Re: [PATCH v2 3/3] scsi:libiscsi: teardown iscsi_cls_conn gracefully

2022-03-08 Thread Mike Christie
On 3/8/22 9:09 PM, Wenchao Hao wrote: > @@ -3143,8 +3145,6 @@ void iscsi_conn_teardown(struct iscsi_cls_conn > *cls_conn) > mutex_unlock(&session->eh_mutex); > > iscsi_destroy_conn(cls_conn); This should then be a iscsi_put_conn. So basically it balances out. iscsi_alloc_conn requ

Re: [PATCH v2 3/3] scsi:libiscsi: teardown iscsi_cls_conn gracefully

2022-03-08 Thread Mike Christie
On 3/8/22 9:09 PM, Wenchao Hao wrote: > diff --git a/drivers/scsi/scsi_transport_iscsi.c > b/drivers/scsi/scsi_transport_iscsi.c > index ca724eed4f4d..7b4d998708e7 100644 > --- a/drivers/scsi/scsi_transport_iscsi.c > +++ b/drivers/scsi/scsi_transport_iscsi.c > @@ -2165,6 +2165,7 @@ static int iscs

Re: [PATCH v2 1/3] scsi: iscsi: Add helper functions to manage iscsi_cls_conn

2022-03-08 Thread Mike Christie
On 3/8/22 9:09 PM, Wenchao Hao wrote: > iscsi_alloc_conn(): alloc and initialize iscsi_cls_conn > iscsi_add_conn(): expose iscsi_cls_conn to userspace's via sysfs. > iscsi_remove_conn(): remove iscsi_cls_conn from sysfs > iscsi_free_conn(): free iscsi_cls_conn > > Signed-off-by: Wenchao Hao > Sig

[PATCH v2 2/3] scsi:libiscsi: Add iscsi_cls_conn to sysfs after been initialized

2022-03-08 Thread 'Wenchao Hao' via open-iscsi
iscsi_create_conn() would expose iscsi_cls_conn to sysfs, while the initialization of iscsi_conn's dd_data is not ready now. When userspace try to access an attribute such as connect's address, it might cause a NULL pointer dereference. So we should add iscsi_cls_conn to sysfs until it has been in

[PATCH v2 3/3] scsi:libiscsi: teardown iscsi_cls_conn gracefully

2022-03-08 Thread 'Wenchao Hao' via open-iscsi
commit 1b8d0300a3e9 ("scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()") fixed an UAF in iscsi_conn_get_param() and introduced 2 tmp_xxx varibles, the implement looks ugly. We can fix this UAF with the help of device_del() gracefully. Call iscsi_remove_conn() at the beginnin

[PATCH v2 0/3] scsi:iscsi: handle iscsi_cls_conn device with sysfs

2022-03-08 Thread 'Wenchao Hao' via open-iscsi
We found a NULL pointer dereference in iscsi_sw_tcp_conn_get_param(), the root reason is we did sysfs addition wrong. iscsi_create_conn() expose iscsi_cls_conn to sysfs while the related resources are not initialized. So we should delay the calling of device_add() until these resources has been in

[PATCH v2 1/3] scsi: iscsi: Add helper functions to manage iscsi_cls_conn

2022-03-08 Thread 'Wenchao Hao' via open-iscsi
iscsi_alloc_conn(): alloc and initialize iscsi_cls_conn iscsi_add_conn(): expose iscsi_cls_conn to userspace's via sysfs. iscsi_remove_conn(): remove iscsi_cls_conn from sysfs iscsi_free_conn(): free iscsi_cls_conn Signed-off-by: Wenchao Hao Signed-off-by: Wu Bo --- drivers/scsi/scsi_transport_