On 1/17/25 10:50 AM, Mike Christie wrote:
>> You are welcome. There is another bug I was about to report, but I'm not
>> sure whether I should create a new thread. I feel that the original design
>> of dynamically allocating new vs_tpgs in vhost_scsi_set_endpoint is not
>> intuitive, and copying TP
On 1/17/25 5:42 AM, Haoran Zhang wrote:
>> I see now and can replicate it. I think there is a 2nd bug in
>> vhost_scsi_set_endpoint related to all this where we need to
>> prevent switching targets like this or else we'll leak some
>> other refcounts. If 500140501e23be28's tpg number was 3 then
>>
> I see now and can replicate it. I think there is a 2nd bug in
> vhost_scsi_set_endpoint related to all this where we need to
> prevent switching targets like this or else we'll leak some
> other refcounts. If 500140501e23be28's tpg number was 3 then
> we would overwrite the existing vs->vs_vhost_
On 1/14/25 1:40 AM, 张浩然 wrote:
> After reevaluating the PoC, I realized that my initial claim was incorrect.
> The target WWN in the second vhost_scsi_set_endpoint() call is not the same
> as in the first one. Below is my targetcli status:
>
> o- vhost . [
On 1/14/25 5:26 AM, Michael S. Tsirkin wrote:
>
> Wanna post the patch, Mike?
>
Yeah, I'll send a patch.
On Sun, Jan 12, 2025 at 03:19:44PM -0600, Mike Christie wrote:
> On 1/12/25 11:35 AM, michael.chris...@oracle.com wrote:
> > So I think to fix the issue, we would want to:
> >
> > 1. move the
> >
> > memcpy(vs_tpg, vs->vs_tpg, len);
> >
> > to the end of the function after we do the vhost_scsi_f
Yes, and it also protects the kernel from the PoC, as I've tested.
On 2025-01-14 10:17:50 Lei Yang wrote:
> I tested this patch with virtio-net regression tests, everything works fine.
>
> Tested-by: Lei Yang
>
>
> On Mon, Jan 13, 2025 at 5:20 AM Mike Christie
> wrote:
> >
> > On 1/12/25 11:3
On 2025-01-13 01:35:20, Michael Christie wrote:
>
> On 1/10/25 9:34 PM, Haoran Zhang wrote:
> > Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
> > session"), a bug can be triggered when the host sends a duplicate
> > VHOST_SCSI_SET_ENDPOINT ioctl command.
>
> I don't thi
I tested this patch with virtio-net regression tests, everything works fine.
Tested-by: Lei Yang
On Mon, Jan 13, 2025 at 5:20 AM Mike Christie
wrote:
>
> On 1/12/25 11:35 AM, michael.chris...@oracle.com wrote:
> > So I think to fix the issue, we would want to:
> >
> > 1. move the
> >
> > memcp
On 1/12/25 11:35 AM, michael.chris...@oracle.com wrote:
> So I think to fix the issue, we would want to:
>
> 1. move the
>
> memcpy(vs_tpg, vs->vs_tpg, len);
>
> to the end of the function after we do the vhost_scsi_flush. This will
> be more complicated than the current memcpy though. We will w
On 1/10/25 9:34 PM, Haoran Zhang wrote:
> Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
> session"), a bug can be triggered when the host sends a duplicate
> VHOST_SCSI_SET_ENDPOINT ioctl command.
I don't think that git commit is correct. It should be:
25b98b64e284 ("vho
Hi Kuan-Wei,
On Sat, Jan 11, 2025 at 13:45:50 +0800, Kuan-Wei Chiu wrote:
> Hi Haoran,
>
> On Sat, Jan 11, 2025 at 11:34:18AM +0800, Haoran Zhang wrote:
> > Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
> > session"), a bug can be triggered when the host sends a duplicate
Hi Haoran,
On Sat, Jan 11, 2025 at 11:34:18AM +0800, Haoran Zhang wrote:
> Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
> session"), a bug can be triggered when the host sends a duplicate
> VHOST_SCSI_SET_ENDPOINT ioctl command.
>
> In vhost_scsi_set_endpoint(), if the
Since commit 3f8ca2e115e55 ("vhost scsi: alloc cmds per vq instead of
session"), a bug can be triggered when the host sends a duplicate
VHOST_SCSI_SET_ENDPOINT ioctl command.
In vhost_scsi_set_endpoint(), if the new `vhost_wwpn` matches the old tpg's
tport_name but the tpg is still held by curr
14 matches
Mail list logo
