Re: [PATCH v9 08/12] nvmet-tcp: don't check data_len in nvmet_tcp_map_data()

From: Christoph Hellwig
Date: Thu Oct 10 2019 - 07:07:41 EST

Next message: Shenhar, Talel: "Re: [PATCH v5 1/2] dt-bindings: soc: al-pos: Amazon's Annapurna Labs POS"
Previous message: Christoph Hellwig: "Re: [PATCH v9 07/12] nvmet-core: don't check the data len for pt-ctrl"
In reply to: Logan Gunthorpe: "[PATCH v9 08/12] nvmet-tcp: don't check data_len in nvmet_tcp_map_data()"
Next in thread: Logan Gunthorpe: "[PATCH v9 10/12] block: don't check blk_rq_is_passthrough() in blk_do_io_stat()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 09, 2019 at 01:25:26PM -0600, Logan Gunthorpe wrote:
> With passthru, the data_len is no longer guaranteed to be set
> for all requests. Therefore, we should not check for it to be
> non-zero. Instead check if the SGL length is zero and map
> when appropriate.
>
> None of the other transports check data_len which is verified
> in core code.
>
> Signed-off-by: Logan Gunthorpe <logang@xxxxxxxxxxxx>
> Reviewed-by: Sagi Grimberg <sagi@xxxxxxxxxxx>

I think the issue here is deeper. Yes, this patch is correct, but
nvmet-tcp has another use of req.data_len in
nvmet_tcp_handle_req_failure, which looks completely bogus. Please
try to audit that as well and send out fixes to the list separately
from this series, as both look like potentially serious bugs.

Next message: Shenhar, Talel: "Re: [PATCH v5 1/2] dt-bindings: soc: al-pos: Amazon's Annapurna Labs POS"
Previous message: Christoph Hellwig: "Re: [PATCH v9 07/12] nvmet-core: don't check the data len for pt-ctrl"
In reply to: Logan Gunthorpe: "[PATCH v9 08/12] nvmet-tcp: don't check data_len in nvmet_tcp_map_data()"
Next in thread: Logan Gunthorpe: "[PATCH v9 10/12] block: don't check blk_rq_is_passthrough() in blk_do_io_stat()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]