Received: by 10.192.165.148 with SMTP id m20csp4689935imm;
        Tue, 1 May 2018 01:47:39 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZoDLRlKG8hJAiqMsEHdVma9jK+vMakOBcYRde9i/OV4q3R5fjrRjig8URzvOrtBtzSGl8Dq
X-Received: by 2002:a63:3f06:: with SMTP id m6-v6mr12632178pga.340.1525164459143;
        Tue, 01 May 2018 01:47:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1525164459; cv=none;
        d=google.com; s=arc-20160816;
        b=uxJeMXonYQjEnUHnZpMUmuCg6TaJCVZ72bRGW8jfluYDUzkXmxtvSh6oKxI6g6PWd9
         z1cma5H4cz2q8GE6oGVUjIbH3K3YdS6vGIlaKtOUlcH7XhpPEIYFHujqN/YALAo3tlmn
         KG0q3l1GOrwMBFEtytJxj/yquoOVGsz5nYxZvmUiNZ1ajRcArIJpGU8MuZc8Fk5LsYPn
         GvZiMbYnMX8QAHxwZED39brFM/mN3rD2MrzL1WvblssNGCxW5tw9dh+OgWk/RytpIebp
         P+igH5r5A7GLGCpqjb+MNS/ccui9VKJhT0eQBtrB3ivICWEeMDu85azGXiixLTdjM3AT
         kShw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=Uz/Qf7l+ldJNx3bHqbJzxw0JPeiz1im15lsxcp89zmQ=;
        b=eKBeQMB3ObPyhLJe3niewnHsm+zTnzytm2qnkXkBfB4n9fDnKHK5zm14/BSzxKx8x8
         TKsZSMXwsULLyMXCC6msorPWV+Y7SrEqciPXy7v14sB/BBfi5cRjD572YnBLZ3YM9Y0z
         XvZZrWU7rD50ywlL2zKNsbsMwnH7rS6Li5iffnEVCBBcLmtyPfUBjN5vkP3eu6iLxxw0
         eWEzRzKf7NSOKxJWuyvcBBUVEilueIcxwpJieqlcSwQMXC2cUyuSFwPTK8CmogTc4fW4
         Pc20fWrkR1w6cV8GMIH+upABnvi1urTrEM7gkVkBhgDnDIGoFGcnJFZeY8yTaybXF+m2
         +ooQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=d8+izKw+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y64si9601013pfj.239.2018.05.01.01.47.24;
        Tue, 01 May 2018 01:47:39 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=d8+izKw+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752447AbeEAIrF (ORCPT <rfc822;chaneybenjamini@gmail.com>
        + 99 others); Tue, 1 May 2018 04:47:05 -0400
Received: from aserp2130.oracle.com ([141.146.126.79]:56522 "EHLO
        aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751090AbeEAIrD (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 1 May 2018 04:47:03 -0400
Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1])
        by aserp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w418kYFP103918;
        Tue, 1 May 2018 08:46:34 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=corp-2017-10-26;
 bh=Uz/Qf7l+ldJNx3bHqbJzxw0JPeiz1im15lsxcp89zmQ=;
 b=d8+izKw+huovaiyAHK7oVzaYaTUQjAM4+5fwdxKFMfa/O14qGEClQg3f5CXH2P2wPd2u
 6y49l1sq1XJrvlCtrV3JH++7ws9PGJ6LDx7VrmLkItC/UZVXqh9lydcmDkcnlTsQLqGy
 4Nxn5beuZsH8Z+nXceemnWhTGry3cE/5fxzOTTK1nDUuiJQY8LO338icvdqPsUqt4lpO
 q0Fmfp+V95cB+b6ZGp46AqKYatUfnKPGGfZUcsLJS8gQT8c9i3bg5vipMUeztSFfHa/1
 pUjf/FUo6HmkXnx/atLzefh6OPc6hAyD8IZ+X4Nch7FxVj33NMCAUtuTcZCGG7KUDuSb zA== 
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
        by aserp2130.oracle.com with ESMTP id 2hmeg5q2kk-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 01 May 2018 08:46:34 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235])
        by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w418kV0a011864
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 1 May 2018 08:46:32 GMT
Received: from abhmp0018.oracle.com (abhmp0018.oracle.com [141.146.116.24])
        by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w418kUYe003471;
        Tue, 1 May 2018 08:46:30 GMT
Received: from mwanda (/197.254.35.146)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Tue, 01 May 2018 01:46:30 -0700
Date:   Tue, 1 May 2018 11:46:21 +0300
From:   Dan Carpenter <dan.carpenter@oracle.com>
To:     Wenwen Wang <wang6495@umn.edu>
Cc:     "open list:STAGING SUBSYSTEM" <devel@driverdev.osuosl.org>,
        Aastha Gupta <aastha.gupta4104@gmail.com>,
        Roman Storozhenko <romeusmeister@gmail.com>,
        Andreas Dilger <andreas.dilger@intel.com>,
        Jeff Layton <jlayton@redhat.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Kangjie Lu <kjlu@umn.edu>, NeilBrown <neilb@suse.com>,
        open list <linux-kernel@vger.kernel.org>,
        Oleg Drokin <oleg.drokin@intel.com>,
        "moderated list:STAGING - LUSTRE PARALLEL FILESYSTEM" 
        <lustre-devel@lists.lustre.org>
Subject: Re: [PATCH v2] staging: lustre: llite: fix potential missing-check
 bug when copying lumv
Message-ID: <20180501084621.jfxrm3qoqfmftnxh@mwanda>
References: <1525128971-8946-1-git-send-email-wang6495@umn.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1525128971-8946-1-git-send-email-wang6495@umn.edu>
User-Agent: NeoMutt/20170609 (1.8.3)
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8879 signatures=668698
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=758
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1805010090
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Apr 30, 2018 at 05:56:10PM -0500, Wenwen Wang wrote:
> However, given that the user data resides in the user space, a malicious
> user-space process can race to change the data between the two copies. By
> doing so, the attacker can provide a data with an inconsistent version,
> e.g., v1 version + v3 data. This can lead to logical errors in the
> following execution in ll_dir_setstripe(), which performs different actions
> according to the version specified by the field lmm_magic.

This part is misleading.  The fix is to improve readability and make
static checkers happy.  You're over dramatizing it to make people think
it has a security impact when it doesn't.

If the user wants to specify v1 data they can just say that on the first
read.  They don't need to do funny tricks and race between the two
reads.  It's allowed.

In other words this allows the user to do something in a very
complicated way which they are already allowed to do in a very simple
straight forward way.

regards,
dan carpenter