lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1452237348-2277-1-git-send-email-nab@daterainc.com>
Date:	Fri,  8 Jan 2016 07:15:44 +0000
From:	"Nicholas A. Bellinger" <nab@...erainc.com>
To:	target-devel <target-devel@...r.kernel.org>
Cc:	linux-scsi <linux-scsi@...r.kernel.org>,
	lkml <linux-kernel@...r.kernel.org>,
	Sagi Grimberg <sagig@...lanox.com>,
	Christoph Hellwig <hch@....de>, Hannes Reinecke <hare@...e.de>,
	Andy Grover <agrover@...hat.com>,
	Vasu Dev <vasu.dev@...ux.intel.com>, Vu Pham <vu@...lanox.com>,
	Nicholas Bellinger <nab@...ux-iscsi.org>
Subject: [PATCH 0/4] target: Close se_node_acl lookup race

From: Nicholas Bellinger <nab@...ux-iscsi.org>

Hi folks,

This series addresses a long standing race between when
fabric driver se_node_acl lookup and associated pointer
dereference happens, and when kref_get() of ->acl_kref
actually occurs within __transport_register_session()
code.

To address this bug, patch #1 makes get_initiator_node_acl
lookup obtain ->acl_kref while ->acl_node_mutex is held,
and uses existing core_tpg_del_initiator_node_acl() logic
for shutdown based on struct kref + struct completion.

Also while auditing existing se_node_acl lookup users,
there is one particular case in target-core during session
queue depth change where lookup is completely unnecessary.
Go ahead and drop this pointless lookup in patch #2.

Finally, convert the last two remaining fabric drivers
that once upon a time where using some manner of internal
or quasi internal driver methods for node acl lookup.
Do this for tcm_fc + ib_srpt drivers in patch #3 + #4.

Please review,

--nab

Nicholas Bellinger (4):
  target: Obtain se_node_acl->acl_kref during get_initiator_node_acl
  target: Remove useless set_initiator_node_queue_depth acl lookup
  tcm_fc: Convert acl lookup to modern get_initiator_node_acl usage
  ib_srpt: Convert acl lookup to modern get_initiator_node_acl usage

 drivers/infiniband/ulp/srpt/ib_srpt.c        | 78 ++++++----------------------
 drivers/infiniband/ulp/srpt/ib_srpt.h        |  2 -
 drivers/target/iscsi/iscsi_target_configfs.c |  6 +--
 drivers/target/iscsi/iscsi_target_tpg.c      | 10 ----
 drivers/target/iscsi/iscsi_target_tpg.h      |  2 -
 drivers/target/target_core_tpg.c             | 29 ++++-------
 drivers/target/target_core_transport.c       | 18 ++++---
 drivers/target/tcm_fc/tfc_conf.c             | 26 +++-------
 drivers/target/tcm_fc/tfc_sess.c             | 18 ++++---
 include/target/target_core_fabric.h          |  2 +-
 10 files changed, 61 insertions(+), 130 deletions(-)

-- 
1.9.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