lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 8 Jun 2017 15:37:34 +0000
From:   Bart Van Assche <Bart.VanAssche@...disk.com>
To:     "target-devel@...r.kernel.org" <target-devel@...r.kernel.org>,
        "nab@...ux-iscsi.org" <nab@...ux-iscsi.org>
CC:     "linux-scsi@...r.kernel.org" <linux-scsi@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "mchristi@...hat.com" <mchristi@...hat.com>,
        "roland@...estorage.com" <roland@...estorage.com>,
        "hare@...e.de" <hare@...e.de>,
        "martin.petersen@...cle.com" <martin.petersen@...cle.com>
Subject: Re: [PATCH] iscsi-target: Reject immediate data underflow larger than
 SCSI transfer length

On Thu, 2017-06-08 at 04:21 +0000, Nicholas A. Bellinger wrote:
> +	/*
> +	 * Check for underflow case where both EDTL and immediate data payload
> +	 * exceeds what is presented by CDB's TRANSFER LENGTH, and what has
> +	 * already been set in target_cmd_size_check() as se_cmd->data_length.
> +	 *
> +	 * For this special case, fail the command and dump the immediate data
> +	 * payload.
> +	 */
> +	if (cmd->first_burst_len > cmd->se_cmd.data_length) {
> +		cmd->sense_reason = TCM_INVALID_CDB_FIELD;
> +		goto after_immediate_data;
> +	}

A quote from the iSCSI RFC (https://tools.ietf.org/html/rfc5048):

   If SPDTL < EDTL for a task, iSCSI Underflow MUST be signaled in the
   SCSI Response PDU as specified in [RFC3720].  The Residual Count MUST
   be set to the numerical value of (EDTL - SPDTL).

Sorry but I don't think that sending TCM_INVALID_CDB_FIELD back to the
initiator is compliant with the iSCSI RFC. Please note that a fix that is
compliant with the iSCSI RFC is present in the following patch series: [PATCH
00/33] SCSI target driver patches for kernel v4.13, 23 May 2017
(https://www.spinics.net/lists/target-devel/msg15370.html).

Bart.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