Re: KMSAN: kernel-infoleak in sg_scsi_ioctl

Hi, See below. On 2021-04-12 9:02 a.m., Hao Sun wrote: Hi When using Healer(https://github.com/SunHao-0/healer/tree/dev) to fuzz the Linux kernel, I found the following bug report. commit: 4ebaab5fb428374552175aa39832abf5cedb916a version: linux 5.12 git tree:kmsan kernel config and

Re: [scsi_debug] 20b58d1e6b: blktests.block.001.fail

On 2021-03-23 9:26 a.m., kernel test robot wrote: Greeting, FYI, we noticed the following commit (built with gcc-9): commit: 20b58d1e6b9cda142cd142a0a2f94c0d04b0a5a0 ("[RFC] scsi_debug: add hosts initialization --> worker") url: https://github.com/0day-ci/linux/commits/Do

Re: [syzbot] KASAN: invalid-free in sg_finish_scsi_blk_rq

On 2021-03-15 9:59 p.m., syzbot wrote: Hello, syzbot found the following issue on: HEAD commit:d98f554b Add linux-next specific files for 20210312 git tree: linux-next console output: https://syzkaller.appspot.com/x/log.txt?x=1189318ad0 kernel config:

Re: [PATCH][next] scsi: sg: return -ENOMEM on out of memory error

On 2021-03-11 6:33 p.m., Colin King wrote: From: Colin Ian King The sg_proc_seq_show_debug should return -ENOMEM on an out of memory error rather than -1. Fix this. Fixes: 94cda6cf2e44 ("scsi: sg: Rework debug info") Signed-off-by: Colin Ian King Acked-by: Douglas Gilber

Re: [PATCH][next] scsi: sg: Fix use of pointer sfp after it has been kfree'd

eplace rq array with xarray") Signed-off-by: Colin Ian King Acked-by: Douglas Gilbert Thanks. --- drivers/scsi/sg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c index 2d4bbc1a1727..79f05afa4407 100644 --- a/drivers/scsi/sg.

Re: linux-next: build failure after merge of the scsi-mkp tree

On 2021-01-27 2:01 a.m., Stephen Rothwell wrote: Hi all, On Mon, 25 Jan 2021 00:53:59 -0500 Douglas Gilbert wrote: On 2021-01-24 11:13 p.m., Stephen Rothwell wrote: After merging the scsi-mkp tree, today's linux-next build (powerpc ppc64_defconfig) failed like this: drivers/scsi/sg.c

Re: linux-next: build failure after merge of the scsi-mkp tree

On 2021-01-24 11:13 p.m., Stephen Rothwell wrote: Hi all, After merging the scsi-mkp tree, today's linux-next build (powerpc ppc64_defconfig) failed like this: drivers/scsi/sg.c: In function 'sg_find_srp_by_id': drivers/scsi/sg.c:2908:4: error: expected '}' before 'else' 2908 |else

[PATCH 0/3] scatterlist: sgl-sgl ops: copy, equal

f bytes actually (over)written. That number is needed anyway internally so may as well return it as it may be useful to the caller. This patchset is against lk 5.11.0-rc4 Douglas Gilbert (3): scatterlist: add sgl_copy_sgl() function scatterlist: add sgl_equal_sgl() function scatterlist: ad

[PATCH 2/3] scatterlist: add sgl_equal_sgl() function

. the function returns false) then the byte index of the first miscompare is written to *miscompare_idx. Knowing the location of the first miscompare is needed to implement properly the SCSI COMPARE AND WRITE command. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux

[PATCH 3/3] scatterlist: add sgl_memset()

the number of bytes (over)written. Change implementation of sg_zero_buffer() to call this new function. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 20 +- lib/scatterlist.c | 79 + 2 files

[PATCH 1/3] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a sgl to sgl copy. Stops when the first of the number of requested bytes to copy, or the source sgl, or the destination sgl is exhausted. So the destination sgl will _not_ grow. Reviewed-by: Bodo Stroesser Signed-off-by: Dougl

Re: [PATCH v6 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

On 2021-01-18 6:48 p.m., Jason Gunthorpe wrote: On Mon, Jan 18, 2021 at 10:22:56PM +0100, Bodo Stroesser wrote: On 18.01.21 21:24, Jason Gunthorpe wrote: On Mon, Jan 18, 2021 at 03:08:51PM -0500, Douglas Gilbert wrote: On 2021-01-18 1:28 p.m., Jason Gunthorpe wrote: On Mon, Jan 18, 2021

