lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1452457724-10629-1-git-send-email-nab@daterainc.com>
Date:	Sun, 10 Jan 2016 20:28:40 +0000
From:	"Nicholas A. Bellinger" <nab@...erainc.com>
To:	target-devel <target-devel@...r.kernel.org>
Cc:	linux-scsi <linux-scsi@...r.kernel.org>,
	lkml <linux-kernel@...r.kernel.org>,
	Sagi Grimberg <sagig@...lanox.com>,
	Christoph Hellwig <hch@....de>, Hannes Reinecke <hare@...e.de>,
	Andy Grover <agrover@...hat.com>,
	Vasu Dev <vasu.dev@...ux.intel.com>, Vu Pham <vu@...lanox.com>,
	Nicholas Bellinger <nab@...ux-iscsi.org>
Subject: [PATCH-v2 0/4] target: Close se_node_acl lookup race

From: Nicholas Bellinger <nab@...ux-iscsi.org>

Hi folks,

This -v2 series addresses a long standing race between
fabric driver se_node_acl lookup + pointer dereference
during session login, and when kref_get() of ->acl_kref
actually happens within __transport_register_session()
code. 

Also as reported earlier by HCH, go ahead and convert
core_tpg_set_initiator_node_queue_depth() to use proper
se_node_acl->se_acl_list -> se_session dereference,
following how core_tpg_del_initiator_node_acl() works
for invoking explicit session shutdown.

Please review,

--nab

-v2 changes:
  - Have tcm_fc/ib_srpt conversion preceed other changes
  - Fix demo-mode acl regression with generate_node_acls=1
  - Fix set_initiator_node_queue_depth session reference
    usage.
  - Add ib_srpt hack to avoid potential user-space
    backwards-compat issue.

Nicholas Bellinger (4):
  tcm_fc: Convert acl lookup to modern get_initiator_node_acl usage
  ib_srpt: Convert acl lookup to modern get_initiator_node_acl usage
  target: Fix change depth se_session reference usage
  target: Obtain se_node_acl->acl_kref during get_initiator_node_acl

 drivers/infiniband/ulp/srpt/ib_srpt.c        |  95 +++++-----------
 drivers/infiniband/ulp/srpt/ib_srpt.h        |   2 -
 drivers/target/iscsi/iscsi_target_configfs.c |  14 ++-
 drivers/target/iscsi/iscsi_target_tpg.c      |  10 --
 drivers/target/iscsi/iscsi_target_tpg.h      |   2 -
 drivers/target/target_core_tpg.c             | 161 +++++++++++----------------
 drivers/target/target_core_transport.c       |  22 ++--
 drivers/target/tcm_fc/tfc_conf.c             |  26 ++---
 drivers/target/tcm_fc/tfc_sess.c             |  18 +--
 include/target/target_core_fabric.h          |   4 +-
 10 files changed, 137 insertions(+), 217 deletions(-)

-- 
1.9.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