Support for markers is currently broken because of a bug in
iscsi_enforce_integrity_rules(): the "IFMarkInt_Reject" and
"OFMarkInt_Reject" variables are always equal to 1 in
iscsi_enforce_integrity_rules().
Moreover, fixed interval markers keys (IFMarker, OFMarker, IFMarkInt
and OFMarkInt) are obsolete according to iSCSI RFC 7143:
>From http://tools.ietf.org/html/rfc7143#section-13.25:
13.25. Obsoleted Keys
This document obsoletes the following keys defined in [RFC3720]:
IFMarker, OFMarker, OFMarkInt, and IFMarkInt. However, iSCSI
implementations compliant to this document may still receive these
obsoleted keys -- i.e., in a responder role -- in a text negotiation.
When an IFMarker or OFMarker key is received, a compliant iSCSI
implementation SHOULD respond with the constant "Reject" value. The
implementation MAY alternatively respond with a "No" value.
However, the implementation MUST NOT respond with a "NotUnderstood"
value for either of these keys.
When an IFMarkInt or OFMarkInt key is received, a compliant iSCSI
implementation MUST respond with the constant "Reject" value. The
implementation MUST NOT respond with a "NotUnderstood" value for
either of these keys.
This patch disables markers by turning the corresponding parameters to
read-only. The default value of IFMarker and OFMarker remains "No" but
the user cannot change it to "Yes" anymore. The new value of IFMarkInt
and OFMarkInt is "Reject".
(Drop left-over iscsi_get_value_from_number_range + make configfs
parameters attrs R/W nops - nab)
Signed-off-by: Christophe Vu-Brugier <cvubrugier@fastmail.fm>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
If a key was larger than 64 bytes, as checked by iscsi_check_key(), the
error response packet, generated by iscsi_add_notunderstood_response(),
would still attempt to copy the entire key into the packet, overflowing
the structure on the heap.
Remote preauthentication kernel memory corruption was possible if a
target was configured and listening on the network.
CVE-2013-2850
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This patch adds RDMAExtensions, InitiatorRecvDataSegmentLength and
TargetRecvDataSegmentLength parameters keys necessary for iser-target
login to occur.
This includes setting the necessary parameters during login path
code within iscsi_login_zero_tsih_s2(), and currently PAGE_SIZE
aligning the target's advertised MRDSL for immediate data and
unsolicited data-out incoming payloads.
v3 changes:
- Add iscsi_post_login_start_timers FIXME for ISER
v2 changes:
- Fix RDMAExtentions -> RDMAExtensions typo (andy)
- Drop unnecessary '== true' conditional checks for type bool
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This patch activates MaxXmitDataSegmentLength usage that performs the
following sequence of events:
- Once the incoming initiator's MAXRECVDATASEGMENTLENGTH key is detected
within iscsi_check_acceptor_state(), save the requested MRDSL into
conn->conn_ops->MaxRecvDataSegmentLength
- Next change the outgoing target's MaxRecvDataSegmenthLength key=value
based upon the local TPG's MaxXmitDataSegmentLength attribute value.
- Change iscsi_set_connection_parameters() to skip the assignment of
conn->conn_ops->MaxRecvDataSegmentLength, now setup within
iscsi_check_acceptor_state()
Also update iscsi_decode_text_input() -> iscsi_check_acceptor_state()
code-path to accept struct iscsi_conn *.
Cc: Mike Christie <michaelc@cs.wisc.edu>
Cc: Andy Grover <agrover@redhat.com>
Cc: Hannes Reinecke <hare@suse.de>
Cc: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This patch introduces a new per connection MaxXmitDataSegmentLength
parameter value used to represent the outgoing MaxRecvDataSegmentLength
that is actually sent over the wire during iSCSI login response back
to the initiator side.
It also adds a new MaxXmitDataSegmentLength configfs attribute to
represent this value within the existing TPG parameter group under
/sys/kernel/config/target/iscsi/$TARGETNAME/$TPGT/param/
Cc: Mike Christie <michaelc@cs.wisc.edu>
Cc: Andy Grover <agrover@redhat.com>
Cc: Hannes Reinecke <hare@suse.de>
Cc: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
The Linux-iSCSI.org target module is a full featured in-kernel
software implementation of iSCSI target mode (RFC-3720) for the
current WIP mainline target v4.1 infrastructure code for the v3.1
kernel. More information can be found here:
http://linux-iscsi.org/wiki/ISCSI
This includes support for:
* RFC-3720 defined request / response state machines and support for
all defined iSCSI operation codes from Section 10.2.1.2 using libiscsi
include/scsi/iscsi_proto.h PDU definitions
* Target v4.1 compatible control plane using the generic layout in
target_core_fabric_configfs.c and fabric dependent attributes
within /sys/kernel/config/target/iscsi/ subdirectories.
* Target v4.1 compatible iSCSI statistics based on RFC-4544 (iSCSI MIBS)
* Support for IPv6 and IPv4 network portals in M:N mapping to TPGs
* iSCSI Error Recovery Hierarchy support
* Per iSCSI connection RX/TX thread pair scheduling affinity
* crc32c + crc32c_intel SSEv4 instruction offload support using libcrypto
* CHAP Authentication support using libcrypto
* Conversion to use internal SGl allocation with iscsit_alloc_buffs() ->
transport_generic_map_mem_to_cmd()
(nab: Fix iscsi_proto.h struct scsi_lun usage from linux-next in commit:
iscsi: Use struct scsi_lun in iscsi structs instead of u8[8])
(nab: Fix 32-bit compile warnings)
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Andy Grover <agrover@redhat.com>
Acked-by: Roland Dreier <roland@kernel.org>
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org>