Re: [PATCH v6 3/4] scatterlist: add sgl_compare_sgl() function

On 2021-01-18 6:27 p.m., David Disseldorp wrote: On Mon, 18 Jan 2021 11:30:05 -0500, Douglas Gilbert wrote: After enabling copies between scatter gather lists (sgl_s), another storage related operation is to compare two sgl_s. This new function is modelled on NVMe's Compare command

Re: [PATCH] checkpatch: Improve TYPECAST_INT_CONSTANT test message

, (unsigned int)1, )) where the check_add_overflow() macro [include/linux/overflow.h] uses typeid to check its first and second arguments have the same type. So it is likely others could meet this issue. Doug Gilbert Signed-off-by: Joe Perches --- Douglas Gilbert sent me a private email

Re: [PATCH v6 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

On 2021-01-18 1:28 p.m., Jason Gunthorpe wrote: On Mon, Jan 18, 2021 at 11:30:03AM -0500, Douglas Gilbert wrote: After several flawed attempts to detect overflow, take the fastest route by stating as a pre-condition that the 'order' function argument cannot exceed 16 (2^16 * 4k = 256 MiB

[PATCH v6 3/4] scatterlist: add sgl_compare_sgl() function

. Knowing the location of the first miscompare is needed to implement the SCSI COMPARE AND WRITE command properly. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 8 +++ lib/scatterlist.c | 109 2 files

[PATCH v6 4/4] scatterlist: add sgl_memset()

the number of bytes (over)written. Change implementation of sg_zero_buffer() to call this new function. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 20 +- lib/scatterlist.c | 79 + 2 files

[PATCH v6 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a sgl to sgl copy. Stops when the first of the number of requested bytes to copy, or the source sgl, or the destination sgl is exhausted. So the destination sgl will _not_ grow. Reviewed-by: Bodo Stroesser Signed-off-by: Dougl

[PATCH v6 0/4] scatterlist: add new capabilities

lly so may as well return it as it may be useful to the caller. This patchset is against lk 5.11.0-rc4 Douglas Gilbert (4): sgl_alloc_order: remove 4 GiB limit, sgl_free() warning scatterlist: add sgl_copy_sgl() function scatterlist: add sgl_compare_sgl() function scatterlist: add

[PATCH v6 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

s function is doing. An earlier patch fixed a memory leak in sg_alloc_order() due to the misuse of sgl_free(). Take the opportunity to put a one line comment above sgl_free()'s declaration warning that it is not suitable when order > 0 . Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbe

Re: [PATCH v5 4/4] scatterlist: add sgl_memset()

On 2021-01-07 12:46 p.m., Jason Gunthorpe wrote: On Mon, Dec 28, 2020 at 06:49:55PM -0500, Douglas Gilbert wrote: The existing sg_zero_buffer() function is a bit restrictive. For example protection information (PI) blocks are usually initialized to 0xff bytes. As its name suggests sgl_memset

Re: [PATCH v5 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

On 2021-01-07 12:44 p.m., Jason Gunthorpe wrote: On Mon, Dec 28, 2020 at 06:49:52PM -0500, Douglas Gilbert wrote: diff --git a/lib/scatterlist.c b/lib/scatterlist.c index a59778946404..4986545beef9 100644 +++ b/lib/scatterlist.c @@ -554,13 +554,15 @@ EXPORT_SYMBOL(sg_alloc_table_from_pages

[PATCH v5 4/4] scatterlist: add sgl_memset()

the number of bytes (over)written. Change implementation of sg_zero_buffer() to call this new function. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 3 ++ lib/scatterlist.c | 65 + 2 files changed, 48

[PATCH v5 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

g_alloc_order() due to the misuse of sgl_free(). Take the opportunity to put a one line comment above sgl_free()'s declaration warning that it is not suitable when order > 0 . Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 1 + lib/scatte

[PATCH v5 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a sgl to sgl copy. Stops when the first of the number of requested bytes to copy, or the source sgl, or the destination sgl is exhausted. So the destination sgl will _not_ grow. Reviewed-by: Bodo Stroesser Signed-off-by: Dougl

[PATCH v5 3/4] scatterlist: add sgl_compare_sgl() function

. Knowing the location of the first miscompare is needed to implement the SCSI COMPARE AND WRITE command properly. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 8 +++ lib/scatterlist.c | 109 2 files

