| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210506073610.33867-1-phil@philpotter.co.uk>
Date: Thu, 6 May 2021 08:36:10 +0100
From: Phillip Potter <phil@...lpotter.co.uk>
To: jejb@...ux.ibm.com
Cc: martin.petersen@...cle.com, linux-scsi@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] scsi: sd: skip checks when media is present if sd_read_capacity reports zero
In sd_revalidate_disk, if sdkp->media_present is set, then sdkp->capacity
should not be zero. Therefore, jump to end of if block and skip remaining
checks/calls. Fixes a KMSAN-found uninit-value bug reported by syzbot at:
https://syzkaller.appspot.com/bug?id=197c8a3a2de61720a9b500ad485a7aba0065c6af
Reported-by: syzbot+6b02c1da3865f750164a@...kaller.appspotmail.com
Signed-off-by: Phillip Potter <phil@...lpotter.co.uk>
---
drivers/scsi/sd.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
index ed0b1bb99f08..a7fe53f492ae 100644
--- a/drivers/scsi/sd.c
+++ b/drivers/scsi/sd.c
@@ -3201,6 +3201,8 @@ static int sd_revalidate_disk(struct gendisk *disk)
*/
if (sdkp->media_present) {
sd_read_capacity(sdkp, buffer);
+ if (!sdkp->capacity)
+ goto present_block_end;
/*
* set the default to rotational. All non-rotational devices
@@ -3226,6 +3228,7 @@ static int sd_revalidate_disk(struct gendisk *disk)
sd_read_write_same(sdkp, buffer);
sd_read_security(sdkp, buffer);
}
+present_block_end:
/*
* We now have all cache related info, determine how we deal
--
2.30.2
Powered by blists - more mailing lists