From nobody Sun Dec 1 04:57:03 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y1F5C4MX4z5gD81; Sun, 01 Dec 2024 04:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Y1F5C1YbJz48j7; Sun, 1 Dec 2024 04:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1733029023; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f9tCvcRVVn4H+s4MHoK6QsJtzk4T/1gbilun+R3lmko=; b=gp+NVHLZsPmO6itdRsykZ1XR3j6NWCPM4dQMiAdyGGzwptZFZUp1O0J/0DYvHRtauLTR7e UFkTGoLApMPFp7Q0WFPhzzOTyLA8EFrBQOKuOWMyZnYq865pJ4tgcxQ5K53k7xoxdQK0Qo c+18naB4+0kElYNdS3JzUOXwmzfBxeOCWXCCVsOZsWY1bgNp5XArp8NNBNdEeP2zVHj0Rq BqGQ/481tMjk9hmx66fqfcSspDqNDkozcrD6q4FA660awyvgoI0H0McvU7hytKI5qYtU5n bcwFNGf992Yvlkq40exPQRtIe+A+6J+C8o1if885mVbyG59NrgkmzkMc/rjSRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1733029023; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f9tCvcRVVn4H+s4MHoK6QsJtzk4T/1gbilun+R3lmko=; b=L4N/z0Ke68ZRUPJQVJhlJkcaDEUjJubHwNO46hYVaaDO9DPCktzKx8V3IsGD4WRulBBXeU o+giCB1O2oBO9yh8tueYQKbHM/SiiMDivJHYu7MEWhbHjDoRKtBbIfuNvIHUy8BmFUS5XK bv56iuGmqllcopofJcg/3I6qslQyhjOGE5oxL1KdXpuM9daz4ecoEKVBc7DLgyoO2rgBbO HbQUHKcXEAPh1ep6bm3iyl/wwdl/M+XFMBe8lz20TSxWlZQYbb3QwRorpLClEoJxpRam1N 9S0nzjrevDLWVs3YVW2AzGF19YLcMraBDSGsTe2naqg18HzkbMWaQM25bFy6Xw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1733029023; a=rsa-sha256; cv=none; b=TKOb8pshj5HzX9aSwXIjFa54wQcFqLfA92KzKp+bqssfxjsAYJY9uTFu40eAZvbt1C7psc ieMdsNy0DR7o/YEGmRB/EGyYvFvv/BwVStyJ96zvtwu3YWk7ImkbGGHwQtS3Y93EXpsTLn d/oYtyVqddLxXTyM95bfQRmGjGl24ahTZCCo/T+E76xtVyTlXfaMg24xvmEBgz635Q/WoC o4LYbQevisVIoUBIoUTDH+niVYxMjwgmHSrETIxvX2+k8zJWReBSQl1Wly09HwupRD7O0K yplC1JBOALPDF7sDFxk59tu76tIAdcUJ8OVVJt0vTtYHe1XPzH9EhVQec0f9Zw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Y1F5C145vzfLF; Sun, 1 Dec 2024 04:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4B14v3tQ094801; Sun, 1 Dec 2024 04:57:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4B14v3jT094798; Sun, 1 Dec 2024 04:57:03 GMT (envelope-from git) Date: Sun, 1 Dec 2024 04:57:03 GMT Message-Id: <202412010457.4B14v3jT094798@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: John Baldwin Subject: git: 9a2a95eaa6b9 - stable/14 - ctl_report_supported_opcodes: Handle invalid requested service action List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 9a2a95eaa6b9321fae5044a27f23624bfb2ad159 Auto-Submitted: auto-generated The branch stable/14 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=9a2a95eaa6b9321fae5044a27f23624bfb2ad159 commit 9a2a95eaa6b9321fae5044a27f23624bfb2ad159 Author: John Baldwin AuthorDate: 2024-10-21 14:53:48 +0000 Commit: John Baldwin CommitDate: 2024-12-01 02:46:05 +0000 ctl_report_supported_opcodes: Handle invalid requested service action Service actions are only valid up to 31 as they are encoded in the low 5 bits of byte 1 in CDBs. Fail requests with a requested service action of 32 or higher with an INVALID FIELD IN COMMAND specifying byte 4 as the illegal byte. Reviewed by: asomers Differential Revision: https://reviews.freebsd.org/D46611 (cherry picked from commit 0e3a211961014e0991a54f583b2866ac19ed0e76) --- sys/cam/ctl/ctl.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/sys/cam/ctl/ctl.c b/sys/cam/ctl/ctl.c index 1a1a27ae16dd..f22b6ae924bc 100644 --- a/sys/cam/ctl/ctl.c +++ b/sys/cam/ctl/ctl.c @@ -7499,16 +7499,20 @@ ctl_report_supported_opcodes(struct ctl_scsiio *ctsio) total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; break; case RSO_OPTIONS_OC_SA: - if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) == 0 || - service_action >= 32) { + if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) == 0) { goto invalid_options; } - total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; - break; + /* FALLTHROUGH */ case RSO_OPTIONS_OC_ASA: - if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) != 0 && - service_action >= 32) { - goto invalid_options; + if (service_action >= 32) { + ctl_set_invalid_field(/*ctsio*/ ctsio, + /*sks_valid*/ 1, + /*command*/ 1, + /*field*/ 4, + /*bit_valid*/ 0, + /*bit*/ 0); + ctl_done((union ctl_io *)ctsio); + return (CTL_RETVAL_COMPLETE); } total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; break;