[PATCH v5 0/4] scatterlist: add new capabilities

number of bytes actually (over)written. That number is needed anyway internally so may as well return it as it may be useful to the caller. This patchset is against lk 5.10.0-rc2 Douglas Gilbert (4): sgl_alloc_order: remove 4 GiB limit, sgl_free() warning scatterlist: add sgl_copy_sgl(

Re: [PATCH] [v2] scsi: scsi_debug: Fix memleak in scsi_debug_init

Acked-by: Douglas Gilbert Thanks. --- Changelog: v2: - Add missed assignment statement for ret. --- drivers/scsi/scsi_debug.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c index 24c0f7ec0351..4a08c450b756 100644

Re: [PATCH v1 0/6] no-copy bvec

On 2020-12-24 1:41 a.m., Christoph Hellwig wrote: On Wed, Dec 23, 2020 at 08:32:45PM +, Pavel Begunkov wrote: On 23/12/2020 20:23, Douglas Gilbert wrote: On 2020-12-23 11:04 a.m., James Bottomley wrote: On Wed, 2020-12-23 at 15:51 +, Christoph Hellwig wrote: On Wed, Dec 23, 2020

Re: [PATCH v1 0/6] no-copy bvec

On 2020-12-23 11:04 a.m., James Bottomley wrote: On Wed, 2020-12-23 at 15:51 +, Christoph Hellwig wrote: On Wed, Dec 23, 2020 at 12:52:59PM +, Pavel Begunkov wrote: Can scatterlist have 0-len entries? Those are directly translated into bvecs, e.g. in nvme/target/io-cmd-file.c and

Re: [RFC PATCH v2 0/2] add simple copy support

On 2020-12-07 9:56 a.m., Hannes Reinecke wrote: On 12/7/20 3:11 PM, Christoph Hellwig wrote: So, I'm really worried about:   a) a good use case.  GC in f2fs or btrfs seem like good use cases, as does accelating dm-kcopyd.  I agree with Damien that lifting dm-kcopyd to common code

Re: [PATCH] scsi: ses: Fix crash caused by kfree an invalid pointer

On 2020-11-28 6:27 p.m., James Bottomley wrote: On Sat, 2020-11-28 at 20:23 +0800, Ding Hui wrote: We can get a crash when disconnecting the iSCSI session, the call trace like this: [2a00fb70] kfree at 0830e224 [2a00fba0] ses_intf_remove at 01f200e4

[PATCH v4 4/4] scatterlist: add sgl_memset()

the number of bytes (over)written. Change implementation of sg_zero_buffer() to call this new function. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 3 ++ lib/scatterlist.c | 65 + 2 files changed, 48

[PATCH v4 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

g_alloc_order() due to the misuse of sgl_free(). Take the opportunity to put a one line comment above sgl_free()'s declaration warning that it is not suitable when order > 0 . Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 1 + lib/scatte

[PATCH v4 3/4] scatterlist: add sgl_compare_sgl() function

. Knowing the location of the first miscompare is needed to implement the SCSI COMPARE AND WRITE command properly. Reviewed-by: Bodo Stroesser Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 8 +++ lib/scatterlist.c | 109 2 files

[PATCH v4 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a sgl to sgl copy. Stops when the first of the number of requested bytes to copy, or the source sgl, or the destination sgl is exhausted. So the destination sgl will _not_ grow. Reviewed-by: Bodo Stroesser Signed-off-by: Dougl

[PATCH v4 0/4] scatterlist: add new capabilities

er)written. That number is needed anyway internally so may as well return it as it may be useful to the caller. This patchset is against lk 5.10.0-rc2 Douglas Gilbert (4): sgl_alloc_order: remove 4 GiB limit, sgl_free() warning scatterlist: add sgl_copy_sgl() function scatte

Re: [PATCH v3 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

On 2020-11-03 7:54 a.m., Bodo Stroesser wrote: Am 19.10.20 um 21:19 schrieb Douglas Gilbert: This patch removes a check done by sgl_alloc_order() before it starts any allocations. The comment before the removed code says: "Check for integer overflow" arguably gives a false sense o

tools/perf: noise from check-headers.sh

Executing that script in linux-stable [lk 5.10.0-rc1] gives the following output: Warning: Kernel ABI header at 'tools/include/uapi/drm/i915_drm.h' differs from latest version at 'include/uapi/drm/i915_drm.h' diff -u tools/include/uapi/drm/i915_drm.h include/uapi/drm/i915_drm.h Warning: Kernel

[PATCH v3 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a sgl to sgl copy. Stops when the first of the number of requested bytes to copy, or the source sgl, or the destination sgl is exhausted. So the destination sgl will _not_ grow. Signed-off-by: Douglas Gilbert --- inc

