Received: by 10.192.165.148 with SMTP id m20csp371649imm; Thu, 3 May 2018 22:36:04 -0700 (PDT) X-Google-Smtp-Source: AB8JxZorWoo8nTl1lt9LWKnX6ldOsNyOa76/PkfaQKHBV1Zh0quld9S5bTOQn/ozk1Km1fCe95P+ X-Received: by 2002:a17:902:bc49:: with SMTP id t9-v6mr1904404plz.109.1525412164222; Thu, 03 May 2018 22:36:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525412164; cv=none; d=google.com; s=arc-20160816; b=cn7zZDmVvo13omtDHT8H1Pp9nzuDi8ZSiZOItzrEhgJIlAeA7HQDxSshJH0hpTNx7+ 1jClxXa3qPY3bD1nVXL5JXuSlNNP4Fq6elRWvejbQHfO3xjaRcuL4t+PqFLYCShRPmmS aiR2FCzppjVDpcLS3aZegjO/WEy9Jb/ISEPg4fD4UTRkqc/4HXecjPakuFXpUFrIhK1c 2TnDSI3JLdDuSkfFIoJWRIs99nRn9YJppytSFFLozeY0DEA9Mwwot0fgQ5oBoXcglzap Rd9XpfGbKD+JHVE+fxf1GU67FBSrFPQCcKR8cxqJjPxubH/jjB2GYbxDRxNECr/Ep8ti 4agg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=Ay4n2r8RqXBCFeKcVYUF0b793bZp4uvYk1b0UInDLnA=; b=cdebXcthJpmhJ3DL1gEAqU5xgfb2n5jDn1KBwo13rxRK0a4hGkmWXcwQ9rguP717mu Oj4hHyWGo/re4KOJ1OA5bjvsGJdzM8F0Wbu5Squ7WGJFPR9VjlLPgsH4Dsi2GrYLGBaC lBpfKLGIEUoByMeD09kzeyvU5rap/Z8OWFhTIFo0XjaEcwHNQgAly4AIbokegoYd5Dd2 aaLWElchx0yq7tERHwQgPHra3ZaYAHzdIO48JzGHVbyfM0M8WaJY+ldorgQbj9sDthL9 oCgDSo/qyWCs2KRuXkGi+fbvsGk1gDoMNLlwirvHT448kdE4NK8K5mjkoNqx1fXAItre cBSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@umn.edu header.s=20160920 header.b=HU2EyU1i; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umn.edu Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x3-v6si13001661plo.303.2018.05.03.22.35.49; Thu, 03 May 2018 22:36:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@umn.edu header.s=20160920 header.b=HU2EyU1i; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umn.edu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751107AbeEDFe2 (ORCPT + 99 others); Fri, 4 May 2018 01:34:28 -0400 Received: from mta-p3.oit.umn.edu ([134.84.196.203]:57506 "EHLO mta-p3.oit.umn.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750707AbeEDFe1 (ORCPT ); Fri, 4 May 2018 01:34:27 -0400 Received: from localhost (localhost [127.0.0.1]) by mta-p3.oit.umn.edu (Postfix) with ESMTP id 33F116B4 for ; Fri, 4 May 2018 05:34:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umn.edu; h= content-type:content-type:subject:subject:message-id:date:date :from:from:references:in-reply-to:received:mime-version:received :received:received; s=20160920; t=1525412067; x=1527226468; bh=d MXJKh6kHnEeBcTPTLy9QmP9W8yvySRtSrH6jB6MkZw=; b=HU2EyU1i8X9oDafqF o3VwO4jTwAA5tct/kDPTLdGT46sMKlEOno+mv2zSSbJOUEspop4YweeXIQNZNUy9 7psS6aqASfeZCXw9oaleSQ61yABZuO2u5JfwiUjEXQ44MPlGUYEnMHSOFsKgxLpu IvEeVS+2t0DHZhbcemePAyUCd+6yOPUZiCsj3E00JZKx9hxFo87dZLq1EULSHW2C LhpTstjGMVrCU3X0mak04x571fl32hfKJr4NfKOdYFi0Lx5dXoU2G4gpB2aRqOZ7 BwEuWqEk654DgxKNwZRCvk9QuiIa/eov6Ghehp1T+mYyfH4tHTnTcyHw0z/qIn/z yxWvA== X-Virus-Scanned: amavisd-new at umn.edu Received: from mta-p3.oit.umn.edu ([127.0.0.1]) by localhost (mta-p3.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ypdGhoS1WtZJ for ; Fri, 4 May 2018 00:34:27 -0500 (CDT) Received: from mail-it0-f48.google.com (mail-it0-f48.google.com [209.85.214.48]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: wang6495) by mta-p3.oit.umn.edu (Postfix) with ESMTPSA id 07759596 for ; Fri, 4 May 2018 00:34:27 -0500 (CDT) Received: by mail-it0-f48.google.com with SMTP id q4-v6so2044626ite.3 for ; Thu, 03 May 2018 22:34:27 -0700 (PDT) X-Gm-Message-State: ALQs6tALk1gGQqSgwn64QxtRthrtpbdzX8sk4gCyzNFCKVl7DNLvEAxh PJfNLaMga3mXhXNHWZGfbOESmzZ2gV2WtPIDfwc= X-Received: by 2002:a24:ed43:: with SMTP id r64-v6mr924236ith.85.1525412066809; Thu, 03 May 2018 22:34:26 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a4f:6f07:0:0:0:0:0 with HTTP; Thu, 3 May 2018 22:33:46 -0700 (PDT) In-Reply-To: <20180504052731.jkwhs4h4fuia3pft@mwanda> References: <1525128971-8946-1-git-send-email-wang6495@umn.edu> <20180501084621.jfxrm3qoqfmftnxh@mwanda> <20180504052731.jkwhs4h4fuia3pft@mwanda> From: Wenwen Wang Date: Fri, 4 May 2018 00:33:46 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] staging: lustre: llite: fix potential missing-check bug when copying lumv To: Dan Carpenter Cc: "open list:STAGING SUBSYSTEM" , Aastha Gupta , Roman Storozhenko , Andreas Dilger , Jeff Layton , Greg Kroah-Hartman , Kangjie Lu , NeilBrown , open list , Oleg Drokin , "moderated list:STAGING - LUSTRE PARALLEL FILESYSTEM" , Wenwen Wang Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 4, 2018 at 12:27 AM, Dan Carpenter wrote: > There is no security problem here. The user is allowed to choose either > v1 or v3. Using a double read race condition to choose v1 is not > going to cause problems. It's slightly more complicated than just > choosing it directly but that doesn't make it a security issue. > > It's a bit like typing with your feet in that just because using your > toes instead of your fingergs is more complicated, it doesn't make it a > security issue. > > regards, > dan carpenter > Thanks again for your comment, Dan! I revised the commit message and removed the security risk: However, given that the user data resides in the user space, a malicious user-space process can race to change the data between the two copies. By doing so, the user can provide a data with an inconsistent version, e.g., v1 version + v3 data. To improve code readability and make static analysis tools happy, which will warn about read-verify-re-read type bugs, this issue should be fixed. Thanks, Wenwen