From nobody Sun Dec 1 04:57:53 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y1F693Mskz5gDMX; Sun, 01 Dec 2024 04:57:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Y1F691nRzz4ChG; Sun, 1 Dec 2024 04:57:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1733029073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1JxIS1J3ALtrREee0yuSf++oecG69laBXSU2ZqZWvBo=; b=l4Rt0WVi80UfcBlNyvMYpFiKJhf+HgJS1F5Jtwz1vIiLr8h1E68OhwyeHJJIuVj4nbvbgV BziHUE95pY/XXZtQ/wrVv9LNZxZR0qkovDaXozdQjfR1PZAUqXfY+ZlcZV5z91AspVwj5U oF8Esf+bLyvdcWDwZE6l4ZnuaSy/ucqrqg6zfRKzBXEk0TjD5lmnWgXAylNBt9zW7O/uao sQDvCnd4uhzNzUPOvj2m5Viqdub5MUk7r5fEYC3RPbuanOEM3DK6k6K8U7AjRYpcsyCLr+ aEVyPWp38x2XMsG/dL8Su+Nhmi54bQRo3Q4SpyfpwxqtOEpLPArrNDPUJtwsMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1733029073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1JxIS1J3ALtrREee0yuSf++oecG69laBXSU2ZqZWvBo=; b=SE1Wlx4zfCE5ErBNGw4me7GLwbY9pwksAB2ng0ErB5lQtX3C2mlBt29oqtrNJaHn86txCn EfQa75XMBD+5w7IXIeBi3XeFJBJW3q36HIR0ri3KKu2LpOVJjtM5ccjFY7wqqGFnvmknLI z8SVDUK3lGLNWtsqHQ3isk1GNllQFm5afJnqNLqI/gB2eKu2iBEyjnzqMJzU6iVRqLP3Rk m5ChrnMDexzr/shyqYBDATNLmps8WRZH2oGO3HNVL6qqVfbGdokpD7UTOAau4is7BDVyk+ UM26JQIuOJKjWC/iyj3eQOyg4IF72+O0+pnRv0SujicPxeqMW6+UnUiJ1oxtLw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1733029073; a=rsa-sha256; cv=none; b=bclahVSraZ6J4dfqrryQSnjr/pS1syhtXq7WvswiL3UGXN1Jy7uGSNF94CBOySH6Gq+uYo YAmzahv+e/2wrJE9upqJa4ir3v6TPe8ADgOc4N8kjk7eJWMbyrOYrmzqV3wuLZjGGqytLB BGsAZkFxwGQ03S32BsK/KxJ1pr96PADGBbpR/frKQOznhy3lM5DFhxiQqSLIaMh+PX36OE rC6lcY0bbFK/eSrpeQ/EFcHPYenUaO72AUNBuOtFAxtHkcGvAbLkx68wZYSftkz+k9L1WG LMesPa5vTUtbEaSUVJBIqadmH2zlOStZ9rnILUSJrRjqZg3TzhQj8kxrAVQouA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Y1F691NHZzdn6; Sun, 1 Dec 2024 04:57:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4B14vrat097192; Sun, 1 Dec 2024 04:57:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4B14vrHB097189; Sun, 1 Dec 2024 04:57:53 GMT (envelope-from git) Date: Sun, 1 Dec 2024 04:57:53 GMT Message-Id: <202412010457.4B14vrHB097189@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: John Baldwin Subject: git: 1ea0d07628d3 - stable/13 - ctl_report_supported_opcodes: Handle invalid requested service action List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 1ea0d07628d3927304f5d684eb2c153aeaf925d4 Auto-Submitted: auto-generated The branch stable/13 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=1ea0d07628d3927304f5d684eb2c153aeaf925d4 commit 1ea0d07628d3927304f5d684eb2c153aeaf925d4 Author: John Baldwin AuthorDate: 2024-10-21 14:53:48 +0000 Commit: John Baldwin CommitDate: 2024-11-30 21:38:48 +0000 ctl_report_supported_opcodes: Handle invalid requested service action Service actions are only valid up to 31 as they are encoded in the low 5 bits of byte 1 in CDBs. Fail requests with a requested service action of 32 or higher with an INVALID FIELD IN COMMAND specifying byte 4 as the illegal byte. Reviewed by: asomers Differential Revision: https://reviews.freebsd.org/D46611 (cherry picked from commit 0e3a211961014e0991a54f583b2866ac19ed0e76) --- sys/cam/ctl/ctl.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/sys/cam/ctl/ctl.c b/sys/cam/ctl/ctl.c index 02feb19cd8f0..6a782b79fa7c 100644 --- a/sys/cam/ctl/ctl.c +++ b/sys/cam/ctl/ctl.c @@ -7498,16 +7498,20 @@ ctl_report_supported_opcodes(struct ctl_scsiio *ctsio) total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; break; case RSO_OPTIONS_OC_SA: - if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) == 0 || - service_action >= 32) { + if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) == 0) { goto invalid_options; } - total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; - break; + /* FALLTHROUGH */ case RSO_OPTIONS_OC_ASA: - if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) != 0 && - service_action >= 32) { - goto invalid_options; + if (service_action >= 32) { + ctl_set_invalid_field(/*ctsio*/ ctsio, + /*sks_valid*/ 1, + /*command*/ 1, + /*field*/ 4, + /*bit_valid*/ 0, + /*bit*/ 0); + ctl_done((union ctl_io *)ctsio); + return (CTL_RETVAL_COMPLETE); } total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; break;