Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180621130327.GB24925@infradead.org>
Date: Thu, 21 Jun 2018 06:03:27 -0700
From: Christoph Hellwig <hch@...radead.org>
To: Jann Horn <jannh@...gle.com>
Cc: Christoph Hellwig <hch@...radead.org>, axboe@...nel.dk,
	dgilbert@...erlog.com, Al Viro <viro@...iv.linux.org.uk>,
	fujita.tomonori@....ntt.co.jp, jejb@...ux.vnet.ibm.com,
	martin.petersen@...cle.com, linux-block@...r.kernel.org,
	linux-scsi@...r.kernel.org,
	kernel list <linux-kernel@...r.kernel.org>,
	Kernel Hardening <kernel-hardening@...ts.openwall.com>,
	security@...nel.org, Alexander Nezhinsky <alexandern@...lanox.com>,
	Nicholas Bellinger <nab@...ux-iscsi.org>, stgt@...r.kernel.org
Subject: Re: [PATCH] sg, bsg: mitigate read/write abuse, block uaccess in
 release

On Thu, Jun 21, 2018 at 02:51:16PM +0200, Jann Horn wrote:
> In the package https://packages.debian.org/stretch/tgt:
>   https://sources.debian.org/src/tgt/1:1.0.73-1/usr/bs_sg.c/?hl=131#L131
>   https://sources.debian.org/src/tgt/1:1.0.73-1/usr/bs_sg.c/?hl=236#L236

This is for real, although it is an optional case in an optional plug
in, so I'm not sure if any one actually uses bsg read/write with it
for real.

The usual aspects added. (the question is if bsg read/write support
is actually used in real life or can be removed)

> In the package https://packages.debian.org/stretch/sg3-utils:
>   https://sources.debian.org/src/sg3-utils/1.42-2/examples/bsg_queue_tst.c/?hl=60#L60

This is just example code.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.