Received: by 2002:a17:90a:2044:0:0:0:0 with SMTP id n62csp529618pjc;
        Mon, 20 May 2019 11:18:56 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyuqWhjh8dqrVyeY0M4Zfx4LDd68heqO1+iUINYLBYgLnQgt4qq0mbNEZsCcqw9e43mjDAW
X-Received: by 2002:a17:902:e28a:: with SMTP id cf10mr76297415plb.77.1558376336073;
        Mon, 20 May 2019 11:18:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558376336; cv=none;
        d=google.com; s=arc-20160816;
        b=BrJe0uT/a4LgacXz+zDF07WFkO2LZek0iJc9g0QB+r6DJeXT9S32tG8+bgmZ6beU9m
         b7MJvMZRTmFbpB/+gavLlRQwoqmPJ6GnOCpzaf9Tjflho0VcHuHyxCikKTH8EcoW/jk8
         8o0uOjLKytIUJNOI+i+yoniHkj1OcNlBgE6Rz9DBdZv4/3U2BISfVPIcy3hFQmd2DsCP
         oe1Jx52OIOgfgObeHLcC80O4kD/aeXIIGUR1YoxtFwb3P5l5rdRPv/5CZ5c9PMv4g6+d
         ihMS66jISlsTookPpQ5P8adDGB5vvfWNOAoQO593E/SQxscm6cuDNRmb65+eE9aT8zM4
         AS5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:message-id
         :in-reply-to:date:references:organization:from:subject:cc:to
         :dkim-signature;
        bh=WDlTfhKqJMZ2zyqiSTpLnbD7JXsJmqETioOP6yU6rfE=;
        b=q5MyZW5548vf26u3ASFnedLvFSYSFQq+6qqn/DK4R059dYG26/F6cTQb6TFxfPiCTP
         88QIYMH9n95b2P0tM0A3t+BT6U8wol8yYpGUZxv9KL5bRUgKhBc5PTjxoMFn1o95Qr9m
         uIoAjxMwxKSdqnoWOVhzF4wx75Zb+JOFudzz0TWQYWPM/QPQ944sQSsToKDO3DXFincB
         A2I/89C5YqxEZ8hSpFX//hFwPJ5j/Ij91D6y+lEQUqxkSCZLXsYD3pih+Sm+Knc9ilC6
         +/NzR/OXF930+z3pv7yPlNbbDocCF+rHdpP51lCRwKsAC0YkLUG1mOwRn6DG0325PBVq
         jIyg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="2HS/eCCL";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f92si19499487plf.100.2019.05.20.11.18.41;
        Mon, 20 May 2019 11:18:56 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="2HS/eCCL";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389619AbfETQGE (ORCPT <rfc822;hackukernel@gmail.com>
        + 99 others); Mon, 20 May 2019 12:06:04 -0400
Received: from aserp2130.oracle.com ([141.146.126.79]:44318 "EHLO
        aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2387973AbfETQGE (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 May 2019 12:06:04 -0400
Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1])
        by aserp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x4KG3ocl004844;
        Mon, 20 May 2019 16:05:43 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=to : cc : subject :
 from : references : date : in-reply-to : message-id : mime-version :
 content-type; s=corp-2018-07-02;
 bh=WDlTfhKqJMZ2zyqiSTpLnbD7JXsJmqETioOP6yU6rfE=;
 b=2HS/eCCLMyxPInXGNYoD/VCOiXGqrZv0qxAcTXwAUMveelOAv3MndRVb61EwOefBqxdF
 Xrqzut2R4ufoUbuKCC8m3P079QIEYh3AqpejF8y20DzarQZYFVkvlxA1bBrOoiuarNcl
 F96d8GSBtdQV6p+Q55SHDzVNW3/E+JnmdNKUKbnoiRJQBZhC8moFUpLRURTft/dw761J
 X47t2e+c34ZAmJpGOWUb3ZdIlZvF9KJX/YRFcFNwrklc8U89bDYkYycW7CVePd7oUHeW
 UML/I5Wng+0kSZf0/LFJRaQy3LNqsIUfxAjNxvuyrRRdKwJkpXg2b983Lh7hSJqxFwRL 0Q== 
Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71])
        by aserp2130.oracle.com with ESMTP id 2sj7jdg6sk-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 20 May 2019 16:05:42 +0000
Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1])
        by aserp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x4KG5SFT107894;
        Mon, 20 May 2019 16:05:42 GMT
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by aserp3030.oracle.com with ESMTP id 2sks1xpasf-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 20 May 2019 16:05:42 +0000
Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x4KG5eDj022282;
        Mon, 20 May 2019 16:05:40 GMT
Received: from ca-mkp.ca.oracle.com (/10.159.214.123)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 20 May 2019 16:05:40 +0000
To:     James Bottomley <jejb@linux.ibm.com>
Cc:     Waiman Long <longman@redhat.com>,
        "Martin K. Petersen" <martin.petersen@oracle.com>,
        linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] scsi: ses: Fix out-of-bounds memory access in ses_enclosure_data_process()
From:   "Martin K. Petersen" <martin.petersen@oracle.com>
Organization: Oracle Corporation
References: <20190501180535.26718-1-longman@redhat.com>
        <1fd39969-4413-2f11-86b2-729787680efa@redhat.com>
        <1558363938.3742.1.camel@linux.ibm.com>
        <3385cf54-7b6c-3f28-e037-f0d4037368eb@redhat.com>
        <1558367212.3742.10.camel@linux.ibm.com>
Date:   Mon, 20 May 2019 12:05:38 -0400
In-Reply-To: <1558367212.3742.10.camel@linux.ibm.com> (James Bottomley's
        message of "Mon, 20 May 2019 08:46:52 -0700")
Message-ID: <yq1zhnh8625.fsf@oracle.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1.92 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9262 signatures=668687
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1810050000 definitions=main-1905200104
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9262 signatures=668687
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0
 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011
 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000
 definitions=main-1905200104
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


James,

> Please.  What I'm interested in is whether this is simply a bug in the
> array firmware, in which case the fix is sufficient, or whether
> there's some problem with the parser, like mismatched expectations
> over added trailing nulls or something.

Our support folks have been looking at this for a while. We have seen
problems with devices from several vendors. To the extent that I gave up
the idea of blacklisting all of them.

I am collecting "bad" SES pages from these devices. I have added support
for RECEIVE DIAGNOSTICS to scsi_debug and added a bunch of deliberately
broken SES pages so we could debug this.

It appears to be very common for devices to return inconsistent or
invalid data. So pretty much all of the ses.c parsing needs to have
sanity checking heuristics added to prevent KASAN hiccups.

-- 
Martin K. Petersen	Oracle Linux Engineering