Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.3:ARM
tcmu-runner.23488
tcmu-runner-fail-cross-device-XCOPY-requests.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcmu-runner-fail-cross-device-XCOPY-requests.patch of Package tcmu-runner.23488
From 78041f6702fde82ea4792252b9ed5dcea4567a27 Mon Sep 17 00:00:00 2001 From: David Disseldorp <ddiss@suse.de> Date: Mon, 16 Nov 2020 12:25:32 +0100 Subject: [PATCH] tcmur: fail cross-device XCOPY requests tcmu-runner can't determine whether the device(s) referred to in XCOPY Copy Source/Copy Destination (CSCD) descriptors should be accessible to the initiator via transport settings, ACLs, etc. Consequently, fail XCOPY requests with CSCD descriptors which refer to any device other than where the XCOPY request is processed. References: CVE-2020-28374 Fixes: 9c86bd0 ("tcmur: Add emulate XCOPY command support") Signed-off-by: David Disseldorp <ddiss@suse.de> Reviewed-by: Lee Duncan <lduncan@suse.com> --- tcmur_cmd_handler.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tcmur_cmd_handler.c b/tcmur_cmd_handler.c index ca5e21c..dfffc30 100644 --- a/tcmur_cmd_handler.c +++ b/tcmur_cmd_handler.c @@ -1349,6 +1349,18 @@ static int xcopy_parse_parameter_list(struct tcmu_device *dev, if (ret != TCMU_STS_OK) goto err; + /* + * tcmu-runner can't determine whether the device(s) referred to in an + * XCOPY request should be accessible to the initiator via transport + * settings, ACLs, etc. XXX Consequently, we need to fail any + * cross-device requests for safety reasons. + */ + if (dev != xcopy->src_dev || dev != xcopy->dst_dev) { + tcmu_dev_err(dev, "Cross-device XCOPY not supported\n"); + ret = TCMU_STS_CP_TGT_DEV_NOTCONN; + goto err; + } + if (tcmu_dev_get_block_size(xcopy->src_dev) != tcmu_dev_get_block_size(xcopy->dst_dev)) { tcmu_dev_err(dev, "The block size of src dev %u != dst dev %u\n", -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor