Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()

From: Martin K. Petersen
Date: Mon May 20 2019 - 12:08:30 EST

Next message: Sebastian Andrzej Siewior: "Re: 5.2-rc0.8: emacs segfaults?! x220, with 32-bit userland"
Previous message: Oleg Nesterov: "Re: [PATCH 5/5] asm-generic: remove ptrace.h"
In reply to: Waiman Long: "Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()"
Next in thread: Douglas Gilbert: "Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

James,

> Please. What I'm interested in is whether this is simply a bug in the
> array firmware, in which case the fix is sufficient, or whether
> there's some problem with the parser, like mismatched expectations
> over added trailing nulls or something.

Our support folks have been looking at this for a while. We have seen
problems with devices from several vendors. To the extent that I gave up
the idea of blacklisting all of them.

I am collecting "bad" SES pages from these devices. I have added support
for RECEIVE DIAGNOSTICS to scsi_debug and added a bunch of deliberately
broken SES pages so we could debug this.

It appears to be very common for devices to return inconsistent or
invalid data. So pretty much all of the ses.c parsing needs to have
sanity checking heuristics added to prevent KASAN hiccups.

--
Martin K. Petersen Oracle Linux Engineering

Next message: Sebastian Andrzej Siewior: "Re: 5.2-rc0.8: emacs segfaults?! x220, with 32-bit userland"
Previous message: Oleg Nesterov: "Re: [PATCH 5/5] asm-generic: remove ptrace.h"
In reply to: Waiman Long: "Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()"
Next in thread: Douglas Gilbert: "Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]