[PATCH v3 4/4] scatterlist: add sgl_memset()

the number of bytes (over)written. Change implementation of sg_zero_buffer() to call this new function. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 3 ++ lib/scatterlist.c | 65 + 2 files changed, 48 insertions(+), 20 deletions

[PATCH v3 0/4] scatterlist: add new capabilities

sgl_memset return type changed from void to size_t and is the number of bytes actually (over)written. That number is needed anyway internally so may as well return it as it may be useful to the caller. This patchset is against lk 5.9.0 Douglas Gilbert (4): sgl_alloc_order: remove 4

[PATCH v3 3/4] scatterlist: add sgl_compare_sgl() function

comparing. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 4 +++ lib/scatterlist.c | 61 + 2 files changed, 65 insertions(+) diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h index 6649414c0749..ae260dc5fedb 100644

[PATCH v3 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

der > 0 was the reason for the memory leak. The other users of sgl_alloc_order() in the kernel where checked and found to handle free-ing properly. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 1 + lib/scatterlist.c | 3 --- 2 files changed, 1 insertion(+), 3 deletions

[PATCH v2 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a copy. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 4 ++ lib/scatterlist.c | 74 + 2 files changed, 78 insertions(+) diff --git a/include/linux/scatterlist.h

[PATCH v2 0/4] scatterlist: add new capabilities

as it may be useful to the caller. This patchset is against lk 5.9.0 Douglas Gilbert (4): sgl_alloc_order: remove 4 GiB limit, sgl_free() warning scatterlist: add sgl_copy_sgl() function scatterlist: add sgl_compare_sgl() function scatterlist: add sgl_memset() include/linux/scatterli

[PATCH v2 4/4] scatterlist: add sgl_memset()

the number of bytes (over)written. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 3 +++ lib/scatterlist.c | 54 ++--- 2 files changed, 54 insertions(+), 3 deletions(-) diff --git a/include/linux/scatterlist.h b/include/linux

[PATCH v2 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

der > 0 was the reason for the memory leak. The other users of sgl_alloc_order() in the kernel where checked and found to handle free-ing properly. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 1 + lib/scatterlist.c | 3 --- 2 files changed, 1 insertion(+), 3 deletions

[PATCH v2 3/4] scatterlist: add sgl_compare_sgl() function

. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 4 +++ lib/scatterlist.c | 60 + 2 files changed, 64 insertions(+) diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h index 6649414c0749..ae260dc5fedb 100644

Re: [PATCH 2/4] scatterlist: add sgl_copy_sgl() function

to date has not been in irq or soft interrupt state. I should be able to rig a test for the latter. Thanks Doug Gilbert Am 16.10.20 um 06:52 schrieb Douglas Gilbert: Both the SCSI and NVMe subsystems receive user data from the block layer in scatterlist_s (aka scatter gather lists (sgl) which

[PATCH 3/4] scatterlist: add sgl_compare_sgl() function

. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 4 ++ lib/scatterlist.c | 84 - 2 files changed, 86 insertions(+), 2 deletions(-) diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h index 6649414c0749

[PATCH 4/4] scatterlist: add sgl_memset()

-by: Douglas Gilbert --- include/linux/scatterlist.h | 3 +++ lib/scatterlist.c | 39 +++-- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h index ae260dc5fedb..e50dc9a6d887 100644

[PATCH 0/4] scatterlist: add new capabilities

() for large, long-term allocations. For what seems like no good reason, sgl_alloc_order() currently restricts its total allocation to less than or equal to 4 GiB. vmalloc() has no such restriction. This patchset is against lk 5.9.0 Douglas Gilbert (4): sgl_alloc_order: remove 4 GiB limit, sgl_free

[PATCH 1/4] sgl_alloc_order: remove 4 GiB limit, sgl_free() warning

der > 0 was the reason for the memory leak. The other users of sgl_alloc_order() in the kernel where checked and found to handle free-ing properly. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 1 + lib/scatterlist.c | 3 --- 2 files changed, 1 insertion(+), 3 deletions

[PATCH 2/4] scatterlist: add sgl_copy_sgl() function

Currently there are no sgl to sgl operations in the kernel. Start with a copy. Signed-off-by: Douglas Gilbert --- include/linux/scatterlist.h | 4 ++ lib/scatterlist.c | 86 + 2 files changed, 90 insertions(+) diff --git a/include/linux/scatterlist.h

[RESEND PATCH] sgl_alloc_order: fix memory leak

ned before returning NULL. In the case when order > 0 it calls the wrong free page function and leaks. In testing the leak was sufficient to bring down my 8 GiB laptop with OOM. Reviewed-by: Bart Van Assche Signed-off-by: Douglas Gilbert --- lib/scatterlist.c | 2 +- 1 file changed, 1 insertion

Re: [question] What happens when dd writes data to a missing device?

