will have to check for validity.
Thanks Chris. It is understood to have sanity in driver, but how critical
such checks where SG_IO type interface send pass-through request. ?
Are you suggesting as good to have sanity or very important as there may
be a real-time exposure other than SG_IO interface ? I am confused over
must or good to have check.
Also one more fault I can generate using below sg_raw command -
"sg_raw -r 32k /dev/sdx 28 00 01 4f ff ff 00 00 08 00"
Provide more scsi data length compare to actual SG buffer. Do you suggest
such SG_IO interface vulnerability is good to be captured in driver.
I am just curious to know how badly we have to scrutinize each packet
before sending to Fast Path as we are in IO path and recommend only
important checks to be added.
Thanks, Kashyap
next prev parent reply other threads:[~2017-03-08 15:59 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-08 14:21 out of range LBA using sg_raw Kashyap Desai
2017-03-08 15:11 ` Christoph Hellwig
2017-03-08 15:59 ` Kashyap Desai [this message]
2017-03-08 16:04 ` Bart Van Assche
2017-03-08 16:15 ` Kashyap Desai
2017-03-08 16:06 ` Christoph Hellwig
2017-03-08 16:11 ` Kashyap Desai
2017-03-08 16:32 ` Martin K. Petersen
2017-03-08 16:49 ` Kashyap Desai
2017-03-09 0:40 ` Martin K. Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eb88925faa247b2ae6e510fc7fd0cff9@mail.gmail.com \
--to=kashyap.desai@broadcom.com \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox