Message ID | 20230117193937.21244-1-michael.christie@oracle.com |
---|---|
Headers | show |
Series | scsi: iscsi: host ipaddress UAF fixes | expand |
On 2023/1/18 3:39, Mike Christie wrote: > The following patches made apply over Martin's or Linus's trees. They > fix 2 use after free bugs caused by iscsi_tcp using the session's socket > to export the local IP address on the iscsi host to emulate the host's > local IP address. > > Note that the naming is not great because the libiscsi session removal > and freeing functions are close to the iSCSI class's names. That will be > fixed in a separate patch for the 6.3 or 6.4 kernel (depending on when > this is merged) because it was a pretty big change fix up all the naming. > > v2: > - Fix bug reproducer example in git commit message. > It looks good to me. Thanks for your work on this.
On 1/17/23 11:39, Mike Christie wrote: > The following patches made apply over Martin's or Linus's trees. They > fix 2 use after free bugs caused by iscsi_tcp using the session's socket > to export the local IP address on the iscsi host to emulate the host's > local IP address. > > Note that the naming is not great because the libiscsi session removal > and freeing functions are close to the iSCSI class's names. That will be > fixed in a separate patch for the 6.3 or 6.4 kernel (depending on when > this is merged) because it was a pretty big change fix up all the naming. > > v2: > - Fix bug reproducer example in git commit message. > > > Both patches look good to me. Reviewed-by: Lee Duncan <lduncan@suse.com>
Mike, > The following patches made apply over Martin's or Linus's trees. They > fix 2 use after free bugs caused by iscsi_tcp using the session's socket > to export the local IP address on the iscsi host to emulate the host's > local IP address. > > Note that the naming is not great because the libiscsi session removal > and freeing functions are close to the iSCSI class's names. That will be > fixed in a separate patch for the 6.3 or 6.4 kernel (depending on when > this is merged) because it was a pretty big change fix up all the naming. Applied to 6.2/scsi-fixes, thanks!