lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 16 Jan 2017 10:22:55 +0100
From:   Ingo Molnar <>
To:     James Bottomley <>
Cc:     Andrew Morton <>,
        Linus Torvalds <>,
        Sathya Prakash <>,
        Chaitra P B <>,
        Suganath Prabu Subramani 
        Sreekanth Reddy <>,
        Hannes Reinecke <>,
        linux-scsi <>,
        linux-kernel <>,
        Thomas Gleixner <>
Subject: Re: [PATCH] Revert "scsi: mpt3sas: Fix secure erase premature

* James Bottomley <> wrote:

> On Sun, 2017-01-15 at 10:19 +0100, Ingo Molnar wrote:
> > So there's a new mpt3sas SCSI driver boot regression, introduced in 
> > this merge window, which made one of my servers unbootable.
> We're not reverting a fix that would cause regressions for others. 

You really need to reconsider that stance ...

> However, The fix was manifestly wrong, so does this fix of the fix work for you:
> It's been languishing a bit because no-one seemed to care enough to
> test or review it.  IOf you can add a tested by, that will give the two
> we need to push it.

I have tested your other patch that you pointed to:

Which patch fixes the bug too (I removed my revert first) - so you can add my:

  Reported-by: Ingo Molnar <>
  Tested-by: Ingo Molnar <>

BTW., is it wise to work around the out of spec firmware in the mpt3sas code and 
leave the overly optimistic assumptions in the SCSI code intact? The problem is 
that other SCSI hardware could be affected as well - and especially enterprise 
class server hardware has long testing and thus regression latencies (as my 
example proves).

Wouldn't it be more robust to only submit one pass-through command at a time from 
the SCSI layer, and maybe opt-in hardware that is known to implement the SAT 
standard fully?

(But I'm just kibitzing here really.)



Powered by blists - more mailing lists