Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp3000621lqz; Wed, 3 Apr 2024 15:11:54 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU1cZzTX1Uvy69tLzGf4ufC8FjjGKwjlEZLRaBUnvP2cqO974yD1VUhhcFUz52fXyNeuNw7PEuBHcvaEM/w4vOMqfQW0KVkg8dR0lrNYA== X-Google-Smtp-Source: AGHT+IHLrdv61YS0tnSM0tidekK57FX0z4OKUUqjVVvALZz6TuHkoY8RCEbmyJMywrFeSaVCcOTT X-Received: by 2002:a17:902:c402:b0:1dd:c953:cfa0 with SMTP id k2-20020a170902c40200b001ddc953cfa0mr814968plk.48.1712182314651; Wed, 03 Apr 2024 15:11:54 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712182314; cv=pass; d=google.com; s=arc-20160816; b=M39ecqhecQ7Wc3BtFWKpeJ5YWWJ5n+OOUKF1fcYcUXcFxhwrPE/aGYM2ht9AqfnCy4 DZAHQCtbxervxmCKZnxbWgF7Rd9gFnnD7wV/Wt4HO9JwqvD8TZQ21G/+Re24e6yTJdLH 81gIF1kCXfIpsSRZCF0oUjPB2tuh0ctYqN3sQATcCGck4aeczqdwPTSRRR74tf6BDVzG XICkgVMYtKR8rq01cLRekthWx4K8Q7iyWBoZM4vI/YzFXSop9TmC2onwlRPJQMF1YK/C a+4km//OILIKSTnjHJAXmX7OEsL9wx/JM9rbC54JXvEG0G0lbwNfEAcgDepvzaR9ZWqc aMPg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=WWVro7cWydSO/uOEVxaGOi3jrLoa0beeMTA3tm6Z6pg=; fh=XiTI020eOYgEAr1lG1ZGeVePJgcSxKAcL1CtAO61+zI=; b=Ty+f/Nn7mVHBHuzidOGna3vFKwVuWA4LNM5i2RnJklDVfQnss5ESAstxzP5DAWbxP7 /DNpOZ2xLnLKKA2KNzT4n5xUomNocbq//JFyl9uLWeLSTEo9yO5GdK6qUYbbCSjTTkbL zAagTVUFwaE9yUng62hJi+Gs1sRY+ykgz/hg3/XbvwROjwlRwwWJCQHiRXIjuZ6uLy6h u7lkaCqiXlXy5b1289tmQ8eNSGIaiiY6gi0XyeA6dfFdeU1Ys3WYRuZwtcEKZRseW6hV jVsFFMXDgQyQb8/6dF2/xl7wu2kIIUxH4X4xekIsnilT024rDHhVM6MmktviRpT+yxUF Z98A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=fail header.i=@embeddedor.com header.s=default header.b="d2Imvi/b"; arc=pass (i=1 spf=pass spfdomain=embeddedor.com dkim=pass dkdomain=embeddedor.com); spf=pass (google.com: domain of linux-nfs+bounces-2633-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-nfs+bounces-2633-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id u6-20020a17090341c600b001e0d0c9ed83si14436731ple.279.2024.04.03.15.11.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Apr 2024 15:11:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs+bounces-2633-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=fail header.i=@embeddedor.com header.s=default header.b="d2Imvi/b"; arc=pass (i=1 spf=pass spfdomain=embeddedor.com dkim=pass dkdomain=embeddedor.com); spf=pass (google.com: domain of linux-nfs+bounces-2633-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-nfs+bounces-2633-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 632A728B956 for ; Wed, 3 Apr 2024 22:11:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3AE04138494; Wed, 3 Apr 2024 22:11:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=embeddedor.com header.i=@embeddedor.com header.b="d2Imvi/b" X-Original-To: linux-nfs@vger.kernel.org Received: from omta034.useast.a.cloudfilter.net (omta034.useast.a.cloudfilter.net [44.202.169.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACD89156987 for ; Wed, 3 Apr 2024 22:11:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=44.202.169.33 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712182303; cv=none; b=ksv9m8sidTKkdlyuZ3RL+edEBc/CVS7DTkq2cpbcHzRYKaXddDRQFPmZRSsxZMPn5PP3Qi/7DhxLig0LnHOYF23SV5HembnJuZGVSpkJNoP8mMhl6TTjOMvT/M4HKTzU+10bEcbAtdKrEovIW8OX/2t3y4uCMJ9O7XKeA1IimG8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712182303; c=relaxed/simple; bh=WIB6N0+ro9wwJRgZrFb3cmseapPM8ZIsPFiWTTuerxs=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=bNll+uwI3LRi9MTZ+63l0tsBtxhAKwlBdDOn/cjLUqoQN4aW0ApKhQYoMc9D8ISlm3gxb1haqAKOK6ESOog1DUZbxTjXt/awWh7+nSdQQgft+UBa78ZYUC7hOk6/dCpC2dXS4JEyr84+8Zc9Zbp03BP8nFR66n44dKkh8aFl8dE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=embeddedor.com; spf=pass smtp.mailfrom=embeddedor.com; dkim=pass (2048-bit key) header.d=embeddedor.com header.i=@embeddedor.com header.b=d2Imvi/b; arc=none smtp.client-ip=44.202.169.33 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=embeddedor.