| Message ID | 20180921070101.9260-1-jthumshirn@suse.de (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [v2] scsi: sd: don't crash the host on invalid commands | expand |
On 9/21/18 12:01 AM, Johannes Thumshirn wrote: > When sd_init_command() get's a with a unknown req_op() it crashes the > system via BUG(). > > This makes debugging the actual reason for the broken request > cmd_flags pretty hard as the system is down before it's able to write > out debugging data on the serial console or the trace buffer. > > Change the BUG() to a WARN_ON() and return BLKPREP_KILL to fail > gracefully and return an I/O error to the producer of the request. Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Johannes, > When sd_init_command() get's a with a unknown req_op() it crashes the > system via BUG(). > > This makes debugging the actual reason for the broken request > cmd_flags pretty hard as the system is down before it's able to write > out debugging data on the serial console or the trace buffer. > > Change the BUG() to a WARN_ON() and return BLKPREP_KILL to fail > gracefully and return an I/O error to the producer of the request. Looks like a bunch of my merge mails didn't make it out last week. For the record, I did merge this into 4.19/scsi-fixes and it has made its way upstream.
On Tue, Sep 25, 2018 at 08:52:58PM -0400, Martin K. Petersen wrote: > Looks like a bunch of my merge mails didn't make it out last week. > > For the record, I did merge this into 4.19/scsi-fixes and it has made > its way upstream. Thanks for the info. Byte, Johannes
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c index b79b366a94f7..f2e41f04e40b 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -1276,7 +1276,8 @@ static int sd_init_command(struct scsi_cmnd *cmd) case REQ_OP_ZONE_RESET: return sd_zbc_setup_reset_cmnd(cmd); default: - BUG(); + WARN_ON_ONCE(1); + return BLKPREP_KILL; } }