Received: by 10.192.165.148 with SMTP id m20csp4689935imm; Tue, 1 May 2018 01:47:39 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoDLRlKG8hJAiqMsEHdVma9jK+vMakOBcYRde9i/OV4q3R5fjrRjig8URzvOrtBtzSGl8Dq X-Received: by 2002:a63:3f06:: with SMTP id m6-v6mr12632178pga.340.1525164459143; Tue, 01 May 2018 01:47:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525164459; cv=none; d=google.com; s=arc-20160816; b=uxJeMXonYQjEnUHnZpMUmuCg6TaJCVZ72bRGW8jfluYDUzkXmxtvSh6oKxI6g6PWd9 z1cma5H4cz2q8GE6oGVUjIbH3K3YdS6vGIlaKtOUlcH7XhpPEIYFHujqN/YALAo3tlmn KG0q3l1GOrwMBFEtytJxj/yquoOVGsz5nYxZvmUiNZ1ajRcArIJpGU8MuZc8Fk5LsYPn GvZiMbYnMX8QAHxwZED39brFM/mN3rD2MrzL1WvblssNGCxW5tw9dh+OgWk/RytpIebp P+igH5r5A7GLGCpqjb+MNS/ccui9VKJhT0eQBtrB3ivICWEeMDu85azGXiixLTdjM3AT kShw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=Uz/Qf7l+ldJNx3bHqbJzxw0JPeiz1im15lsxcp89zmQ=; b=eKBeQMB3ObPyhLJe3niewnHsm+zTnzytm2qnkXkBfB4n9fDnKHK5zm14/BSzxKx8x8 TKsZSMXwsULLyMXCC6msorPWV+Y7SrEqciPXy7v14sB/BBfi5cRjD572YnBLZ3YM9Y0z XvZZrWU7rD50ywlL2zKNsbsMwnH7rS6Li5iffnEVCBBcLmtyPfUBjN5vkP3eu6iLxxw0 eWEzRzKf7NSOKxJWuyvcBBUVEilueIcxwpJieqlcSwQMXC2cUyuSFwPTK8CmogTc4fW4 Pc20fWrkR1w6cV8GMIH+upABnvi1urTrEM7gkVkBhgDnDIGoFGcnJFZeY8yTaybXF+m2 +ooQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=d8+izKw+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y64si9601013pfj.239.2018.05.01.01.47.24; Tue, 01 May 2018 01:47:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=d8+izKw+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752447AbeEAIrF (ORCPT + 99 others); Tue, 1 May 2018 04:47:05 -0400 Received: from aserp2130.oracle.com ([141.146.126.79]:56522 "EHLO aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751090AbeEAIrD (ORCPT ); Tue, 1 May 2018 04:47:03 -0400 Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w418kYFP103918; Tue, 1 May 2018 08:46:34 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2017-10-26; bh=Uz/Qf7l+ldJNx3bHqbJzxw0JPeiz1im15lsxcp89zmQ=; b=d8+izKw+huovaiyAHK7oVzaYaTUQjAM4+5fwdxKFMfa/O14qGEClQg3f5CXH2P2wPd2u 6y49l1sq1XJrvlCtrV3JH++7ws9PGJ6LDx7VrmLkItC/UZVXqh9lydcmDkcnlTsQLqGy 4Nxn5beuZsH8Z+nXceemnWhTGry3cE/5fxzOTTK1nDUuiJQY8LO338icvdqPsUqt4lpO q0Fmfp+V95cB+b6ZGp46AqKYatUfnKPGGfZUcsLJS8gQT8c9i3bg5vipMUeztSFfHa/1 pUjf/FUo6HmkXnx/atLzefh6OPc6hAyD8IZ+X4Nch7FxVj33NMCAUtuTcZCGG7KUDuSb zA== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2130.oracle.com with ESMTP id 2hmeg5q2kk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 01 May 2018 08:46:34 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w418kV0a011864 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 1 May 2018 08:46:32 GMT Received: from abhmp0018.oracle.com (abhmp0018.oracle.com [141.146.116.24]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w418kUYe003471; Tue, 1 May 2018 08:46:30 GMT Received: from mwanda (/197.254.35.146) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 01 May 2018 01:46:30 -0700 Date: Tue, 1 May 2018 11:46:21 +0300 From: Dan Carpenter To: Wenwen Wang Cc: "open list:STAGING SUBSYSTEM" , Aastha Gupta , Roman Storozhenko , Andreas Dilger , Jeff Layton , Greg Kroah-Hartman , Kangjie Lu , NeilBrown , open list , Oleg Drokin , "moderated list:STAGING - LUSTRE PARALLEL FILESYSTEM" Subject: Re: [PATCH v2] staging: lustre: llite: fix potential missing-check bug when copying lumv Message-ID: <20180501084621.jfxrm3qoqfmftnxh@mwanda> References: <1525128971-8946-1-git-send-email-wang6495@umn.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1525128971-8946-1-git-send-email-wang6495@umn.edu> User-Agent: NeoMutt/20170609 (1.8.3) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8879 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=758 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805010090 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 30, 2018 at 05:56:10PM -0500, Wenwen Wang wrote: > However, given that the user data resides in the user space, a malicious > user-space process can race to change the data between the two copies. By > doing so, the attacker can provide a data with an inconsistent version, > e.g., v1 version + v3 data. This can lead to logical errors in the > following execution in ll_dir_setstripe(), which performs different actions > according to the version specified by the field lmm_magic. This part is misleading. The fix is to improve readability and make static checkers happy. You're over dramatizing it to make people think it has a security impact when it doesn't. If the user wants to specify v1 data they can just say that on the first read. They don't need to do funny tricks and race between the two reads. It's allowed. In other words this allows the user to do something in a very complicated way which they are already allowed to do in a very simple straight forward way. regards, dan carpenter