Created attachment 175746 [details] a workaround for the problem When G_GATE_CMD_START ioctl require some operations other than BIO_READ / BIO_WRITE, current implementation of ggatec sometimes stops working because it uses uninitialized hdr.gh_cmd variable confuses ggated. A patch try to solve this situation by returning EOPNOTSUPP, like ggatel does. Maybe BIO_FLUSH and BIO_DELETE should be supported on ggate protocol by assigning GGATE_CMD_FLUSH and GGATE_CMD_DELETE commands respectively, in the future.
Your patch inspired mine: https://reviews.freebsd.org/D31318
fixed with https://cgit.freebsd.org/src/commit/?id=91a8bed5a49eb2d1e4e096a4c68c108cebec8818
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=f5c6c43d4c3910d5f8d61c0fae4582d863baa066 commit f5c6c43d4c3910d5f8d61c0fae4582d863baa066 Author: Alan Somers <asomers@FreeBSD.org> AuthorDate: 2021-08-27 20:40:05 +0000 Commit: Alan Somers <asomers@FreeBSD.org> CommitDate: 2021-08-27 20:52:45 +0000 Add a regression test for ggatec remote code execution Tests that ggatec appropriately handles unsupported BIO operations, rather than overflowing a buffer. Submitted by: Johannes Bruelltuete <johannes@jo-t.de> PR: 213479 Reviewed by: asomers Differential Revision: https://reviews.freebsd.org/D31318 tests/sys/geom/class/gate/ggate_test.sh | 34 +++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+)