On 2020-10-11 3:46 p.m., Mikhail Gavrilov wrote: Hi folks! I have a question. What happens when dd writes data to a missing device? For example: # dd if=/home/mikhail/Downloads/Fedora-Workstation-Live-x86_64-Rawhide-20201010.n.0.iso of=/dev/adb Today I and wrongly entered /dev/adb instead of

Re: [PATCH] lib/scatterlist: Fix memory leak in sgl_alloc_order()

On 2020-09-20 4:11 p.m., Markus Elfring wrote: Noticed that when sgl_alloc_order() failed with order > 0 that free memory on my machine shrank. That function shouldn't call sgl_free() on its error path since that is only correct when order==0 . * Would an imperative wording become helpful for

Re: [PATCH] lib/scatterlist: Fix memory leak in sgl_alloc_order()

On 2020-09-20 1:09 p.m., Markus Elfring wrote: Noticed that when sgl_alloc_order() failed with order > 0 that free memory on my machine shrank. That function shouldn't call sgl_free() on its error path since that is only correct when order==0 . * Would an imperative wording become helpful for

[PATCH] sgl_alloc_order: memory leak

Noticed that when sgl_alloc_order() failed with order > 0 that free memory on my machine shrank. That function shouldn't call sgl_free() on its error path since that is only correct when order==0 . Signed-off-by: Douglas Gilbert --- lib/scatterlist.c | 2 +- 1 file changed, 1 insertion(+)

[PATCH] tools/io_uring: fix compile breakage

| extern __pid_t gettid (void) __THROW; |^~ make: *** [: io_uring-bench.o] Error 1 The problem on Ubuntu 20.04 (with lk 5.9.0-rc5) is that unistd.h already defines gettid(). So prefix the local definition with "lk_". Signed-off-by: Douglas Gilbert --- tool

Re: [PATCH] scsi: clear UAC before sending SG_IO

On 2020-09-10 6:15 a.m., Randall Huang wrote: Make sure UAC is clear before sending SG_IO. Signed-off-by: Randall Huang This patch just looks wrong. Imagine if every LLD front loaded some LLD specific code before each invocation of ioctl(SG_IO). Is UAC Unit Attention Condition? If so the

Re: [PATCH v8 00/18] blk-mq/scsi: Provide hostwide shared tags for SCSI HBAs

bove copy and verify steps. So: Tested-by: Douglas Gilbert Differences to v7: - Add null_blk and scsi_debug support - Drop debugfs tags patch - it's too difficult to be the same between hostwide and non-hostwide, as discussed: https://lore.kernel.org/linux-scsi/1591810159-240929-1-gi

Re: rework check_disk_change()

On 2020-09-02 10:11 a.m., Christoph Hellwig wrote: Hi Jens, this series replaced the not very nice check_disk_change() function with a new bdev_media_changed that avoids having the ->revalidate_disk call at its end. As a result ->revalidate_disk can be removed from a lot of drivers. For

Re: [PATCH] scsi: sd: add runtime pm to open / release

On 2020-07-29 10:32 a.m., Alan Stern wrote: On Wed, Jul 29, 2020 at 04:12:22PM +0200, Martin Kepplinger wrote: On 28.07.20 22:02, Alan Stern wrote: On Tue, Jul 28, 2020 at 09:02:44AM +0200, Martin Kepplinger wrote: Hi Alan, Any API cleanup is of course welcome. I just wanted to remind you

Re: [RFC][PATCHES] drivers/scsi/sg.c uaccess cleanups/fixes

On 2019-10-17 9:36 p.m., Al Viro wrote: On Wed, Oct 16, 2019 at 09:25:40PM +0100, Al Viro wrote: FWIW, callers of __copy_from_user() remaining in the generic code: 6) drivers/scsi/sg.c nest: sg_read() ones are memdup_user() in disguise (i.e. fold with immediately preceding kmalloc()s).

Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default

On 2019-07-08 2:01 a.m., Hannes Reinecke wrote: On 7/5/19 7:53 PM, Douglas Gilbert wrote: On 2019-07-05 3:22 a.m., Hannes Reinecke wrote: [ .. ] As mentioned, rescan-scsi-bus.sh is keeping references to /proc/scsi as a fall back only, as it's meant to work kernel independent. Per default

Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default

...@interlog.com; Marc Gonzalez ; James Bottomley ; Martin Petersen Cc: SCSI ; LKML ; Christoph Hellwig Subject: Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default On 6/17/19 5:35 PM, Douglas Gilbert wrote: For sg3_utils: $ find . -name '*.c' -exec grep "/proc/scsi" {} \; -pr

Re: [PATCH 0/2] scsi: add support for request batching

On 2019-06-26 9:51 a.m., Paolo Bonzini wrote: On 30/05/19 13:28, Paolo Bonzini wrote: This allows a list of requests to be issued, with the LLD only writing the hardware doorbell when necessary, after the last request was prepared. This is more efficient if we have lists of requests to issue,

Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default

On 2019-06-19 5:42 a.m., Marc Gonzalez wrote: On 18/06/2019 17:31, Douglas Gilbert wrote: On 2019-06-18 3:29 a.m., Marc Gonzalez wrote: Please note that I am _in no way_ suggesting that we remove any code. I just think it might be time to stop forcing CONFIG_SCSI_PROC_FS into every config

Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default

On 2019-06-18 3:29 a.m., Marc Gonzalez wrote: On 18/06/2019 03:08, Finn Thain wrote: On Mon, 17 Jun 2019, Douglas Gilbert wrote: On 2019-06-17 5:11 p.m., Bart Van Assche wrote: On 6/12/19 6:59 AM, Marc Gonzalez wrote: According to the option's help message, SCSI_PROC_FS has been

Re: [PATCH v1] scsi: Don't select SCSI_PROC_FS by default

On 2019-06-17 5:11 p.m., Bart Van Assche wrote: On 6/12/19 6:59 AM, Marc Gonzalez wrote: According to the option's help message, SCSI_PROC_FS has been superseded for ~15 years. Don't select it by default anymore. Signed-off-by: Marc Gonzalez ---   drivers/scsi/Kconfig | 3 ---   1 file

Re: [PATCH] sg: Fix a double-fetch bug in drivers/scsi/sg.c

On 2019-06-05 2:00 a.m., Jiri Slaby wrote: On 23. 05. 19, 4:38, Gen Zhang wrote: In sg_write(), the opcode of the command is fetched the first time from the userspace by __get_user(). Then the whole command, the opcode included, is fetched again from userspace by __copy_from_user(). However, a

Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()

On 2019-05-20 12:05 p.m., Martin K. Petersen wrote: James, Please. What I'm interested in is whether this is simply a bug in the array firmware, in which case the fix is sufficient, or whether there's some problem with the parser, like mismatched expectations over added trailing nulls or

Re: [PATCH 21/24] sg: switch to SPDX tags

On 2019-05-01 6:14 p.m., Christoph Hellwig wrote: Use the the GPLv2+ SPDX tag instead of verbose boilerplate text. IOWs replace 3.5 lines with 1. Signed-off-by: Christoph Hellwig Acked-by: Douglas Gilbert --- drivers/scsi/sg.c | 7 +-- 1 file changed, 1 insertion(+), 6

Re: Recent removal of bsg read/write support

Updated reply, see below. On 2018-09-03 4:34 a.m., Dror Levin wrote: On Sun, Sep 2, 2018 at 8:55 PM Linus Torvalds wrote: On Sun, Sep 2, 2018 at 4:44 AM Richard Weinberger wrote: CC'ing relevant people. Otherwise your mail might get lost. Indeed. Sorry for that. On Sun, Sep 2, 2018

Re: [ANNOUNCE] v4 sg driver: ready for testing

in sg3_utils-1.45 (beta, revision 807) at the top of this page: http://sg.danny.cz/sg/index.html Doug Gilbert *** the reason for the split is the tree wide change to the access_ok() function. On 2018-12-25 2:39 a.m., Douglas Gilbert wrote: There is an update to the sg v4 driver

Re: [PATCH v2] rbtree: fix the red root

On 2019-01-14 12:58 p.m., Qian Cai wrote: Unfortunately, I could not trigger any of those here both in a bare-metal and virtual machines. All I triggered were hung tasks and soft-lockup due to fork bomb. The only other thing I can think of is to setup kdump to capture a vmcore when either GPF

Re: [PATCH] scsi: wd719x Replace GFP_KERNEL with GFP_ATOMIC in wd719x_chip_init

On 2019-01-14 10:29 a.m., Christoph Hellwig wrote: On Mon, Jan 14, 2019 at 11:24:49PM +0800, wangbo wrote: wd719x_host_reset get spinlock first then call wd719x_chip_init, so replace GFP_KERNEL with GFP_ATOMIC in wd719x_chip_init. Please move the allocation outside the lock instead.

