lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 18 Jul 2013 14:57:11 -0600
From:	Andreas Dilger <adilger@...ger.ca>
To:	Al Viro <viro@...IV.linux.org.uk>
Cc:	Nathan Rutman <nathan_rutman@...atex.com>,
	Peng Tao <bergwolf@...il.com>,
	"Dilger, Andreas" <andreas.dilger@...el.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: Re: [lustre mess] is mgc_fs_setup() reachable at all?

On 2013-07-18, at 1:07 PM, Al Viro wrote:
> On Thu, Jul 18, 2013 at 11:40:16AM -0700, Nathan Rutman wrote:
>>>>               }
>>>>               RETURN(rc);
>>>>       }
>>>> What is going on here?  We cast something to struct super_block *?
>>>> Where does it come from?  The function it's in is
>> Well, addressing the "what's going on" question without getting
>> into the larger philosophy, keys and values are used as a generic mechanism to pass various items between Lustre clients and servers.
>> In this case, a specific key should only have a value of "a
>> superblock", and so this is just a sanity check to make sure the
>> value length is sane.  It should probably be more of an ASSERT,
>> but we can't reasonably assert on remotely-supplied data.
> 
> What?  Excuse me, but have you seriously been intending to pass
> struct super_block instances around?  Ones that are choke-full of
> pointers to all kinds of things, not to mention a mutex, spinlock,
> etc.?

The set_info() code is also used between modules on the same node.
I don't make any excuses for the cleanliness of this code, which is
why it is in staging and will take time to clean up before even
attempting to get it into fs/.  I apologize that you even had to
look at this code - definitely a twisty maze that needs cleaning.

> _THAT_ was going to be a remotely supplied data?  I really hope I've
> misparsed what you said above...
> 
> And that still leaves the question about the code path that could
> lead to execution of mgc_fs_setup().

The KEY_SET_FS is only used in the server code, not on the client.
The MGC code is shared between client and server to mount the
filesystem and fetch the cluster configuration from the management
server.  In the case of a server mount, it also has to mount the
underlying block device, which isn't true on the client, so this
code is indeed unused.

Cheers, Andreas





--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists