Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp5232699pxb; Mon, 15 Feb 2021 13:27:47 -0800 (PST) X-Google-Smtp-Source: ABdhPJz/MeWzXKhWAOeDSLQ6GLYFog2URtrpPUw1NZ5qRAg5s08FPkZloYjQH2fOq+/138u8KiPF X-Received: by 2002:a17:906:296a:: with SMTP id x10mr17338349ejd.240.1613424466946; Mon, 15 Feb 2021 13:27:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613424466; cv=none; d=google.com; s=arc-20160816; b=GG7moYnvzVu+G/2rXSAWQblM3q8zxgoQJLqbZRfYdHnMxFRfsfoDw8b7PPxcQ5Ep+T +QwjFG9Vg11WrboQlHu+KGLhb9ePTbSSL4OS6o183ZeRoFYHe77nnZezm9/FN3XFByFe I497YInL9WnLwME5IZkh7ScnzVIG04tengVqPNZFtxT0N4dvB575/V3VjOIziA55kYYe BXmV7x/6kSUwAIpePcmX2BVQfTKKdsxeaBWgBTN0JzNlBrCTQi9FmidDp5A6AYn/DVl8 yYlOdCzM92OqiDmKhAcCcuF6qjicBMyUVilqFKVI/KWKjiI3bCpl6LuYIiJHvRXYZfYq iKUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=9WE7sfWuADZEgBkO6VBLoyU3Kt+14QI5HCaf9dRKQr0=; b=vXo5AVyzDpkEEwMzp339fUqmcOXOyHaYTlfKjLlxlpoFHebmSbUR/3f0HoeXzUlFtB q4muetnpt+m2Ftc7xcqEw9MjrQKFueO7SfwEi9eq0lcNTA7K2N/ejTlXhqxaV2VV3Zpk mfmeNRPL8GOZEA3dLIesY5Z0TOpZrTDcgGYgjONarTLKyM/ILezSZsTjgBkDySPDDY4X 2tCaUBftKZqfCE6h0OxMfoT1APxGv/OZp/gBhuXgo3+gRzSEjFYP1kNKH5Zki/K7nJCi ITriFRoA9w8NwZp3OFFLZ/0c3CzB9PYLLysG6LhQy8JcmXVsq0InrffrA0zXFLOAAyB9 oLXQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x5si7335630ede.575.2021.02.15.13.27.21; Mon, 15 Feb 2021 13:27:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229708AbhBOVYn (ORCPT + 99 others); Mon, 15 Feb 2021 16:24:43 -0500 Received: from mail-wr1-f46.google.com ([209.85.221.46]:35183 "EHLO mail-wr1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229662AbhBOVYm (ORCPT ); Mon, 15 Feb 2021 16:24:42 -0500 Received: by mail-wr1-f46.google.com with SMTP id l12so10755372wry.2 for ; Mon, 15 Feb 2021 13:24:25 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=9WE7sfWuADZEgBkO6VBLoyU3Kt+14QI5HCaf9dRKQr0=; b=QHld4gcAirLT9KYKVdp2J9gadjhIMcCWtXam524bH4RRL8nYR1kbztFgFVcbnyBu6N sTNpEeT/Qp2/CoIS4LvASklE5qu1VGbuOqQZXUeYE7RfxzQJ00WpUNyMw4bGXnkLwAMe iQmkO65iDLxtkne/Rsy4buPGPpsRwm3rYgFSMAlxK4cvmKQNeLSUauQqh7SKQnopYV/T cYSXnD1RP10ZgTPAg6T3PpQesIDHKB+A1J/4inkPhoipdEzJC50p9syjvULvIuO6yMuP obv1jrYx3r3azUtdqFfpDjs3mi1SlEGIvnkI3MefgMGPjwRuzgRMi/tY3PKlsF4rQgRe pDvA== X-Gm-Message-State: AOAM530KZBqmpDbwcCrZfZaQt31s0lBvsHB4LIjGAw3kcs0Z5VEEklD4 /dtGdaHzqJyCMqButzP83tm8vElO/Cw= X-Received: by 2002:a05:6000:242:: with SMTP id m2mr20027397wrz.422.1613424240136; Mon, 15 Feb 2021 13:24:00 -0800 (PST) Received: from ?IPv6:2601:647:4802:9070:e348:9c6c:4cb7:8321? ([2601:647:4802:9070:e348:9c6c:4cb7:8321]) by smtp.gmail.com with ESMTPSA id t6sm16067655wrn.96.2021.02.15.13.23.58 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 15 Feb 2021 13:23:59 -0800 (PST) Subject: Re: [PATCH] nvme-tcp: Check if request has started before processing it To: Hannes Reinecke , Keith Busch Cc: Jens Axboe , Christoph Hellwig , linux-nvme@lists.infradead.org, Daniel Wagner , linux-kernel@vger.kernel.org References: <20210212181738.79274-1-dwagner@suse.de> <20210212210929.GA3851@redsun51.ssa.fujisawa.hgst.com> <73e4914e-f867-c899-954d-4b61ae2b4c33@suse.de> From: Sagi Grimberg Message-ID: <5b45835b-eb81-29e8-e319-a8509474e27f@grimberg.me> Date: Mon, 15 Feb 2021 13:23:55 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <73e4914e-f867-c899-954d-4b61ae2b4c33@suse.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >>>>> blk_mq_tag_to_rq() will always return a request if the command_id is >>>>> in the valid range. Check if the request has been started. If we >>>>> blindly process the request we might double complete a request which >>>>> can be fatal. >>>> >>>> How did you get to this one? did the controller send a completion for >>>> a completed/bogus request? >>> >>> If that is the case, then that must mean it's possible the driver could >>> have started the command id just before the bogus completion check. Data >>> iorruption, right? >> >> Yes, which is why I don't think this check is very useful.. > > I actually view that as a valid protection against spoofed frames. > Without it it's easy to crash the machine by injecting fake completions > with random command ids. And this doesn't help because the command can have been easily reused and started... What is this protecting against? Note that none of the other transports checks that, why should tcp?