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=embeddedor.com Received: from eig-obgw-6006a.ext.cloudfilter.net ([10.0.30.182]) by cmsmtp with ESMTPS id rsjvr9SOus4yTs8pRrNKrB; Wed, 03 Apr 2024 22:11:33 +0000 Received: from gator4166.hostgator.com ([108.167.133.22]) by cmsmtp with ESMTPS id s8pQrPpNLEKyls8pQrvWPA; Wed, 03 Apr 2024 22:11:33 +0000 X-Authority-Analysis: v=2.4 cv=Bombw5X5 c=1 sm=1 tr=0 ts=660dd415 a=1YbLdUo/zbTtOZ3uB5T3HA==:117 a=4VnFru8p6tJF5H7f7NqpSA==:17 a=IkcTkHD0fZMA:10 a=raytVjVEu-sA:10 a=wYkD_t78qR0A:10 a=cm27Pg_UAAAA:8 a=VwQbUJbxAAAA:8 a=drOt6m5kAAAA:8 a=yPCof4ZbAAAA:8 a=pGLkceISAAAA:8 a=jdHS4qDDNQt1OS4QkXsA:9 a=QEXdDO2ut3YA:10 a=xmb-EsYY8bH0VWELuYED:22 a=AjGcO6oz07-iQ99wixmX:22 a=RMMjzBEyIzXRtoq5n5K6:22 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=embeddedor.com; s=default; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=WWVro7cWydSO/uOEVxaGOi3jrLoa0beeMTA3tm6Z6pg=; b=d2Imvi/bmi7TayGjpxTc9DFtEN EafRKSpi8ipQCngDq1nOFjts1a3KKiKH1BAwLu9Hdb7Xlq3u4BEM3qdlOnljHFhWwU1p/VhHsGg87 K4hOpZ3FIfZTzWVdD9L8L0NAbTgQwhXVXvmM1hurvUXClBUXWgO76YcM5v+tGooBKgIg1UE+l8Ykr 10bO0N/eYyvjAfhJqxM+XBuoUsFTvEB5j030dv35MkP7oS5Hm8F50DiuDhQd3uD6giaHCMtehHCN7 BIs+qFl5Yx9HJbr29WpIdlE1e7NWmFrtcQ5b3A3QGg+pyf9vxlEV+pKBLqJm9lmrTE8tziaYnhg6A JFvYB/FA==; Received: from [187.184.159.122] (port=22874 helo=[192.168.0.27]) by gator4166.hostgator.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96.2) (envelope-from ) id 1rs8pP-002b0h-2c; Wed, 03 Apr 2024 17:11:31 -0500 Message-ID: <01167882-2e6c-4504-8c9e-825ecd268411@embeddedor.com> Date: Wed, 3 Apr 2024 16:11:22 -0600 Precedence: bulk X-Mailing-List: linux-nfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle To: Kees Cook , Christian Brauner Cc: "Gustavo A. R. Silva" , Alexander Viro , Jan Kara , Chuck Lever , Jeff Layton , Amir Goldstein , linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org References: <20240403215358.work.365-kees@kernel.org> Content-Language: en-US From: "Gustavo A. R. Silva" In-Reply-To: <20240403215358.work.365-kees@kernel.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator4166.hostgator.com X-AntiAbuse: Original Domain - vger.kernel.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - embeddedor.com X-BWhitelist: no X-Source-IP: 187.184.159.122 X-Source-L: No X-Exim-ID: 1rs8pP-002b0h-2c X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: ([192.168.0.27]) [187.184.159.122]:22874 X-Source-Auth: gustavo@embeddedor.com X-Email-Count: 3 X-Org: HG=hgshared;ORG=hostgator; X-Source-Cap: Z3V6aWRpbmU7Z3V6aWRpbmU7Z2F0b3I0MTY2Lmhvc3RnYXRvci5jb20= X-Local-Domain: yes X-CMAE-Envelope: MS4xfDTQdipf18cQHs43XsswBhylC1/xNK8OGTtS+IfflXxyouxxd53U3MCDmLD3TC4GmbjkPBl0QXtagyAk8RUJVagPMjuJ47joij6p1H6+Tkxya283Lxni TBU5CvIGK1dvcjyYVpUP92ncmjARvxzq6VvgROA+GsstKfiaC/a0pMcvseMkUYnhNRqxxqJjGr/O8e4PIckZqZ8Yqw7cfQAdvOU= On 03/04/24 15:54, Kees Cook wrote: > With adding __counted_by(handle_bytes) to struct file_handle, we need > to explicitly set it in the one place it wasn't yet happening prior to > accessing the flex array "f_handle". Yes, which (access to `f_handle`) happens here: 48 retval = exportfs_encode_fh(path->dentry, 49 (struct fid *)handle->f_handle, 50 &handle_dwords, fh_flags); > > Fixes: 1b43c4629756 ("fs: Annotate struct file_handle with __counted_by() and use struct_size()") > Signed-off-by: Kees Cook Reviewed-by: Gustavo A. R. Silva Thanks for catching this! -- Gustavo > --- > Cc: Christian Brauner > Cc: "Gustavo A. R. Silva" > Cc: Alexander Viro > Cc: Jan Kara > Cc: Chuck Lever > Cc: Jeff Layton > Cc: Amir Goldstein > Cc: linux-fsdevel@vger.kernel.org > Cc: linux-nfs@vger.kernel.org > Cc: linux-hardening@vger.kernel.org > --- > fs/fhandle.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/fs/fhandle.c b/fs/fhandle.c > index 53ed54711cd2..08ec2340dd22 100644 > --- a/fs/fhandle.c > +++ b/fs/fhandle.c > @@ -40,6 +40,7 @@ static long do_sys_name_to_handle(const struct path *path, > GFP_KERNEL); > if (!handle) > return -ENOMEM; > + handle->handle_bytes = f_handle.handle_bytes; > > /* convert handle size to multiple of sizeof(u32) */ > handle_dwords = f_handle.handle_bytes >> 2;