lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 28 Jun 2024 12:48:42 +0900
From: Damien Le Moal <dlemoal@...nel.org>
To: Igor Pylypiv <ipylypiv@...gle.com>
Cc: Niklas Cassel <cassel@...nel.org>, Tejun Heo <tj@...nel.org>,
 Hannes Reinecke <hare@...e.de>, linux-ide@...r.kernel.org,
 linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v3 2/6] ata: libata-scsi: Do not overwrite valid sense
 data when CK_COND=1

On 6/28/24 5:55 AM, Igor Pylypiv wrote:
> On Thu, Jun 27, 2024 at 09:16:09AM +0900, Damien Le Moal wrote:
>> On 6/27/24 08:04, Igor Pylypiv wrote:
>>> Current ata_gen_passthru_sense() code performs two actions:
>>> 1. Generates sense data based on the ATA 'status' and ATA 'error' fields.
>>> 2. Populates "ATA Status Return sense data descriptor" / "Fixed format
>>>    sense data" with ATA taskfile fields.
>>>
>>> The problem is that #1 generates sense data even when a valid sense data
>>> is already present (ATA_QCFLAG_SENSE_VALID is set). Factoring out #2 into
>>> a separate function allows us to generate sense data only when there is
>>> no valid sense data (ATA_QCFLAG_SENSE_VALID is not set).
>>>
>>> As a bonus, we can now delete a FIXME comment in atapi_qc_complete()
>>> which states that we don't want to translate taskfile registers into
>>> sense descriptors for ATAPI.
>>>
>>> Cc: stable@...r.kernel.org
>>> Reviewed-by: Hannes Reinecke <hare@...e.de>
>>> Reviewed-by: Damien Le Moal <dlemoal@...nel.org>
>>> Signed-off-by: Igor Pylypiv <ipylypiv@...gle.com>
>>
>> I wonder if we can find the patch that introduced the bug in the first place so
>> that we can add a Fixes tag. I have not checked. This may have been wrong since
>> a long time ago...
> 
> This code was first introduced in 2005 in commit b095518ef51c3 ("[libata]
> ATA passthru (arbitrary ATA command execution)").
> 
> ATA_QCFLAG_SENSE_VALID was introduced a year later in commit 9ec957f2002b
> ("[PATCH] libata-eh-fw: add flags and operations for new EH").
> 
> IIUC, ATA_QCFLAG_SENSE_VALID has not been set for ATA drives until 2016
> when the support for fetching the sense data was added in 5b01e4b9efa0
> ("libata: Implement NCQ autosense") and commit e87fd28cf9a2d ("libata:
> Implement support for sense data reporting").
> 
> To me none of the commits looks like a good candidate for the Fixes tag.
> What are your thoughts on this?

Then let's just mark which LTS version need the patch.
E.g. Cc: stable@...r.kernel.org # X.Y +


-- 
Damien Le Moal
Western Digital Research

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