* [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command
@ 2021-12-07 1:06 Shin'ichiro Kawasaki
2021-12-07 2:01 ` Damien Le Moal
2021-12-07 3:45 ` Martin K. Petersen
0 siblings, 2 replies; 3+ messages in thread
From: Shin'ichiro Kawasaki @ 2021-12-07 1:06 UTC (permalink / raw)
To: linux-scsi
Cc: Martin K . Petersen, Douglas Gilbert, Damien Le Moal,
Shinichiro Kawasaki
According to ZBC and SPC specifications, the unit of ALLOCATION LENGTH
field of REPORT ZONES command is byte. However, current scsi_debug
implementation handles it as number of zones to calculate buffer size to
report zones. When the ALLOCATION LENGTH has a large number, this
results in too large buffer size and causes memory allocation failure.
Fix the failure by handling ALLOCATION LENGTH as byte unit.
Fixes: f0d1cf9378bd ("scsi: scsi_debug: Add ZBC zone commands")
Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
---
Changes from v1:
* Use kzalloc in place of kcalloc
drivers/scsi/scsi_debug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c
index 3c0da3770edf..2104973a35cd 100644
--- a/drivers/scsi/scsi_debug.c
+++ b/drivers/scsi/scsi_debug.c
@@ -4342,7 +4342,7 @@ static int resp_report_zones(struct scsi_cmnd *scp,
rep_max_zones = min((alloc_len - 64) >> ilog2(RZONES_DESC_HD),
max_zones);
- arr = kcalloc(RZONES_DESC_HD, alloc_len, GFP_ATOMIC);
+ arr = kzalloc(alloc_len, GFP_ATOMIC);
if (!arr) {
mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
INSUFF_RES_ASCQ);
--
2.33.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command
2021-12-07 1:06 [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command Shin'ichiro Kawasaki
@ 2021-12-07 2:01 ` Damien Le Moal
2021-12-07 3:45 ` Martin K. Petersen
1 sibling, 0 replies; 3+ messages in thread
From: Damien Le Moal @ 2021-12-07 2:01 UTC (permalink / raw)
To: Shin'ichiro Kawasaki, linux-scsi; +Cc: Martin K . Petersen, Douglas Gilbert
On 2021/12/07 10:06, Shin'ichiro Kawasaki wrote:
> According to ZBC and SPC specifications, the unit of ALLOCATION LENGTH
> field of REPORT ZONES command is byte. However, current scsi_debug
> implementation handles it as number of zones to calculate buffer size to
> report zones. When the ALLOCATION LENGTH has a large number, this
> results in too large buffer size and causes memory allocation failure.
> Fix the failure by handling ALLOCATION LENGTH as byte unit.
>
> Fixes: f0d1cf9378bd ("scsi: scsi_debug: Add ZBC zone commands")
> Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
> ---
> Changes from v1:
> * Use kzalloc in place of kcalloc
>
> drivers/scsi/scsi_debug.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c
> index 3c0da3770edf..2104973a35cd 100644
> --- a/drivers/scsi/scsi_debug.c
> +++ b/drivers/scsi/scsi_debug.c
> @@ -4342,7 +4342,7 @@ static int resp_report_zones(struct scsi_cmnd *scp,
> rep_max_zones = min((alloc_len - 64) >> ilog2(RZONES_DESC_HD),
> max_zones);
>
> - arr = kcalloc(RZONES_DESC_HD, alloc_len, GFP_ATOMIC);
> + arr = kzalloc(alloc_len, GFP_ATOMIC);
> if (!arr) {
> mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
> INSUFF_RES_ASCQ);
>
Looks good to me.
Reviewed-by: Damien Le Moal <damien.lemoal@opensource.wdc.com>
--
Damien Le Moal
Western Digital Research
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command
2021-12-07 1:06 [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command Shin'ichiro Kawasaki
2021-12-07 2:01 ` Damien Le Moal
@ 2021-12-07 3:45 ` Martin K. Petersen
1 sibling, 0 replies; 3+ messages in thread
From: Martin K. Petersen @ 2021-12-07 3:45 UTC (permalink / raw)
To: linux-scsi, Shin'ichiro Kawasaki
Cc: Martin K . Petersen, Damien Le Moal, Douglas Gilbert
On Tue, 7 Dec 2021 10:06:38 +0900, Shin'ichiro Kawasaki wrote:
> According to ZBC and SPC specifications, the unit of ALLOCATION LENGTH
> field of REPORT ZONES command is byte. However, current scsi_debug
> implementation handles it as number of zones to calculate buffer size to
> report zones. When the ALLOCATION LENGTH has a large number, this
> results in too large buffer size and causes memory allocation failure.
> Fix the failure by handling ALLOCATION LENGTH as byte unit.
>
> [...]
Applied to 5.16/scsi-fixes, thanks!
[1/1] scsi: scsi_debug: Fix buffer size of REPORT ZONES command
https://git.kernel.org/mkp/scsi/c/7db0e0c8190a
--
Martin K. Petersen Oracle Linux Engineering
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-12-07 3:46 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-07 1:06 [PATCH v2] scsi: scsi_debug: Fix buffer size of REPORT ZONES command Shin'ichiro Kawasaki
2021-12-07 2:01 ` Damien Le Moal
2021-12-07 3:45 ` Martin K. Petersen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.