linux-rdma.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH AUTOSEL 4.9 11/91] IB/iser: bound protection_sg size by data_sg size
       [not found] <20191210223035.14270-1-sashal@kernel.org>
@ 2019-12-10 22:29 ` Sasha Levin
  2019-12-10 22:30 ` [PATCH AUTOSEL 4.9 75/91] RDMA/qib: Validate ->show()/store() callbacks before calling them Sasha Levin
  1 sibling, 0 replies; 3+ messages in thread
From: Sasha Levin @ 2019-12-10 22:29 UTC (permalink / raw)
  To: linux-kernel, stable
  Cc: Max Gurtovoy, Sagi Grimberg, Jason Gunthorpe, Sasha Levin, linux-rdma

From: Max Gurtovoy <maxg@mellanox.com>

[ Upstream commit 7718cf03c3ce4b6ebd90107643ccd01c952a1fce ]

In case we don't set the sg_prot_tablesize, the scsi layer assign the
default size (65535 entries). We should limit this size since we should
take into consideration the underlaying device capability. This cap is
considered when calculating the sg_tablesize. Otherwise, for example,
we can get that /sys/block/sdb/queue/max_segments is 128 and
/sys/block/sdb/queue/max_integrity_segments is 65535.

Link: https://lore.kernel.org/r/1569359027-10987-1-git-send-email-maxg@mellanox.com
Signed-off-by: Max Gurtovoy <maxg@mellanox.com>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/infiniband/ulp/iser/iscsi_iser.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/infiniband/ulp/iser/iscsi_iser.c b/drivers/infiniband/ulp/iser/iscsi_iser.c
index e46e2b095c184..fdf5179a81c10 100644
--- a/drivers/infiniband/ulp/iser/iscsi_iser.c
+++ b/drivers/infiniband/ulp/iser/iscsi_iser.c
@@ -649,6 +649,7 @@ iscsi_iser_session_create(struct iscsi_endpoint *ep,
 		if (ib_conn->pi_support) {
 			u32 sig_caps = ib_conn->device->ib_device->attrs.sig_prot_cap;
 
+			shost->sg_prot_tablesize = shost->sg_tablesize;
 			scsi_host_set_prot(shost, iser_dif_prot_caps(sig_caps));
 			scsi_host_set_guard(shost, SHOST_DIX_GUARD_IP |
 						   SHOST_DIX_GUARD_CRC);
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [PATCH AUTOSEL 4.9 75/91] RDMA/qib: Validate ->show()/store() callbacks before calling them
       [not found] <20191210223035.14270-1-sashal@kernel.org>
  2019-12-10 22:29 ` [PATCH AUTOSEL 4.9 11/91] IB/iser: bound protection_sg size by data_sg size Sasha Levin
@ 2019-12-10 22:30 ` Sasha Levin
  2019-12-11  7:45   ` Greg Kroah-Hartman
  1 sibling, 1 reply; 3+ messages in thread
From: Sasha Levin @ 2019-12-10 22:30 UTC (permalink / raw)
  To: linux-kernel, stable
  Cc: Viresh Kumar, Greg Kroah-Hartman, Jason Gunthorpe, Sasha Levin,
	linux-rdma

From: Viresh Kumar <viresh.kumar@linaro.org>

[ Upstream commit 7ee23491b39259ae83899dd93b2a29ef0f22f0a7 ]

The permissions of the read-only or write-only sysfs files can be
changed (as root) and the user can then try to read a write-only file or
write to a read-only file which will lead to kernel crash here.

Protect against that by always validating the show/store callbacks.

Link: https://lore.kernel.org/r/d45cc26361a174ae12dbb86c994ef334d257924b.1573096807.git.viresh.kumar@linaro.org
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/infiniband/hw/qib/qib_sysfs.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/infiniband/hw/qib/qib_sysfs.c b/drivers/infiniband/hw/qib/qib_sysfs.c
index fe4cf5e4acec6..8ce0f6eef89e4 100644
--- a/drivers/infiniband/hw/qib/qib_sysfs.c
+++ b/drivers/infiniband/hw/qib/qib_sysfs.c
@@ -301,6 +301,9 @@ static ssize_t qib_portattr_show(struct kobject *kobj,
 	struct qib_pportdata *ppd =
 		container_of(kobj, struct qib_pportdata, pport_kobj);
 
+	if (!pattr->show)
+		return -EIO;
+
 	return pattr->show(ppd, buf);
 }
 
@@ -312,6 +315,9 @@ static ssize_t qib_portattr_store(struct kobject *kobj,
 	struct qib_pportdata *ppd =
 		container_of(kobj, struct qib_pportdata, pport_kobj);
 
+	if (!pattr->store)
+		return -EIO;
+
 	return pattr->store(ppd, buf, len);
 }
 
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH AUTOSEL 4.9 75/91] RDMA/qib: Validate ->show()/store() callbacks before calling them
  2019-12-10 22:30 ` [PATCH AUTOSEL 4.9 75/91] RDMA/qib: Validate ->show()/store() callbacks before calling them Sasha Levin
@ 2019-12-11  7:45   ` Greg Kroah-Hartman
  0 siblings, 0 replies; 3+ messages in thread
From: Greg Kroah-Hartman @ 2019-12-11  7:45 UTC (permalink / raw)
  To: Sasha Levin
  Cc: linux-kernel, stable, Viresh Kumar, Jason Gunthorpe, linux-rdma

On Tue, Dec 10, 2019 at 05:30:19PM -0500, Sasha Levin wrote:
> From: Viresh Kumar <viresh.kumar@linaro.org>
> 
> [ Upstream commit 7ee23491b39259ae83899dd93b2a29ef0f22f0a7 ]
> 
> The permissions of the read-only or write-only sysfs files can be
> changed (as root) and the user can then try to read a write-only file or
> write to a read-only file which will lead to kernel crash here.
> 
> Protect against that by always validating the show/store callbacks.
> 
> Link: https://lore.kernel.org/r/d45cc26361a174ae12dbb86c994ef334d257924b.1573096807.git.viresh.kumar@linaro.org
> Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
> ---
>  drivers/infiniband/hw/qib/qib_sysfs.c | 6 ++++++
>  1 file changed, 6 insertions(+)

Good catch, I was looking for this one but somehow the stable tag got
dropped from it.

greg k-h

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-11  7:45 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20191210223035.14270-1-sashal@kernel.org>
2019-12-10 22:29 ` [PATCH AUTOSEL 4.9 11/91] IB/iser: bound protection_sg size by data_sg size Sasha Levin
2019-12-10 22:30 ` [PATCH AUTOSEL 4.9 75/91] RDMA/qib: Validate ->show()/store() callbacks before calling them Sasha Levin
2019-12-11  7:45   ` Greg Kroah-Hartman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).