!33 高版本补丁合入-epoch2

From: @wenchao-hao
Reviewed-by: @liuzhiqiang26,@wubo009
Signed-off-by: @wubo009

0027-iscsid-Check-Invalid-Session-id-for-stop-connection.patch

@@ -0,0 +1,64 @@
+From 9ac758cc472d991d7eaa9a1da17279cbbdbc7ebf Mon Sep 17 00:00:00 2001
+From: gulams <64251312+gulams@users.noreply.github.com>
+Date: Thu, 3 Sep 2020 21:28:52 +0530
+Subject: [PATCH 5/8] iscsid: Check Invalid Session id for stop connection
+
+Description:
+If the initiator is rebooting then after the reboot, it will try to
+resync (recreate) the existing the connections by reading the sysfs.
+While initiator is doing this, i.e when the initiator tries to connect
+to the target but if the target service is not yet started, then the
+initiator connection will fail. The session id is also not yet assigned
+and it will be at its initial value 0xFFFFFFFF which is invalid. The
+session id is assigned a valid value only after a successful connection.
+Since the connection is failed, the initiator code will queue the
+connection for re-open. The connection state is still at
+ISCSI_CONN_STATE_XPT_WAIT as its very first login attemp after the
+reboot.
+Due to my Pull #206 request the code will invoke the stop connection to
+decrement the socket_fd reference count to properly close the connecion
+(details are in pull request #206). But since the session id is not
+valid, the stop connection will fail and the code will go ahead and
+queue the re-open without attempting the connect again. This is repeated
+till 120 seconds (stop connection failing and requeuing the reopen
+without invoking connect) and the connection will be shutdown resulting
+the storage unavailable.
+
+Fix:
+We need to check the validity of the session id before calling the stop
+connection. If the session id is valid then only invoke the stop
+connection. Due to this, the code will go ahead and attempt the connet
+call. If the target service comes up anytime in 120 seconds, then the
+connect will be successful and we will get connected to the target.
+---
+ usr/initiator.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/usr/initiator.c b/usr/initiator.c
+index 5f4bdca..684647c 100644
+--- a/usr/initiator.c
++++ b/usr/initiator.c
+@@ -692,6 +692,7 @@ static void iscsi_login_eh(struct iscsi_conn *conn, struct queue_task *qtask,
+ 			   int err)
+ {
+ 	struct iscsi_session *session = conn->session;
++	int stop_flag = 0;
+ 
+ 	log_debug(3, "iscsi_login_eh");
+ 	/*
+@@ -711,7 +712,11 @@ static void iscsi_login_eh(struct iscsi_conn *conn, struct queue_task *qtask,
+ 			    !iscsi_retry_initial_login(conn))
+ 				session_conn_shutdown(conn, qtask, err);
+ 			else {
+-				session_conn_reopen(conn, qtask, STOP_CONN_TERM);
++				stop_flag = (session->id < INVALID_SESSION_ID) ? STOP_CONN_TERM : 0;
++				log_debug(6, "connection %p socket_fd: %d, "
++					  "session id: %d stop_flag: %d\n",
++					  conn, conn->socket_fd, session->id, stop_flag);
++				session_conn_reopen(conn, qtask, stop_flag);
+ 			}
+ 			break;
+ 		case R_STAGE_SESSION_REDIRECT:
+-- 
+1.8.3.1
+

0028-iscsiadm-buffer-overflow-regression-when-discovering.patch

@@ -0,0 +1,28 @@
+From 0c032f5f4f826199868099f0af10c4a913209573 Mon Sep 17 00:00:00 2001
+From: Chris Leech <cleech@redhat.com>
+Date: Mon, 14 Sep 2020 14:09:56 -0700
+Subject: [PATCH 6/8] iscsiadm buffer overflow regression when discovering many
+ targets at once
+
+int_list type didn't zero the output string, so as the rec struct was reused
+repeatedly during discovery it would keep growing with repeated values
+triggering a strcat buffer overflow
+---
+ usr/idbm.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/usr/idbm.c b/usr/idbm.c
+index 6309be0..42c2699 100644
+--- a/usr/idbm.c
++++ b/usr/idbm.c
+@@ -169,6 +169,7 @@ static struct idbm *db;
+ #define __recinfo_int_list(_key,_info,_rec,_name,_show,_tbl,_n,_mod) do { \
+ 	_info[_n].type = TYPE_INT_LIST; \
+ 	strlcpy(_info[_n].name, _key, NAME_MAXVAL); \
++	_info[_n].value[0] = '\0'; \
+ 	for (unsigned long _i = 0; _i < ARRAY_LEN(_rec->_name); _i++) {	\
+ 		if (_rec->_name[_i] != (unsigned)~0) {			\
+ 			for (unsigned long _j = 0; _j < ARRAY_LEN(_tbl); _j++) {	\
+-- 
+1.8.3.1
+

open-iscsi.spec

@@ -4,7 +4,7 @@
 
 Name:    open-iscsi
 Version: 2.1.1
-Release: 3
+Release: 4
 Summary: ISCSI software initiator daemon and utility programs
 License: GPLv2+ and BSD
 URL:     http://www.open-iscsi.org
@@ -35,6 +35,8 @@ Patch23: 0023-Proper-disconnect-of-TCP-connection.patch
 Patch24: 0024-Add-iscsi-init.service.patch
 Patch25: 0025-Fix-issue-with-zero-length-arrays-at-end-of-struct.patch
 Patch26: 0026-Fix-a-compiler-complaint-about-writing-one-byte.patch
+Patch27: 0027-iscsid-Check-Invalid-Session-id-for-stop-connection.patch
+Patch28: 0028-iscsiadm-buffer-overflow-regression-when-discovering.patch
 
 BuildRequires: flex bison doxygen kmod-devel systemd-units gcc git isns-utils-devel systemd-devel
 BuildRequires: autoconf automake libtool libmount-devel openssl-devel pkg-config gdb
@@ -167,6 +169,11 @@ fi
 %{_mandir}/man8/*
 
 %changelog
+* Thu Nov 12 2020 haowenchao <haowenchao@huawei.com> - 2.1.1-4
+- backport patches from epoch2 including following changes:
+  get_random_bytes is replaced by RAND_bytes so it is removed
+  fix buffer overflow when discovering
+
 * Sat Oct 31 2020 haowenchao <haowenchao@huawei.com> - 2.1.1-3
 - backport patches from epoch1