Re: [PATCH v2] rbtree: fix the red root

On 2019-01-13 10:59 p.m., Esme wrote: ‐‐‐ Original Message ‐‐‐ On Sunday, January 13, 2019 10:52 PM, Douglas Gilbert wrote: On 2019-01-13 10:07 p.m., Esme wrote: ‐‐‐ Original Message ‐‐‐ On Sunday, January 13, 2019 9:33 PM, Qian Cai c...@lca.pw wrote: On 1/13/19 9:20 PM

Re: [PATCH v2] rbtree: fix the red root

On 2019-01-13 10:07 p.m., Esme wrote: ‐‐‐ Original Message ‐‐‐ On Sunday, January 13, 2019 9:33 PM, Qian Cai wrote: On 1/13/19 9:20 PM, David Lechner wrote: On 1/11/19 8:58 PM, Michel Lespinasse wrote: On Fri, Jan 11, 2019 at 3:47 PM David Lechner da...@lechnology.com wrote: On

Re: [PATCH] scsi: associate bio write hint with WRITE CDB

On 2019-01-03 4:47 a.m., Randall Huang wrote: On Wed, Jan 02, 2019 at 11:51:33PM -0800, Christoph Hellwig wrote: On Wed, Dec 26, 2018 at 12:15:04PM +0800, Randall Huang wrote: In SPC-3, WRITE(10)/(16) support grouping function. Let's associate bio write hint with group number for enabling

Re: [PATCH] scsi: avoid a double-fetch and a redundant copy

On 2018-12-25 3:15 p.m., Kangjie Lu wrote: What we need is only "pack_id", so do not create a heap object or copy the whole object in. The fix efficiently copies "pack_id" only. Now this looks like a worthwhile optimization, in some pretty tricky code. I can't see a security angle in it. Did

Re: [PATCH] scsi: fix a double-fetch bug in sg_write

Signed-off-by: Kangjie Lu Acked-by: Douglas Gilbert Also applied to my sg v4 driver code. The v1 and v2 interfaces (based on struct sg_header) did not provide a command length field. The sg driver needed to read the first byte of the command (the "opcode") to determine the full co

Re: remove exofs, the T10 OSD code and block/scsi bidi support V3

On 2018-12-19 9:43 a.m., Christoph Hellwig wrote: On Mon, Nov 26, 2018 at 07:11:10PM +0200, Boaz Harrosh wrote: On 11/11/18 15:32, Christoph Hellwig wrote: The only real user of the T10 OSD protocol, the pNFS object layout driver never went to the point of having shipping products, and we

Re: Recent removal of bsg read/write support

On 2018-09-03 10:34 AM, Dror Levin wrote: On Sun, Sep 2, 2018 at 8:55 PM Linus Torvalds wrote: On Sun, Sep 2, 2018 at 4:44 AM Richard Weinberger wrote: CC'ing relevant people. Otherwise your mail might get lost. Indeed. Sorry for that. On Sun, Sep 2, 2018 at 1:37 PM Dror Levin

Re: Recent removal of bsg read/write support

On 2018-09-03 10:34 AM, Dror Levin wrote: On Sun, Sep 2, 2018 at 8:55 PM Linus Torvalds wrote: On Sun, Sep 2, 2018 at 4:44 AM Richard Weinberger wrote: CC'ing relevant people. Otherwise your mail might get lost. Indeed. Sorry for that. On Sun, Sep 2, 2018 at 1:37 PM Dror Levin

Re: 4.19.0-rc1 rtsx_pci_sdmmc.0: error: data->host_cookie = 62, host->cookie = 63

On 2018-08-30 02:03 PM, Ulf Hansson wrote: On 28 August 2018 at 23:47, Douglas Gilbert wrote: I usually boot my Lenovo X270 with a SD card in its: # lspci 02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS522A PCI Express Card Reader (rev 01) ... In lk 4.19.0-rc1 the boot

Re: 4.19.0-rc1 rtsx_pci_sdmmc.0: error: data->host_cookie = 62, host->cookie = 63

