git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	David Disseldorp <ddiss@suse.de>
	Fri, 23 Dec 2016 10:37:55 +0000 (11:37 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 17 Jan 2021 12:57:53 +0000 (13:57 +0100)
commit	48cb427e2c1bc49b47d04ca2f0e2cfeadb3aa05e
tree	a2d921320aca3db80ab19a6d26767e42f366a736	tree \| snapshot
parent	10bd1f305f5f9945bac76a6ddc5371ed2d159bf2	commit \| diff

target: bounds check XCOPY segment descriptor list

[ Upstream commit af9f62c1686268c0517b289274d38f3a03bebd2a ]

Check the length of the XCOPY request segment descriptor list against
the value advertised via the MAXIMUM SEGMENT DESCRIPTOR COUNT field in
the RECEIVE COPY OPERATING PARAMETERS response.

spc4r37 6.4.3.5 states:
  If the number of segment descriptors exceeds the allowed number, the
  copy manager shall terminate the command with CHECK CONDITION status,
  with the sense key set to ILLEGAL REQUEST, and the additional sense
  code set to TOO MANY SEGMENT DESCRIPTORS.

This functionality is testable using the libiscsi
ExtendedCopy.DescrLimits test.

Signed-off-by: David Disseldorp <ddiss@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>