bsg: Check queue type before attaching to a queue Since BSG only supports request queues for which struct scsi_request is the first member of their private request data, refuse to register block layer queues for which struct scsi_request is not the first member of their private data. References: commit bd1599d931ca ("scsi_transport_sas: fix BSG ioctl memory corruption") References: commit 82ed4db499b8 ("block: split scsi_request out of struct request") Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Reviewed-by: Hannes Reinecke <hare@suse.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Cc: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>

commit: d9f972644606ecc2581390b43cb5a980b54c04bf [log] [tgz]
author: Bart Van Assche <bart.vanassche@sandisk.com> Wed May 31 14:43:47 2017 -0700
committer: Jens Axboe <axboe@fb.com> Thu Jun 01 13:10:41 2017 -0600
tree: d3d18ca37ba991b198665560eae8d24cfbacc949
parent: 9efc160f4bbd69b17b48edec53067537d04e62b7 [diff] [blame]
diff --git a/block/bsg.c b/block/bsg.c
index 6fd0854..40db8ff 100644
--- a/block/bsg.c
+++ b/block/bsg.c

@@ -750,6 +750,12 @@
 #ifdef BSG_DEBUG
 	unsigned char buf[32];
 #endif
+
+	if (!blk_queue_scsi_passthrough(rq)) {
+		WARN_ONCE(true, "Attempt to register a non-SCSI queue\n");
+		return ERR_PTR(-EINVAL);
+	}
+
 	if (!blk_get_queue(rq))
 		return ERR_PTR(-ENXIO);
commit	d9f972644606ecc2581390b43cb5a980b54c04bf	[log] [tgz]
author	Bart Van Assche <bart.vanassche@sandisk.com>	Wed May 31 14:43:47 2017 -0700
committer	Jens Axboe <axboe@fb.com>	Thu Jun 01 13:10:41 2017 -0600
tree	d3d18ca37ba991b198665560eae8d24cfbacc949
parent	9efc160f4bbd69b17b48edec53067537d04e62b7 [diff] [blame]