On 2018-08-30 02:03 PM, Ulf Hansson wrote: On 28 August 2018 at 23:47, Douglas Gilbert wrote: I usually boot my Lenovo X270 with a SD card in its: # lspci 02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS522A PCI Express Card Reader (rev 01) ... In lk 4.19.0-rc1 the boot

4.19.0-rc1 rtsx_pci_sdmmc.0: error: data->host_cookie = 62, host->cookie = 63

I usually boot my Lenovo X270 with a SD card in its: # lspci 02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS522A PCI Express Card Reader (rev 01) ... In lk 4.19.0-rc1 the boot locks up solid, almost immediately and nothing in the logs. If I remove the SD card my machine

4.19.0-rc1 rtsx_pci_sdmmc.0: error: data->host_cookie = 62, host->cookie = 63

I usually boot my Lenovo X270 with a SD card in its: # lspci 02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS522A PCI Express Card Reader (rev 01) ... In lk 4.19.0-rc1 the boot locks up solid, almost immediately and nothing in the logs. If I remove the SD card my machine

Re: [PATCH] scsi: sg: fix a missing-check bug

On 2018-05-05 11:21 PM, Wenwen Wang wrote: In sg_write(), the opcode of the command is firstly copied from the userspace pointer 'buf' and saved to the kernel variable 'opcode', using the __get_user() function. The size of the command, i.e., 'cmd_size' is then calculated based on the 'opcode'.

Re: [PATCH] scsi: sg: fix a missing-check bug

On 2018-05-05 11:21 PM, Wenwen Wang wrote: In sg_write(), the opcode of the command is firstly copied from the userspace pointer 'buf' and saved to the kernel variable 'opcode', using the __get_user() function. The size of the command, i.e., 'cmd_size' is then calculated based on the 'opcode'.

Re: usercopy whitelist woe in scsi_sense_cache

On 2018-04-04 04:32 PM, Kees Cook wrote: On Wed, Apr 4, 2018 at 12:07 PM, Oleksandr Natalenko wrote: [ 261.262135] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'scsi_sense_cache' (offset 94, size 22)! I can easily

Re: usercopy whitelist woe in scsi_sense_cache

On 2018-04-04 04:32 PM, Kees Cook wrote: On Wed, Apr 4, 2018 at 12:07 PM, Oleksandr Natalenko wrote: [ 261.262135] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'scsi_sense_cache' (offset 94, size 22)! I can easily reproduce it with a qemu VM and

Re: usercopy whitelist woe in scsi_sense_cache

On 2018-04-04 04:21 PM, Kees Cook wrote: On Wed, Apr 4, 2018 at 12:07 PM, Oleksandr Natalenko wrote: With v4.16 I get the following dump while using smartctl: [...] [ 261.262135] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB

Re: usercopy whitelist woe in scsi_sense_cache

On 2018-04-04 04:21 PM, Kees Cook wrote: On Wed, Apr 4, 2018 at 12:07 PM, Oleksandr Natalenko wrote: With v4.16 I get the following dump while using smartctl: [...] [ 261.262135] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'scsi_sense_cache'

Re: [PATCH] scsi: resolve COMMAND_SIZE at compile time

On 2018-03-10 03:49 PM, James Bottomley wrote: On Sat, 2018-03-10 at 14:29 +0100, Stephen Kitt wrote: Hi Bart, On Fri, 9 Mar 2018 22:47:12 +, Bart Van Assche wrote: On Fri, 2018-03-09 at 23:33 +0100, Stephen Kitt wrote: +/* + * SCSI command sizes are as

Re: [PATCH] scsi: resolve COMMAND_SIZE at compile time

On 2018-03-10 03:49 PM, James Bottomley wrote: On Sat, 2018-03-10 at 14:29 +0100, Stephen Kitt wrote: Hi Bart, On Fri, 9 Mar 2018 22:47:12 +, Bart Van Assche wrote: On Fri, 2018-03-09 at 23:33 +0100, Stephen Kitt wrote: +/* + * SCSI command sizes are as follows, in bytes, for fixed

Re: scsi: sg: assorted memory corruptions

On 2018-01-30 07:22 AM, Dmitry Vyukov wrote: Uh, I've answered this a week ago, but did not notice that Doug dropped everybody from CC. Reporting to all. On Mon, Jan 22, 2018 at 8:16 PM, Douglas Gilbert <dgilb...@interlog.com> wrote: On 2018-01-22 02:06 PM, Dmitry Vyukov wrote: On Mo

  1   2   3   4   5   6   >