Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1009515imm; Fri, 15 Jun 2018 09:41:48 -0700 (PDT) X-Google-Smtp-Source: ADUXVKK+BSUVzkkjRj84Sww1hvrhZx5CeOpg8qYc0RLsCuxjdrP8FZQ0hlErLpovpjxM3W9izWl2 X-Received: by 2002:a17:902:7888:: with SMTP id q8-v6mr2894924pll.79.1529080908697; Fri, 15 Jun 2018 09:41:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529080908; cv=none; d=google.com; s=arc-20160816; b=BhnKTPneGX5aOmGSHjYSsluKp9CO/5LjSRbmOEZ+Y7iV7mNsEWokyfH4uyHnMhVNGY qikAG1+cCSdYLWT0DfqOlVRIN3pOiUdjTwgVr6zSKKjkYOtPSvddgQL4+OGmo/KvaZ9B RGMdgP4ihAh222heq+m+hPgZDz8MNs04BBzNremVU/KCqMuhsyhKiSqj8laVwJtF3Qh0 L/HIEWh6na7TUQVOObJnzJnO2KcJKKmnjLGjFELAwrTxX7ojiQpG9lKqCA8gfxISTmBf +kzO27y9o35m0yxEZW7OFf0zk4ivUTgh1q/aKf1zb5NqHkkJOCgp2iVxXjbeR/dWTY+k cAdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=jgzyC9gyu9ayUZfFi18pxiUcec4Sx9uTf40DnYu7nac=; b=S79em5pujipDrd7Q+2jDj+WRWj9ANC9Di+MBF1Yqwg+6I4cKIzPDkTnZMt0uOOfr7n Qo7vBZ5xDnbNUrVTMBNvSeaz8CNOqIucJlUfclk0AvkhIZxU35ZXJAFUcApBzpd+ccd2 VubSGG6Dsso3Y8zxf3zkMN2CTWMdyVxYKKb+cPfwzSQqZXTkRbGVJHnAKEauix0dmagr 6eiK9TllCM8nsvij4iZyeQ9Qmi1qd4VdeC7FLpjTo2xD1oAP+93dlKGCrx2Vdi0Iog74 0XuBPmxJextws3arIS60KFyot9OKK/HpMfO6DT84VhWXE7Nf3DzwgE+wjeRiL4PZUSsm Qi1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q4-v6si8156135plb.312.2018.06.15.09.41.34; Fri, 15 Jun 2018 09:41:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966137AbeFOQkV (ORCPT + 99 others); Fri, 15 Jun 2018 12:40:21 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:39802 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S966019AbeFOQkU (ORCPT ); Fri, 15 Jun 2018 12:40:20 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.87 #1 (Red Hat Linux)) id 1fTrlh-0005lr-MX; Fri, 15 Jun 2018 16:40:09 +0000 Date: Fri, 15 Jun 2018 17:40:09 +0100 From: Al Viro To: Jann Horn Cc: Jens Axboe , FUJITA Tomonori , Doug Gilbert , "James E.J. Bottomley" , "Martin K. Petersen" , linux-block@vger.kernel.org, linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, security@kernel.org Subject: Re: [PATCH] sg, bsg: mitigate read/write abuse, block uaccess in release Message-ID: <20180615164009.GD30522@ZenIV.linux.org.uk> References: <20180615152335.208202-1-jannh@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180615152335.208202-1-jannh@google.com> User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 15, 2018 at 05:23:35PM +0200, Jann Horn wrote: > I've mostly copypasted ib_safe_file_access() over as > scsi_safe_file_access() because I couldn't find a good common header - > please tell me if you know a better way. > The duplicate pr_err_once() calls are so that each of them fires once; > otherwise, this would probably have to be a macro. > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Cc: > Signed-off-by: Jann Horn > --- WTF do you mean, in ->release()? That makes no sense whatsoever - what kind of copy_{to,from}_user() would be possible in there?