diff options
| author | David Disseldorp <ddiss@suse.de> | 2020-11-03 02:21:58 +0100 |
|---|---|---|
| committer | Martin K. Petersen <martin.petersen@oracle.com> | 2021-01-11 23:06:48 +0100 |
| commit | 2896c93811e39d63a4d9b63ccf12a8fbc226e5e4 (patch) | |
| tree | cd8db4e327c6d581eada6b15661345939bc654bf /drivers/target/target_core_xcopy.h | |
| parent | Linux 5.11-rc2 (diff) | |
| download | linux-2896c93811e39d63a4d9b63ccf12a8fbc226e5e4.tar.xz linux-2896c93811e39d63a4d9b63ccf12a8fbc226e5e4.zip | |
scsi: target: Fix XCOPY NAA identifier lookup
When attempting to match EXTENDED COPY CSCD descriptors with corresponding
se_devices, target_xcopy_locate_se_dev_e4() currently iterates over LIO's
global devices list which includes all configured backstores.
This change ensures that only initiator-accessible backstores are
considered during CSCD descriptor lookup, according to the session's
se_node_acl LUN list.
To avoid LUN removal race conditions, device pinning is changed from being
configfs based to instead using the se_node_acl lun_ref.
Reference: CVE-2020-28374
Fixes: cbf031f425fd ("target: Add support for EXTENDED_COPY copy offload emulation")
Reviewed-by: Lee Duncan <lduncan@suse.com>
Signed-off-by: David Disseldorp <ddiss@suse.de>
Signed-off-by: Mike Christie <michael.christie@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Diffstat (limited to 'drivers/target/target_core_xcopy.h')
| -rw-r--r-- | drivers/target/target_core_xcopy.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/target/target_core_xcopy.h b/drivers/target/target_core_xcopy.h index c56a1bde9417..e5f20005179a 100644 --- a/drivers/target/target_core_xcopy.h +++ b/drivers/target/target_core_xcopy.h @@ -27,6 +27,7 @@ struct xcopy_op { struct se_device *dst_dev; unsigned char dst_tid_wwn[XCOPY_NAA_IEEE_REGEX_LEN]; unsigned char local_dev_wwn[XCOPY_NAA_IEEE_REGEX_LEN]; + struct percpu_ref *remote_lun_ref; sector_t src_lba; sector_t dst_lba; |