Received: by 10.192.165.148 with SMTP id m20csp3658322imm;
        Mon, 30 Apr 2018 04:16:52 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZrGsWcwRguKadQoBa7VY5fzOe22NrnHGqTe33gk7HMdT+VCN6Jzk5RshxbDQ0ubKnQIKz4Y
X-Received: by 2002:a65:6592:: with SMTP id u18-v6mr2081406pgv.366.1525087012740;
        Mon, 30 Apr 2018 04:16:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1525087012; cv=none;
        d=google.com; s=arc-20160816;
        b=IF+8C4fw7hEE2985yobboJc5GpWPKUbq+u7uY0IHdR/XGuF54fyJrmouvpOoOSGcuH
         cAuJy4JSZcto4XhKX46sD1g0KG/IUfdNEZPEDvVhV7iBcqRgnO4iPWxyOwdGLDBiHyfb
         7ER5TZ/W2lEftaQbSwRhhbL6cRAmjFEJRBldedn7wA8kRR1QncHsOwjxQAYZILT2DSIi
         kZZqXf0eV7yNGiI4UybYAqG4FTcnXA5SnD4euEcF3SwtWhY634j2HtejoDi18ZaSLw30
         dYgwj40xkeMceaod0g5Yyu+N8hIFv8tcxdpMsMAD6+irGrMA0N6MM1lGTrAmnMRUWvK6
         +UCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=9CTFmUZ0ZlBaa7eU+0iXHnYQJgiID6jWHHFTn8WrxI0=;
        b=pOjdnVmJXZkMzQk/Wot70Z8jQ3/SFGGWCk3JrMhOpidlv/t9vE1uhTmouYBj1mO8CT
         DFIFuMsnjZXxSNsC65tC2b98nuXpyPs4RzJSy3YFs/5Ue/fJ2+FMoJrCEr25jY5S8IH0
         oj8TRJ8wA5/S4GaKJ2lkqf2qyiEDe6Xl1tBpvXnZLlG/WuJoTuSyYOs8CEjlvt35yIvP
         TAnSY90sTzONbryw+L+j90iq9wca4ZpNWKt1LfQCs8CJsAnMKR617sfiTw3hgMaAW8RI
         xPUu/D9kyDnuQ37EHAwMwsQQgeCuaRBhzGc/bZwrK36Aj3snMAwJmrNHSLdD/NRT8OhV
         MptQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=rfa0VTaL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q62-v6si5961575pgq.297.2018.04.30.04.16.38;
        Mon, 30 Apr 2018 04:16:52 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=rfa0VTaL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753059AbeD3LQX (ORCPT <rfc822;zcyberian@gmail.com> + 99 others);
        Mon, 30 Apr 2018 07:16:23 -0400
Received: from userp2120.oracle.com ([156.151.31.85]:47088 "EHLO
        userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751822AbeD3LQW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 30 Apr 2018 07:16:22 -0400
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1])
        by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w3UB6TQj131358;
        Mon, 30 Apr 2018 11:15:51 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=corp-2017-10-26;
 bh=9CTFmUZ0ZlBaa7eU+0iXHnYQJgiID6jWHHFTn8WrxI0=;
 b=rfa0VTaLe2CmND00HwCF7roEP4vxEYl2tkWqIdh0nRxOVW810H0x5VCHQX9toNGYHS/Z
 cj4ss1c27WR8xt85eaGtKVPpB0QLnucUidQwzFwyLSgAtWmVsBQjWQJvX6VTP4xKCKnV
 ZjJYLxnODLq+8Y41X3T/h3biKfkq7YDp90ebyZuun/qAzMS3Bc+G7KKC3uE0mCYm4IJO
 uBhwksVeWjnXOXDBFi6WB6zpcCd50UM3rR1ZDMdQkJ4jH9j8oa8Vkzo0UILZBE9QSKgZ
 3tuJtCZpwVvzbCVzoPQZ2W58JYDssjeDnPJHx4qcQXGS6HZjvqOqyMP3sTIbCEgZL27v Tg== 
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
        by userp2120.oracle.com with ESMTP id 2hmhmfbkta-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 30 Apr 2018 11:15:51 +0000
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w3UBFpKe030554
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 30 Apr 2018 11:15:51 GMT
Received: from abhmp0003.oracle.com (abhmp0003.oracle.com [141.146.116.9])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w3UBFmIe023631;
        Mon, 30 Apr 2018 11:15:49 GMT
Received: from mwanda (/197.254.35.146)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 30 Apr 2018 04:15:48 -0700
Date:   Mon, 30 Apr 2018 14:15:35 +0300
From:   Dan Carpenter <dan.carpenter@oracle.com>
To:     Wenwen Wang <wang6495@umn.edu>
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "devel@driverdev.osuosl.org" <devel@driverdev.osuosl.org>,
        Aastha Gupta <aastha.gupta4104@gmail.com>,
        "Dilger, Andreas" <andreas.dilger@intel.com>,
        Jeff Layton <jlayton@redhat.com>,
        "Drokin, Oleg" <oleg.drokin@intel.com>,
        "kjlu@umn.edu" <kjlu@umn.edu>, NeilBrown <neilb@suse.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Ben Evans <bevans@cray.com>,
        "lustre-devel@lists.lustre.org" <lustre-devel@lists.lustre.org>
Subject: Re: [PATCH] staging: luster: llite: fix a potential missing-check
 bug when copying lumv
Message-ID: <20180430111535.gnycdzkok7cgi3ue@mwanda>
References: <1524872704-13391-1-git-send-email-wang6495@umn.edu>
 <8E6ADED8-592E-4794-8CAB-913A325B1971@intel.com>
 <20180429132058.GB5972@kroah.com>
 <CAAa=b7dPWAsqfQOWzvecHqAHYuhA63_+ya6nOMdPQ7ZaL6JB9w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAAa=b7dPWAsqfQOWzvecHqAHYuhA63_+ya6nOMdPQ7ZaL6JB9w@mail.gmail.com>
User-Agent: NeoMutt/20170609 (1.8.3)
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8878 signatures=668698
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=583
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1804300110
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Apr 29, 2018 at 03:58:55PM -0500, Wenwen Wang wrote:
> It is worth fixing this bug, since it offers an opportunity for adversaries
> to provide inconsistent user data. In addition to the unwanted version
> LOV_USER_MAGIC_V1, a malicious user can also use the version
> LMV_USER_MAGIC, which is also unexpected but allowed in the function
> ll_dir_setstripe(). These inconsistent data can cause potential logical
> errors in the following execution. Hence it is necessary to re-verify the
> data copied from userspace.
> 

This change doesn't really prevent any bugs in current kernels since
LMV_USER_MAGIC is the same thing as LOV_USER_MAGIC_V1 and the users are
allowed to use LOV_USER_MAGIC_V1 if they want.

But we should probably verify it just to make the code easier to read
and because there are static analysis tools which will warn about read
verify re-read type bugs.

regards,
dan carpenter