** Changed in: linux (Ubuntu)
Status: New => Triaged
** Changed in: linux (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1689360
Title:
TCMU: Fix possible overwrite of t_data_sg's last iov[] and wrongly
calculating base_command_size
Status in The Ubuntu-power-systems project:
New
Status in linux package in Ubuntu:
Triaged
Bug description:
---Problem Description---
If there has BIDI data, its first iov[] will overwrite the last
iov[] for se_cmd->t_data_sg.
---uname output---
Latest Yakkety master branch
Machine Type = P8
---Steps to Reproduce---
Just have a system do workload using tcmu.
Stack trace output:
I have seen this in my environment:
(gdb) print *((tcmulib_cmd->iovec)+0)
$7 = {iov_base = 0x3fff7c3d0000, iov_len = 8192}
(gdb) print *((tcmulib_cmd->iovec)+1)
$3 = {iov_base = 0x3fff7c3da000, iov_len = 4096}
(gdb) print *((tcmulib_cmd->iovec)+2)
$4 = {iov_base = 0x3fff7c3dc000, iov_len = 16384}
(gdb) print *((tcmulib_cmd->iovec)+3)
$5 = {iov_base = 0x3fff7c3f7000, iov_len = 12288}
(gdb) print *((tcmulib_cmd->iovec)+4)
$6 = {iov_base = 0x1306e853c0028, iov_len = 128} <--- bad pointer and length
cmu: Fix wrongly calculating of the base_command_size
https://patchwork.kernel.org/patch/9687657/
tcmu: Fix possible overwrite of t_data_sg's last iov[]
https://patchwork.kernel.org/patch/9687565/
tcmu: Skip Data-Out blocks before gathering Data-In buffer for BIDI
case
https://patchwork.kernel.org/patch/9655423/
This patch should also be a part of these fixes. WITH BIDI op fixes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1689360/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
